Paper 2005/439

A note on the n-spendable extension of Ferguson's single-term off-line coins

T. C. Lam

Abstract

We show that an adversary can over-spend a coin n(n+1)! times without being detected and identified in the n-spendable extension of Ferguson's single-term off-line coin, simply by permuting the witness messages in the three-move zero-knowledge proof payment protocol. We repair the detection scheme by adding a simple verification rule in the payment protocol. We repair the identification scheme by restricting the identity format.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. Unknown where it was published
Keywords
cryptanalysiselectronic commerce and payment
Contact author(s)
brianlam @ tamu edu
History
2005-12-07: received
Short URL
https://ia.cr/2005/439
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2005/439,
      author = {T.  C.  Lam},
      title = {A note on the n-spendable extension of Ferguson's single-term off-line coins},
      howpublished = {Cryptology {ePrint} Archive, Paper 2005/439},
      year = {2005},
      url = {https://eprint.iacr.org/2005/439}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.