Disposable Zero-Knowledge Authentications and Their Applications to Untraceable Electronic Cash

  • Tatsuaki Okamoto
  • Kazuo Ohta
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 435)


In this paper, we propose a new type of authentication system, disposable zero-knowledge authentication system. Informally speaking, in this authentication system, double usage of the same authentication is prevented. Based on these disposable zero-knowledge authentication systems, we propose a new untraceable electronic cash scheme satisfying both untraceability and unreusablity. This scheme overcomes the problems of the previous scheme proposed by Chaum, Fiat and Naor through its greater efficiency and provable security under reasonable cryptographic assumptions. We also propose a scheme, transferable untraceable electronic cash scheme, satisfying transferability as well as the above two criteria, whose properties have not been previously proposed in any other scheme. Moreover, we also propose a new type of electronic cash, untraceable electronic coupon ticket, in which the value of one piece of the electronic cash can be subdivided into many pieces.


Interactive Proof Negligible Probability Overwhelming Probability Digital Signature Scheme Electronic Cash 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. [B]
    J.C. Benaloh, “Cryptographic capsules: A disjunctive promitive for interactive protocols,” The Proc. of Crypto’86, pp.213–222 (1986)Google Scholar
  2. [BC]
    G. Brassard and C. Cr’epeau, “Non-Transitive Transfer of Confidence: A perfect Zero-Knowledge Interactive Protocol for SAT and Beyond,” The Proc. of FOCS’86, pp.188–195 (1986)Google Scholar
  3. [BCC]
    G. Brassard, D. Chaum, and C. Crépeau, “Minimum Disclosure Proofs of Knowledge,” Journal of Computer and System Sciences, Vol.37, pp.156–189 (1988)zbMATHCrossRefMathSciNetGoogle Scholar
  4. [Ch]
    D. Chaum, “Security without Identification: Transaction Systems to Make Big Brother Obsolete,” Comm. of the ACM, 28,10, pp.1030–1044 (1985)CrossRefGoogle Scholar
  5. [Cr]
    C. Cr’epeau, “A zero-knowledge poker protocol that achieves confidentiality of the players’ strategy or How to achieve an electronic poker face,” The Proc. of Crypto’86, pp.239–247 (1986)Google Scholar
  6. [CFN]
    D. Chaum, A. Fiat and M. Naor, “Untraceable Electronic Cash,” to appear in the Proc. of Crypto’88 (1988)Google Scholar
  7. [D]
    I.B. Damgård, “Payment Systems and Credential Mechanisms with Provable Security Against Abuse by Individuals,” to appear in the Proc. of Crypto’88 (1988)Google Scholar
  8. [FFS]
    U. Feige, A. Fiat and A. Shamir, “Zero Knowledge Proofs of Identity,” The Proc. of STOC, pp.210–217 (1987)Google Scholar
  9. [FS]
    A. Fiat and A. Shamir, “How to Prove Yourself,” The Proc. of Crypto’86, pp.186–199 (1986)Google Scholar
  10. [GM]
    S. Goldwasser, and S. Micali, “Probabilistic Encryption,” Journal of Computer and System Science, Vol.28, No.2 (1984)Google Scholar
  11. [GMR]
    S. Goldwasser, S. Micali, and C. Rackoff, “Knowledge Complexity of Interactive Proofs,” The Proc. of STOC, pp291–304 (1985)Google Scholar
  12. [GoMiRi]
    S. Goldwasser, S. Micali, and R. Rivest, “A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks,” SIAM J.Compt., 17,2, pp.281–308 (1988)zbMATHCrossRefMathSciNetGoogle Scholar
  13. [GMW]
    O. Goldreich, S. Micali, and A. Wigderson, “Proofs that Yield Nothing But their Validity and a Methodology of Cryptographic Protocol Design,” The Proc. of FOCS, pp.174–187 (1986)Google Scholar
  14. [GQ]
    L.C. Guillou, and J.J. Quisquater, “A Practical Zero-Knowledge Protocol Fitted to Security Microprocessors Minimizing Both Transmission and Memory,” The Proc. of Eurocrypto’88, pp.123–128 (1988)Google Scholar
  15. [MS]
    S. Micali, and A. Shamir, “An Improvement of The Fiat-Shamir Identification and Signature Scheme,” The Proc. of Crypto’88 (1988)Google Scholar
  16. [OhO]
    K. Ohta, and T. Okamoto “A Modification of the Fiat-Shamir Scheme,” to appear in the Proc. of Crypto’88 (1988)Google Scholar
  17. [OkO]
    T. Okamoto, and K. Ohta “Divertible Zero-Knowledge Interactive Proofs and Commutative Random Self-Reducible,” to appear in the Proc. of Eurocrypt’89 (1989)Google Scholar
  18. [TW]
    M. Tompa and H. Woll, “Random Self-Reducibility and Zero Knowledge Interactive Proofs of Possession of Information,” The Proc. of FOCS, pp472–482 (1987)Google Scholar
  19. [Y]
    A.C. Yao: Theory and Applications of Trapdoor Functions, The Proc. of FOCS, pp.80–91 (1982)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1990

Authors and Affiliations

  • Tatsuaki Okamoto
    • 1
  • Kazuo Ohta
    • 1
  1. 1.NTT Communications and Information Processing LaboratoriesNippon Telegraph and Telephone CorporationKanagawa-kenJapan

Personalised recommendations