International Association for Cryptologic Research

International Association
for Cryptologic Research

IACR News item: 11 April 2015

Patrick Märtens
ePrint Report ePrint Report
Divisible e-cash systems allow a user to withdraw a wallet containing K coins and to spend k < K + 1 coins in a single operation, respectively. Independent of the new work of Canard, Pointcheval, Sanders and Traoré (Proceedings of PKC \'15) we present a practical and secure divisible e-cash system in which the bandwidth of each protocol is constant while the system fulfills the standard security

requirements (especially which is unforgeable and truly anonymous) in the random oracle model. In other existing divisible e-cash systems that are truly anonymous, either the bandwidth of withdrawing

depends on K or the bandwidth of spending depends on k. Moreover, using some techniques of the work of Canard, Pointcheval, Sanders and Traoré we are also able to prove the security in the standard model.

Furthermore, we show an efficient attack against the unforgeability of Canard and Gouget\'s divisible e-cash scheme (FC \'10).

Finally, we extend our scheme to a divisible e-cash system that provides withdrawing and spending of an arbitrary value of coins (not necessarily a power of two) and give an extension to a fair e-cash

scheme.

Expand

Additional news items may be found on the IACR news page.