暂无分享,去创建一个
Lehrstuhl D fur Mathematik, RWTH Aachen, Templergraben 64, D-52062 Aachen, Germany(Dated: January 9, 2014)We propose an electronic payment protocol for typical customer-merchant relations which does notrequire a trusted (signed) payment descriptor to be sent from the merchant to the customer. Instead,the destination \account" number for the payment is solely created on the customer side. Thiseliminates the need for any encrypted or authenticated communication in the protocol and is secureeven if the merchant’s online infrastructure is compromised. Moreover, the payment transactionitself serves as a timestamped receipt for the customer. It proves what has been paid for and whoreceived the funds, again without relying on any merchant signatures. In particular, funds andreceipt are exchanged in a single atomic action. The asymmetric nature of the customer-merchantrelation is crucial.The protocol is speci cally designed with bitcoin in mind as the underlying payment system.Thereby, it has the useful bene t that all transactions are public. However, the only essentialrequirement on the payment system is that \accounts" are arbitrary user-created keypairs of acryptosystem whose keypairs enjoy a homomorphic property. All ElGamal-type cryptosystems havethis feature. For use with bitcoin we propose the design of a deterministic bitcoin wallet whoseaddresses can be indexed by clear text strings.
[1] Taher ElGamal,et al. A public key cyryptosystem and signature scheme based on discrete logarithms , 1985 .
[2] Alfred Menezes,et al. Handbook of Applied Cryptography , 2018 .
[3] Kazumaro Aoki,et al. SEC X.2: Recommended Elliptic Curve Domain Parameters , 2008 .