ABSTRACT
Offline electronic cash is a new and well-acknowledged type of e-cash scheme that can release the bank from participating in every spending protocol. However, it is still an unsolved problem to design a secure and efficient fair offline e-cash scheme. Considering this problem, in this paper, we have proposed a fair offline electronic cash scheme with multiple banks in pairing-based instantiation. We adopt Groth–Sahai non-interactive zero-knowledge proof technology in our scheme, to design non-interactive e-cash transactions. Additionally, inspired by Water’s group signature, our solution supports not only multiple users, but also users with accounts in different banks. Moreover, our scheme has efficient double-spending checking and a fair control mechanism. We have formally defined the security properties of the scheme in a standard model, and provided the detailed security proofs of the security properties concerning chosen ciphertext attack (CCA) anonymity, unforgeability and traceability. Analysis and comparison show that our scheme has advantages both in security and in efficiency.
Nomenclature
k | = | The secure parameter |
CB/LB | = | Central bank/local bank |
U | = | User |
C/M | = | Customer/merchant |
pk | = | The public key used to verify e-cash |
msk | = | The master secret key |
skO | = | The opening key |
PPT | = | Pseudo-polynomial time |
= | A bilinear pairing | |
= | A bilinear mapping ; | |
= | The related value at registry table entry i | |
HU | = | Honest users |
CU | = | Corrupted users |
Disclosure statement
The authors reported no potential conflict of interest.