An E-Cash Based Implementation Model for Facilitating Anonymous Purchasing of Information Products

The rapid growing of online purchasing of information products poses challenges of how to preserve the customer's privacy during the online transactions. The current widely used way of online shopping does not consider the customer's privacy protection. It exposes the customer's sensitive information unnecessarily. We propose a new five-party implementation model called 5PAPS that provides much enhanced protection of the customer's privacy. The model combines the advantages of the e-cash techniques, the mix technique, the anonymous-honoring merchant model, and the anonymity-protecting payment gateway model. It is aimed for protecting the customer's anonymity in all applicable aspects. Security and anonymity issues of the model have been analyzed. The results show that the model is robust against varieties of common attacks and the customer's anonymity can be protected even in the presence of some collusion among the parties involved in the transactions. Experimental prototyping of the essential parts yields partial validation of the practical nature of the 5PAPS model, and it has also produced reliable estimates of the storage and messaging volume requirements present in sizable purchasing systems.

[1]  Pat Frankel,et al.  Exact analysis of exact change , 1997, Proceedings of the Fifth Israeli Symposium on Theory of Computing and Systems.

[2]  George Danezis,et al.  Low-cost traffic analysis of Tor , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).

[3]  Vincent Rijmen,et al.  The Design of Rijndael: AES - The Advanced Encryption Standard , 2002 .

[4]  Shafi Goldwasser,et al.  Advances in Cryptology — CRYPTO’ 88: Proceedings , 1990, Lecture Notes in Computer Science.

[5]  Kaisa Nyberg,et al.  Advances in Cryptology — EUROCRYPT'98 , 1998 .

[6]  Niels Ferguson,et al.  Single Term Off-Line Coins , 1994, EUROCRYPT.

[7]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[8]  Michael Wiener,et al.  Advances in Cryptology — CRYPTO’ 99 , 1999 .

[9]  Amos Fiat,et al.  Untraceable Electronic Cash , 1990, CRYPTO.

[10]  David Chaum,et al.  Blind Signatures for Untraceable Payments , 1982, CRYPTO.

[11]  Tatsuaki Okamoto,et al.  Universal Electronic Cash , 1991, CRYPTO.

[12]  George Danezis,et al.  The Traffic Analysis of Continuous-Time Mixes , 2004, Privacy Enhancing Technologies.

[13]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[14]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[15]  Yiannis Tsiounis,et al.  Easy Come - Easy Go Divisible Cash , 1998, EUROCRYPT.

[16]  Ronald Cramer,et al.  Advances in Cryptology - EUROCRYPT 2005, 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, May 22-26, 2005, Proceedings , 2005, EUROCRYPT.

[17]  Stefan A. Brands,et al.  Untraceable Off-line Cash in Wallet with Observers , 2002 .

[18]  Douglas R. Stinson,et al.  Advances in Cryptology — CRYPTO’ 93 , 2001, Lecture Notes in Computer Science.

[19]  Vincent Rijmen,et al.  The Design of Rijndael , 2002, Information Security and Cryptography.

[20]  Jan Camenisch,et al.  Compact E-Cash , 2005, EUROCRYPT.

[21]  Tor Helleseth,et al.  Advances in Cryptology — EUROCRYPT ’93 , 2001, Lecture Notes in Computer Science.

[22]  George Danezis,et al.  A Survey of Anonymous Communication Channels , 2008 .

[23]  Joan Feigenbaum,et al.  Advances in Cryptology-Crypto 91 , 1992 .

[24]  See-Kiong Ng,et al.  Enabling Privacy-Preserving e-Payment Processing , 2008, DASFAA.

[25]  Tatsuaki Okamoto,et al.  An Efficient Divisible Electronic Cash Scheme , 1995, CRYPTO.