21-09-2012, 02:50 PM
Digital Cash
dcash.pdf (Size: 179.61 KB / Downloads: 284)
Abstract
Need of a payment system which enables the electronic transactions is growing at the
same time that the use of Internet is growing in our daily life. Present days electronic
payment systems have a major problem they cannot handle the security and the users
anonymity at the same time these systems are secure on the cost of their users anonymity.
Digital cash is a payment system which enables a secure off-line transaction without
revealing the payers identity. Digital cash can be used both as papper cash and
electronic money since it keeps its users anonymity, enables off-line transactions, is
portable and at the same time offers the ability of electronic transactions. This report
explains the concept of digital cash and discusses its properties. This report shows how
a digital cash system can be formed by presenting a few of the present days digital cash
systems in details, together with an evaluation of how well these systems fulfils the
properties of digital cash. We also discuss the implementation and practical usage of
digital cash. In the end of this report we will disscuss if an ideal digital cash system
exist in practice by discussing implementing problems, user problems and the problems
related to the objectives of digital cash system.
Introduction to Digital Cash
This thesis is about digital cash, a way to implement anonymous electronic payments
in an environment of mutual mistrust between the bank and the system users.
The present day payment systems fall into two large categories: account-based systems
and token-based systems. Token-based systems such as paper cash, pre-paid phone
cards or mail stamps, do not identify its users. A pre-paid phone card, for example,
does not distinguish one caller from the other. Account-based systems such as checks,
credit cards or bank accounts need, by design, to identify the system users and their
transactions.
People like to use paper cash because it is easy to carry around, they can make a payment
with the received cash and they don’t need to ask a third party like a bank to perform
their payments. Paper cash can, however, be stolen or lost and no one
compensates for the lost or stolen money.
Credit cards reduces risk of lost cash for people, but by using electronic money people
are in the risk of losing their privacy. Annually, credit card companies and banks lose
large sums of money since they are required to compensate for lost cards and the costs
associated with fraud and human error. In light of the explosive increase of electronic
services such as Internet, the need for more efficient electronic payments has become
an essential fact.
Since anonymity of payments is usually associated with anonymity of paper cash, an
anonymous token-based electronic payment system is referred to as digital cash (also
known as electronic cash, e-cash, D-cash). Digital cash offers a solution to the problems
of paper cash and today’s credit cards; it is secure and protects people’s privacy.
The customer can use digital cash to pay over the Internet without the involvement of a
bank during their payments.
Important Properties of Digital Cash
Digital cash is designed to construct an electronic payment system modelled after our
paper cash system. Therefore Digital Cash should have the same features as paper cash
like: recognizable hence readily acceptable, transferable, untraceable, anonymous and
portable and has the ability to make “change” (some people like Okamoto believe that
even the paper cash is undivisable[24]).
Forgery
The most obvious risk with any payment system is forgery or counterfeiting. As with
paper cash we have two kinds of forgery in a digital cash system.
• Token forgery: to create a valid-looking coin without making a corresponding bank
withdrawal.
• Multiple spending: using the same token over again. Multiple spending is also commonly
called re-spending, double-spending, and repeat-spending.
To protect against token forgery, one relies on the usual authenticity functions of user
identification and message integrity. To protect against multiple spending, the bank
maintains a database of spent electronic coins. Coins already in the database are to be
rejected for deposit. If the payments are on-line, this will prevent multiple spending. If
off-line, the best one can do is to detect when multiple spending has occurred. To protect
the payee, it is then necessary to identify the payer. Thus it is necessary to disable
the anonymity mechanism in the case of multiple spending.
Privacy
The definition of privacy is not really clear. For some people privacy means protection
against eavesdropping but for others like David Chaum privacy means anonymity for
the payer during payment and untraceability of the payment such that the bank cannot
tell whose money was used in a particular payment.
Just as cash is anonymous, digital cash is anonymous in that it cannot be traced back to
a particular individual, it is considered to be “unconditionally untraceable”. However,
the service provider is assured of its authenticity, all that is missing is the ability to link
the transaction with a particular person. If a user’s coin is linkable, we can identify the
user by finding a single payment in which the user has identified himself. Then a digital
cash system will protect user’s privacy if it is both unlinkable and untraceable.
Digital cash systems that don’t pay attention to privacy are “privacy-invading systems”.
Virtually all commercial systems currently being proposed are privacy-invading. They
emphasize the bank’s security, but pay little attention to the security of the customer (in
terms of protection from financial surveillance).
Anonymity increases the danger with money laundering, illegal purchasing, blackmailing
and counterfeiting that are far more serious than with paper cash. Anonymity
would increase the danger of these problems. More anonymity means less security and
vice versa.
Divisibility
With divisibility we mean the ability to make change. So digital cash will come in cent
or smaller denominations that can make high-volume, small-value transactions on the
internet practical.
A solution for divisible coins is using coins that can be divided to coins whose total
value is equal to the value of the original coin. This allows off-line payments to be
made without the need to store a supply of coins of different denominations.(Observe
that Okamoto believes that even normal paper cash can’t satisfy this characteristic by
being divisible [10]).
Three divisible off-line schemes have been proposed at a cost of transaction time and
additional storage, Eng and Okamoto’s scheme [17], Okamoto’s scheme [23] and
Okamoto and Ohta scheme [24].
On-line
On-line payment means that Bob calls the bank and verifies the validity of Alice’s
token by a simple question like “have you already seen this coin” before accepting her
payment and delivering his merchandise (This resembles many of today’s credit card
transactions.).
On-line payment remains necessary for transactions that need a high value of security.
With an on-line system, the payment and deposit are not separate steps. On-line systems
require communication with the bank during each payment, which costs more
money and time (communication costs, database-maintenance costs and turn-around
time), however the protocols are just simplification of off-line protocols.
Since on-line systems have to be able to check the credibility of payers for shops, it is
almost impossible to protect the anonymity of its users, besides as on-line systems
require communication with a third party during the payment transaction, then we can
not have transferable coin if the system is an on-line one.
RSA
In a public-key algorithm, the keys are formed in a pair of an encryption and a decryption
key and it is infeasible to generate one key from the other. The algorithm keeps
one key secret and sends the other to the partner over an open canal. To date many public-
key cryptography algorithms have been proposed [26]. Many of them are impractical
others insecure. Only a few algorithms are both secure and practical and of these
algorithm just three [26] work for both encryption and digital signatures.
RSA is by far the easiest Public-Key algorithm to understand and implement. It was
introduced in 1978 by Rivest, Shamir and Adleman and it works for encryption as well
as for digital signatures.