#### Paper 2014/785

Sébastien Canard, David Pointcheval, Olivier Sanders, and Jacques Traoré

##### Abstract

Divisible E-cash systems allow users to withdraw a unique coin of value $2^n$ from a bank, but then to spend it in several times to distinct merchants. In such a system, whereas users want anonymity of their transactions, the bank wants to prevent, or at least detect, double-spending, and trace the defrauders. While this primitive was introduced two decades ago, quite a few (really) anonymous constructions have been introduced. In addition, all but one were just proven secure in the random oracle model, but still with either weak security models or quite complex settings and thus costly constructions. The unique proposal, secure in the standard model, appeared recently and is unpractical. As evidence, the authors left the construction of an efficient scheme secure in this model as an open problem.

Note: Minor revisions - Full version of the PKC extended abstract

Available format(s)
Category
Public-key cryptography
Publication info
A major revision of an IACR publication in PKC 2015
Keywords
Divisible E-cashUntraceabilityAnonymity.
Contact author(s)
olivier sanders @ orange com
History
2015-03-23: last of 2 revisions
See all versions
Short URL
https://ia.cr/2014/785

CC BY

BibTeX

@misc{cryptoeprint:2014/785,
author = {Sébastien Canard and David Pointcheval and Olivier Sanders and Jacques Traoré},
title = {Divisible E-Cash Made Practical},
howpublished = {Cryptology ePrint Archive, Paper 2014/785},
year = {2014},
note = {\url{https://eprint.iacr.org/2014/785}},
url = {https://eprint.iacr.org/2014/785}
}

Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.