Ya-Fen Chang, W. Tai, Yao-Ching Liu, Huan-Wen Chen
{"title":"Vulnerability of Baseri et al.'s Untraceable Offline Electronic Cash System","authors":"Ya-Fen Chang, W. Tai, Yao-Ching Liu, Huan-Wen Chen","doi":"10.1109/ICSSE.2018.8519978","DOIUrl":null,"url":null,"abstract":"Offline electronic cash systems, an attractive payment platform for electronic commerce, enable customers to pay his electronic money in business transactions via the Internet. In 2013, Baseri et al. proposed an offline electronic cash (e-cash) system using RSA cryptosystem and asserted that their system satisfied anonymity, double spending detection, unforgeability, and date attachability properties and prevented forging. However, we find that their e-cash system is insecure against identity forgery. In this paper, we show that an adversary has three ways to forge a valid identity to withdraw electronic coin (e-coin) from his account at the bank and pay it to the merchant in payment phase. When double spending is detected, the bank cannot reveal the attacker's real identity.","PeriodicalId":431387,"journal":{"name":"2018 International Conference on System Science and Engineering (ICSSE)","volume":"54 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 International Conference on System Science and Engineering (ICSSE)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICSSE.2018.8519978","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 2
Abstract
Offline electronic cash systems, an attractive payment platform for electronic commerce, enable customers to pay his electronic money in business transactions via the Internet. In 2013, Baseri et al. proposed an offline electronic cash (e-cash) system using RSA cryptosystem and asserted that their system satisfied anonymity, double spending detection, unforgeability, and date attachability properties and prevented forging. However, we find that their e-cash system is insecure against identity forgery. In this paper, we show that an adversary has three ways to forge a valid identity to withdraw electronic coin (e-coin) from his account at the bank and pay it to the merchant in payment phase. When double spending is detected, the bank cannot reveal the attacker's real identity.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
