### Transferable E-cash: A Cleaner Model and the First Practical Instantiation

Balthazar Bauer, Georg Fuchsbauer, and Chen Qian

##### Abstract

Transferable e-cash is the most faithful digital analog of physical cash, as it allows users to transfer coins between them in isolation, that is, without interacting with a bank or a “ledger”. Appropriate protection of user privacy and, at the same time, providing means to trace fraudulent behavior (double-spending of coins) have made instantiating the concept notoriously hard. Baldimtsi et al. (PKC'15) gave a first instantiation, but, as it relies on a powerful cryptographic primitive, the scheme is not practical. We also point out a flaw in their scheme. In this paper we revisit the model for transferable e-cash and propose simpler yet stronger security definitions. We then provide the first concrete construction, based on bilinear groups, give rigorous proofs that it satisfies our model, and analyze its efficiency in detail.

Available format(s)
Category
Cryptographic protocols
Publication info
Preprint. MINOR revision.
Keywords
transferableoffline e-cashstrong anonymity
Contact author(s)
balthazar bauer @ ens fr
georg fuchsbauer @ tuwien ac at
History
2020-11-15: revised
See all versions
Short URL
https://ia.cr/2020/1400

CC BY

BibTeX

@misc{cryptoeprint:2020/1400,
author = {Balthazar Bauer and Georg Fuchsbauer and Chen Qian},
title = {Transferable E-cash: A Cleaner Model and the First Practical Instantiation},
howpublished = {Cryptology ePrint Archive, Paper 2020/1400},
year = {2020},
note = {\url{https://eprint.iacr.org/2020/1400}},
url = {https://eprint.iacr.org/2020/1400}
}

Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.