Electronic Commerce Research

, Volume 19, Issue 1, pp 81–110 | Cite as

Off-line digital cash schemes providing untraceability, anonymity and change

  • Lynn BattenEmail author
  • Xun Yi


Several ecash systems have been proposed in the last twenty years or so, each offering features similar to real cash. One feature which to date has not been provided is that of a payee giving change to a payer for an e-coin in an off-line setting. In this paper, we indicate how an off-line ecash system can solve the change-giving problem. In addition, our protocol offers the usual expected features of anonymity and unlinkability of the payer, but can reveal the identity of an individual who illegally tries to spend ecash twice.


Digital money Group blind signature Double spending 



The authors would like to thank Professor Yuliang Zheng for his valuable comments on the double discrete logarithm problem and Ms. Kalpana Singh for her comments on parts of earlier versions of this paper, and for her assistance in assembling Table 2.


  1. 1.
    Antoniou, G., & Batten, L. M. (2011). E-commerce: protecting purchaser privacy to enforce trust. Journal of Electronic Commerce Research, 11, 421–456.CrossRefGoogle Scholar
  2. 2.
    Au, M., Susilo, W., & Mu, Y. (2010). Proof-of-knowledge of representation of committed value and its applications. LNCS, 6168, 352–369.Google Scholar
  3. 3.
    Brands, S. (1993). Untraceable off-line cash in wallet with observers. In Annual international cryptology conference (pp. 3020–318). Berlin, Heidelberg: Springer.Google Scholar
  4. 4.
    Brands, S. (1991). An efficient off-line electronic cash system based on representation problem, C.W.I. Technical Report CS-T9323, The Netherlands.Google Scholar
  5. 5.
    Camenisch, J., & Stadler, M. (1997). Efficient group signature schemes for large groups (extended abstract). In Proceedings of Crypto’97.Google Scholar
  6. 6.
    Canard, S., & Gouget, A. (2010). Multiple denominations in ecash with compact transaction data. LNCS, 6052, 82–97.Google Scholar
  7. 7.
    Chaum, D. (1983). Blind signatures for untraceable payments. In Advances in cryptology (pp. 199–203). US: Springer.Google Scholar
  8. 8.
    Chaum, D. (1985). Security without identification: Transaction systems to make big brother obsolete. Communications of the ACM, 28(10), 1030–1044.CrossRefGoogle Scholar
  9. 9.
    Chaum, D., Fiat, A., & Naor, M. (1988). Untraceable electronic cash. In Conference on the theory and application of cryptography (pp. 319–327). New York, NY: Springer.Google Scholar
  10. 10.
    Chaum, D., den Boer, B., van Heijst, E., Mjolsnes, S., & Steenbeen, A. (1989). Efficient off-line electronic checks. In Workshop on the theory and application of of cryptographic techniques, (pp. 294–301). Berlin, Heidelberg: Springer.Google Scholar
  11. 11.
    Eng, T., & Okamoto, T. (1994). Single-term divisible electronic coins. In Workshop on the theory and application of cryptographic techniques (pp. 311–323). Berlin, Heidelberg: Springer.Google Scholar
  12. 12.
    Eslami, Z., & Talebi, M. (2011). A new untraceable off-line cash system. Electronic Commerce Research and Applications, 10, 59–99.CrossRefGoogle Scholar
  13. 13.
    Everaere, P., Simplot-Ryl, I., & Traore, I. (2011). Double spending protection for ecash based on risk management. LNCS, 6531, 394–408.Google Scholar
  14. 14.
    Fiat, A., & Shamir, A. (1987). How to prove yourself: Practical solutions to identification and signature problem. In Lecture notes in computer science 263, Advanced in cryptology: Proceedings of Crypto’86, Aug. 11–15, 1986 (pp. 186–194). SpringerGoogle Scholar
  15. 15.
    Franklin, M., & Yung, M. (1993). Secure and efficient off-line digital money. In Automata, languages and programming (pp. 265–276). Springer.Google Scholar
  16. 16.
    Ghadafi, E. Efficient round-optimal blind signatures in the standard model. Eprint (This is the full version of the extended abstract which appears in Proceedings of Financial Cryptography and Data Security 2017.)Google Scholar
  17. 17.
    Juang, W.-S. (2010). RO-Cash: An efficient and practical recoverable pre-paid offline ecash scheme using bilinear pairings. The Journal of Systems and Software, 83, 638–645.CrossRefGoogle Scholar
  18. 18.
    Kane, A. M. (2008). On the use of continued fractions for electronic cash. International Journal of Computer Science and Security, 4, 136–148.Google Scholar
  19. 19.
    Nakamoto, S. (2008). Bitcoin: A peer-to-peer electronic cash system.
  20. 20.
    Okamoto, T., & Ohta, K. (1991). Universal electronic cash. In Annual international cryptology conference (pp. 324–337). Berlin, Heidelberg: Springer.Google Scholar
  21. 21.
    Okamoto, T. (1995). An efficient divisible electronic cash schemes. In Crypto (Vol. 95, pp. 438–451). Springer.Google Scholar
  22. 22.
    Patton, M. A., & Josang, A. (2004). Technologies for trust in electronic commerce. Journal of Electronic Commerce Research, 4, 9–21.CrossRefGoogle Scholar
  23. 23.
    Ramzan, Z. A. (1999). Group blind digital signatures: Theory and applications. Ph.D. Thesis, MIT.Google Scholar
  24. 24.
    Rennhard, M., Rafaeli, S., Mathy, L., Plattner, B., & Hutchison, D. (2004). Towards pseudonymous e-commerce. Journal of Electronic Commerce Research, 4, 83–111.CrossRefGoogle Scholar
  25. 25.
    Scheir, M., Balasch, J., Rial, A., Preneel, B., & Verbauwhede, I. (2015). Anonymous split e-cash—Toward mobile anonymous payments. ACM Transactions on Embedded Computing Systems (TECS), 14(4), 85.CrossRefGoogle Scholar
  26. 26.
    Schoenmakers, B. (1995). An efficient electronic payment system withstanding parallel attacks. CWI Report CS-R9522.Google Scholar
  27. 27.
    Schnorr, C. P. (1989). Efficient identification and signatures for smart cards. In Proceedings of Crypto ’89, (pp. 239–252).Google Scholar
  28. 28.
    Solat, S. (2017). Security of electronic payment systems: A comprehensive survey. arXiv:1701.04556.Google Scholar
  29. 29.
    Tan, Z. (2011). An off-line electronic cash scheme based on proxy blind signature. The Computer Journal, 54, 505–512.CrossRefGoogle Scholar
  30. 30.
    Tewari, H., & Hughes, A. (2016). Fully anonymous transferable Ecash. IACR cryptology ePrint Archive, 107.Google Scholar
  31. 31.
  32. 32.
    U.S. Department of Commerce, National Institute of Standards and Technology. (1991). A proposed federal information processing standard for digital signature standard (DSS). Federal Register.Google Scholar
  33. 33.
    Zhou, F., Li, Y., Zhou, Q., Miao, J., & Xu, J. (2016). The electronic cash system based on non-interactive zero-knowledge proofs. International Journal of Computer Mathematics, 93(2), 239–257.CrossRefGoogle Scholar

Copyright information

© Springer Science+Business Media, LLC, part of Springer Nature 2018

Authors and Affiliations

  1. 1.School of Information TechnologyDeakin UniversityGeelongAustralia
  2. 2.School of Computer Science and Software EngineeringRMIT UniversityMelbourneAustralia

Personalised recommendations