| dc.description.abstract | In recent years, due to the tremendous development of the Internet, a great deal of business opportunities are created. Therefore, many traditional business transactions are approached in an electronic form so that this is convenient for people. For this reason, electronic cash systems become more and more interesting.
Although the property of anonymity can protect customers’’ privacy, this property may be misused by malicious customers. Therefore, tracing of payments is a desired property for governments and banks. However, those anonymous electronic cash systems with anonymity revocation must pay a great sacrifice in efficiency. As a result, two efficient revocable anonymity electronic cash systems are proposed in this thesis.
In order to correctly embed customers’’ identity into the electronic coin in an efficient manner, we propose a new blind signature improving partially blind signature. Furthermore, we utilize this blind signature to construct an anonymous electronic cash system which provides two protection mechanisms to resist double spending, blackmailing, and money laundering: double-sending detection and tracing. Moreover, due to the involvement of registration protocol, the employment of zero-knowledge proofs is extremely reduced. In addition, we take advantage of the concern of batch cryptography to enable the customer to withdraw many coins once with the bank during a single withdrawal, and enable the merchant and the bank to validate these coins once. This amortizes computation cost through many coins.
Additionally, Liskov-Micali scheme uses the structure of Merkle hash tree to enable customers withdraw many coins once. Although
this amortizes computation cost, it increases customers’’ computation cost during each payment. Moreover, if customers dishonestly embed identity in Liskov-Micali scheme, double-spending detection becomes abnormal. Therefore, we propose an improved electronic cash system improving Liskov-Micali scheme. Due to the involvement of TTP and the replacement of batch cryptography, the improved system not only additionally provides tracing capability but also decreases customers’’ computation cost during each payment. In addition, because the employment of zero-knowledge proofs is not necessary in the improved system, this reduces computation and communication costs. Therefore, the improved system is more efficient than Liskov-Micali scheme. | en_US |