Lightweight micro-cash for the internet

  • Wenbo Mao
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1146)


We propose a micro-cash technique based on a one-time signature scheme: signing a message more than once leads to disclosure of the signer's private key. In addition to usual cash properties such as off-line bank for payment and spender's anonymity, the technique also provides a number of useful features. These include: identifying double spender with strong proof, cash revocable for identified double spender, independent of using tamper-resistant devices, coin sub-divisible to smaller denominations, and system simplicity in terms of small-sized data for cash representation as well as simple protocols for cash withdrawal, payment and deposit. We reason that these features support a lightweight cash system suitable for handling very low value payment transactions, such as information purchases on the Internet.


Revocable cash for double spender Internet electronic commerce 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Proposed Federal Information Processing Standard for Digital Signature Standard (DSS). Federal Register, v.56, n.169, August 1991.Google Scholar
  2. 2.
    J.-P. Boly et al. The ESPRIT Project CAFE — High Security Digital Payment Systems. In Computer Security — ESORICS'94 (LNCS 875), pages 217–230. Springer-Verlag, 1994.Google Scholar
  3. 3.
    S. Brands. Untraceable off-line cash in wallet with observers. In Advances in Cryptology — Proceedings of CRYPTO'93 (LNCS 773), pages 302–318. Springer-Verlag, 1993.Google Scholar
  4. 4.
    S. Brands. Electronic cash on the internet. In Proceedings of the Internet Society 1995 Symposium on Network and Distributed System Security, 1995.Google Scholar
  5. 5.
    S. Brands. Off-line electronic cash based on secret-key certificates. Technical Report: CS-R9506, 1995.Google Scholar
  6. 6.
    J. Camenisch, J-M. Piveteau, and Stadler M. An efficient electronic payment system protecting privacy. In Computer Security — ESORICS'94, (LNCS 875), pages 207–215. Springer-Verlag, 1994.Google Scholar
  7. 7.
    D. Chaum. Blind signatures for untraceable payments. In Advances in Cryptology — Proceedings of Crypto'82, pages 199–203. Plenum Press, 1983.Google Scholar
  8. 8.
    D. Chaum. Security without identification: Transaction systems to make big brother obsolete. Communications of the ACM, 28(10):1030–1044, October 1985.Google Scholar
  9. 9.
    D. Chaum. Blind signatures systems. U.S. Patent No 4,759,063, July 1988.Google Scholar
  10. 10.
    D. Chaum. Privacy protected payments: Unconditional payer and/or payee untraceability. In Smartcard 2000. North Holland, 1989.Google Scholar
  11. 11.
    D. Chaum. Online cash checks. In Advances in Cryptology — Proceedings of EUROCRYPT'89 (LNCS 434), pages 288–293. Springer-Verlag, 1990.Google Scholar
  12. 12.
    D. Chaum. Achieving electronic privacy. Scientific American, pages 96–101, August 1992.Google Scholar
  13. 13.
    D. Chaum, B. den Boer, E. van Heyst, S. Mjolsnes, and A. Steenbeek. Efficient offline electronic checks. In Advances in Cryptology — Proceedings of EURO-CRYPT'89 (LNCS 434), pages 294–301. Springer-Verlag, 1990.Google Scholar
  14. 14.
    D. Chaum, A. Fiat, and M. Naor. Untraceable electronic cash. In Advances in Cryptology — Proceedings of CRYPTO'88 (LNCS 403), pages 319–327. Springer-Verlag, 1990.Google Scholar
  15. 15.
    D. Chaum and T. Pedersen. Wallet databases with observers. In Advances in Cryptology — Proceedings of CRYPTO'92 (LNCS 740), pages 89–105. Springer-Verlag, 1992.Google Scholar
  16. 16.
    T. ElGamal. A public-key Cryptosystem and a signature scheme based on discrete logarithms. In Advances in Cryptology — Proceedings of CRYPTO'84 (LNCS 196), pages 10–18. Springer-Verlag, 1985.Google Scholar
  17. 17.
    T. Eng and T. Okamoto. Single-term divisible electronic coins. In Advances in Cryptology — Proceedings of EUEOCRYPT'94 (LNCS 950), pages 306–319. Springer-Verlag, 1995.Google Scholar
  18. 18.
    N. Ferguson. Single term off-line coins. In Advances in Cryptology — Proceedings of EUROCRYPT'93 (LNCS 765), pages 318–328. Springer-Verlag, 1994.Google Scholar
  19. 19.
    M. Franklin and M. Yung. Towards provably secure efficient electronic cash. Technical Report: TR CUCS-018-92, April 1992.Google Scholar
  20. 20.
    M. Franklin and M. Yung. Secure and efficient off-line digital money. In Proceedings of ICALP'93, (LNCS 700), pages 265–276. Springer-Verlag, 1993.Google Scholar
  21. 21.
    N.M. Haller. The S/Key one-time password system. Scholar
  22. 22.
    B. Hayes. Anonymous one-time signatures and flexible untraceable electronic cash. In Advances in Cryptology — Proceedings of AUSCRYPT'90 (LNCS 453), pages 294–305. Springer-Verlag, 1990.Google Scholar
  23. 23.
    ITU/ISO/IEC. Draft Amendment 1 to ITU Rec. X.509 (1993) — ISO/IEC 9594-8: Information Technology — Open Systems Interconnection — The Directory: Authentication Framework, Amendment 1: Certificate Extensions. ISO/IEC JTC 1/SC 21/WG 4 and ITU-T Q 15/7 Collaborative Editing Meeting on the Directory, Ottawa, Canada, July 1995.Google Scholar
  24. 24.
    L. Lamport. Password identification with insecure communications. Communications of the ACM, 24(11):770–772, 1981.Google Scholar
  25. 25.
    W. Mao. Blind Certification of Public Keys and Off-Line Electronic Cash. HP Laboratories Technical Report, HPL-96-71, May 1996.Google Scholar
  26. 26.
    MasterCard and Visa Secure Electronic Transaction (SET) (see, e.g.,, February 1996.Google Scholar
  27. 27.
    G. Medvinsky and B.C. Neuman. NetCash: A design for practical electronic currency on the Internet. In Proceedings of First ACM Conference on Computer and Communications Security, pages 102–196. ACM Press, 1993.Google Scholar
  28. 28.
    T. Okamoto and K. Ohta. Universal electronic cash. In Advances in Cryptology — Proceedings of CRYPTO'91 (LNCS 576), pages 324–337. Springer-Verlag, 1992.Google Scholar
  29. 29.
    R.L. Rivest and A. Shamir. Payword and micromint: Two simple micropayment schemes.∼rivest/publications.html, December 1995.Google Scholar
  30. 30.
    C.P. Schnorr. Efficient signature generation for smart cards. In Advances in Cryptology — Proceedings of CRYPTO'89 (LNCS 435), pages 239–252. Springer-Verlag, 1990.Google Scholar
  31. 31.
    C.P. Schnorr. Efficient signature generation for smart cards. Journal of Cryptology, 4(3):161–174, 1991.Google Scholar
  32. 32.
    C.P. Schnorr. A method for identifying subscribers and for generating and verifying electronic signatures in a data exchange system. U.S. Patent No. 4,995,082, February 1991.Google Scholar
  33. 33.
    M. Sirbu and J.D. Tygar. NetBill: An Internet Commerce System. Scholar
  34. 34.
    UK banks introduce Mondex, the cashless cash card. Newsbytes News Network (also see, January 1993.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1996

Authors and Affiliations

  • Wenbo Mao
    • 1
  1. 1.Hewlett-Packard LaboratoriesBristolUK

Personalised recommendations