Paper 2016/494

AEP-M: Practical Anonymous E-Payment for Mobile Devices using ARM TrustZone and Divisible E-Cash (Full Version)

Bo Yang, Kang Yang, Zhenfeng Zhang, Yu Qin, and Dengguo Feng


Electronic payment (e-payment) has been widely applied to electronic commerce and has especially attracted a large number of mobile users. However, current solutions often focus on protecting users' money security without concerning the issue of users' privacy leakage. In this paper, we propose AEP-M, a practical anonymous e-payment scheme specifically designed for mobile devices using TrustZone. On account of the limited resources on mobile devices and time constraints of electronic transactions, we construct our scheme based on efficient divisible e-cash system. Precisely, AEP-M allows users to withdraw a large coin of value $2^{n}$ at once, and then spend it in several times by dividing it without revealing users' identities to others, including banks and merchants. Users' payments cannot be linked either. AEP-M utilizes bit-decomposition technique and pre-computation to further increase the flexibility and efficiency of spending phase for mobile users. As a consequence, the frequent online spending process just needs at most $n$ exponentiations on elliptic curve on mobile devices. Moreover, we elaborately adapt AEP-M to TrustZone architecture for the sake of protecting users' money and critical data. The methods about key derivation and sensitive data management relying on a root of trust from SRAM Physical Unclonable Function (PUF) are presented. We implement a prototype system and evaluate AEP-M using Barreto-Naehrig (BN) curve with 128-bit security level. The security analysis and experimental results indicate that our scheme could meet the practical requirement of mobile users in respects of security and efficiency.

Available format(s)
Cryptographic protocols
Publication info
Published elsewhere. Major revision. The 19th Information Security Conference (ISC 2016)
E-PaymentPrivacyMobile DevicesTrustZoneDivisible E-CashPUF
Contact author(s)
yangbo @ tca iscas ac cn
2016-05-22: received
Short URL
Creative Commons Attribution


      author = {Bo Yang and Kang Yang and Zhenfeng Zhang and Yu Qin and Dengguo Feng},
      title = {AEP-M: Practical Anonymous E-Payment for Mobile Devices using ARM TrustZone and Divisible E-Cash (Full Version)},
      howpublished = {Cryptology ePrint Archive, Paper 2016/494},
      year = {2016},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.