2006
DOI: 10.1007/11889663_20
|View full text |Cite
|
Sign up to set email alerts
|

Provably Secure Electronic Cash Based on Blind Multisignature Schemes

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1

Citation Types

0
12
0

Year Published

2007
2007
2022
2022

Publication Types

Select...
3
2
1

Relationship

0
6

Authors

Journals

citations
Cited by 10 publications
(12 citation statements)
references
References 15 publications
0
12
0
Order By: Relevance
“…One of the elegant solutions to insider attacks by malicious banks was proposed by Hanatani et al [7], [8]. Hanatani et al use a blind multisignature scheme based on [35] instead of a threshold signature scheme.…”
Section: A System Of Hanatani Et Almentioning
confidence: 99%
See 1 more Smart Citation
“…One of the elegant solutions to insider attacks by malicious banks was proposed by Hanatani et al [7], [8]. Hanatani et al use a blind multisignature scheme based on [35] instead of a threshold signature scheme.…”
Section: A System Of Hanatani Et Almentioning
confidence: 99%
“…Following the classification of Miyazaki and Sakurai, we investigate some of the recently proposed electronic cash systems such as [7], [8], [10]- [13].…”
Section: Introductionmentioning
confidence: 99%
“…We introduced the formal security model of the untraceable e-cash schemes with the blind multisignature scheme and proposed a provably secure scheme whose size of e-cash is independent of the number of banks, which overcomes the problems discussed in the above related works; however, the security of this scheme is considered only for a restricted attack model, and its security is questionable for a non-restricted attack model. In the scheme of [1], the only issuing bank uses the tag key that enables banks to trace dishonest users and the other guaranteeing banks do not, and so the security cannot be proven against the non-restricted attack model where the attacker can fully corrupt † the issuing bank. Moreover, [1] insists that if the scheme is modified by making the guaranteeing bank use its own tag key, and therefore, the security of the modified scheme can be proven even if the issuing bank is corrupted † † .…”
Section: Our Contributionmentioning
confidence: 99%
“…In the scheme of [1], the only issuing bank uses the tag key that enables banks to trace dishonest users and the other guaranteeing banks do not, and so the security cannot be proven against the non-restricted attack model where the attacker can fully corrupt † the issuing bank. Moreover, [1] insists that if the scheme is modified by making the guaranteeing bank use its own tag key, and therefore, the security of the modified scheme can be proven even if the issuing bank is corrupted † † . However, the theorem 5 of [1] is not concerned about the model where the shops are corrupted in the forgery game of [1]; namely, the security is not ensured when the shops are dishonest.…”
Section: Our Contributionmentioning
confidence: 99%
See 1 more Smart Citation