CN108090751A - Electronic cash system - Google Patents
Electronic cash system Download PDFInfo
- Publication number
- CN108090751A CN108090751A CN201711346525.0A CN201711346525A CN108090751A CN 108090751 A CN108090751 A CN 108090751A CN 201711346525 A CN201711346525 A CN 201711346525A CN 108090751 A CN108090751 A CN 108090751A
- Authority
- CN
- China
- Prior art keywords
- mrow
- msub
- electronic cash
- client
- sigma
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/36—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
- G06Q20/367—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes
- G06Q20/3678—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes e-cash details, e.g. blinded, divisible or detecting double spending
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/04—Payment circuits
- G06Q20/06—Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme
- G06Q20/065—Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme using e-cash
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/10—Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3825—Use of electronic signatures
Landscapes
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Finance (AREA)
- Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Development Economics (AREA)
- Economics (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
本发明涉及一种电子现金系统。该电子现金系统包括用户客户端Ui向地方银行服务器LBj发送取款请求,LBj为Ui的开户银行服务器;LBj根据取款请求生成电子现金M发送给Ui;LBj更新Ui的用户账户表;Ui验证M的有效性;当验证结果为有效时,导出并保存M;当验证结果为无效时,重复执行Ui向地方银行服务器LBj发送取款请求及后续步骤。本发明的电子现金系统,用户客户端Ui向地方银行服务器LBj发送取款请求,LBj为Ui的开户银行服务器;LBj根据取款请求生成电子现金M发送给Ui;Ui验证M的有效性;当验证结果为有效时,导出并保存M,解决可交易中传统纸币带来的各种限制因素,同时有效保护用户的匿名性。
The invention relates to an electronic cash system. The electronic cash system includes the user client U i sending a withdrawal request to the local bank server LB j , LB j is U i 's account bank server; LB j generates electronic cash M according to the withdrawal request and sends it to U i ; LB j updates U i 's User account table; U i verifies the validity of M; when the verification result is valid, export and save M; when the verification result is invalid, repeatedly execute U i to send a withdrawal request to the local bank server LB j and follow-up steps. In the electronic cash system of the present invention, the user client U i sends a withdrawal request to the local bank server LB j , and LB j is U i 's account opening bank server; LB j generates electronic cash M according to the withdrawal request and sends it to U i ; U i verifies M The validity; when the verification result is valid, export and save M to solve various constraints brought by traditional banknotes in the transaction, while effectively protecting the anonymity of users.
Description
技术领域technical field
本发明涉及互联网技术领域,尤其涉及一种电子现金系统。The invention relates to the technical field of the Internet, in particular to an electronic cash system.
背景技术Background technique
随着计算机和互联网技术的飞速发展,电子商务已经深入到现代社会中人们生活运作的各个方面。然而,人们在享受电子商务所带来的巨大便利的同时,信息安全与个人隐私问题也日益凸显。传统的现金交易手段无法有效保证电子商务的安全性与隐私性,同时,人们也不愿意通过互联网频繁传送他们的个人信息与信用卡账号,因此商业上需要更多的网络隐私和网络匿名相关的服务。在这种需求的推动下,电子现金(Electronic Cash,E-cash)的概念应运而生。With the rapid development of computer and Internet technology, e-commerce has penetrated into all aspects of people's life and operation in modern society. However, while people are enjoying the great convenience brought by e-commerce, the issues of information security and personal privacy are becoming increasingly prominent. Traditional cash transactions cannot effectively guarantee the security and privacy of e-commerce. At the same time, people are unwilling to frequently transmit their personal information and credit card account numbers through the Internet. Therefore, businesses need more services related to online privacy and online anonymity. . Driven by this demand, the concept of electronic cash (Electronic Cash, E-cash) came into being.
电子现金是一种以数据形式流通的货币。电子现金系统利用密码学工具把现金数值转换成为一系列的加密序列数,使现金脱离于传统纸张或金属,存储于软件或者智能卡中。设计电子现金系统的目的是实现人们在通信网络上进行正常的电子现金交易,电子现金这一变革手段必将逐步成熟,一定能为广大消费者接受。因此,为保证我国电子商务的健康发展,研制自己的网络安全支付系统,尤其是电子现金系统势在必行。Electronic cash is a currency that circulates in the form of data. The electronic cash system uses cryptographic tools to convert the cash value into a series of encrypted serial numbers, so that cash is separated from traditional paper or metal and stored in software or smart cards. The purpose of designing the electronic cash system is to enable people to conduct normal electronic cash transactions on the communication network. Electronic cash, a means of transformation, will gradually mature and be accepted by consumers. Therefore, in order to ensure the healthy development of e-commerce in our country, it is imperative to develop our own network security payment system, especially the electronic cash system.
尽管电子现金具有很多优点与特性,但是其涉及的一些关键性技术仍然亟待发明。首要的问题便是如何确保系统的安全;其次,如何使人们真正接受并使用电子现金的关键在于要保证电子现金同传统纸币一样难以被伪造和复制:为了实现难以被伪造,电子现金系统将不可伪造的数字签名作为一笔现金来进行交易。然而,与传统货币不同的是,电子现金的数字化特点导致它很容易被复制,所以在许多电子现金系统中,会存在在不同的交易中支付同一笔电子现金的行为,即重复花费行为。为了避免重复花费行为的滋生,一些电子现金系统将用户的身份信息以一种隐藏的方式编码进电子现金中,使用户在支付时仍然保持匿名性,如果侦测到重复花费行为,该用户身份则会被揭开。除此之外,目前提出的电子现金系统中,在每个协议进行时都需要双方进行至少三次交互,这对通信效率和网络的安全要求很高,所以如何减少双方交互的次数也是一个在实际应用中非常重要的问题。Although electronic cash has many advantages and characteristics, some key technologies involved in it still need to be invented urgently. The first problem is how to ensure the security of the system; secondly, the key to how to make people accept and use electronic cash is to ensure that electronic cash is as difficult to be counterfeited and copied as traditional banknotes: in order to be difficult to be counterfeited, the electronic cash system will not be able to Forged digital signatures are traded as cash. However, unlike traditional currencies, the digital characteristics of electronic cash make it easy to be copied, so in many electronic cash systems, there will be behaviors of paying the same electronic cash in different transactions, that is, double spending behavior. In order to avoid the breeding of double spending behavior, some electronic cash systems code the user's identity information into electronic cash in a hidden way, so that the user still maintains anonymity when paying. If double spending behavior is detected, the user's identity will be revealed. In addition, in the currently proposed electronic cash system, each protocol requires at least three interactions between the two parties, which requires high communication efficiency and network security, so how to reduce the number of interactions between the two parties is also a practical issue. very important issue in application.
总体来说,设计安全的电子现金系统的宗旨是解决交易中传统纸币带来的各种限制因素,同时有效保护用户的匿名性,使之逐渐成为电子支付的一种重要工具,引领现金交易向着数字化与智能化方向发展。Generally speaking, the purpose of designing a secure electronic cash system is to solve the various constraints brought by traditional banknotes in transactions, and at the same time effectively protect the anonymity of users, making it gradually become an important tool for electronic payment, leading cash transactions towards The direction of digitalization and intelligence is developing.
发明内容Contents of the invention
(一)要解决的技术问题(1) Technical problems to be solved
针对现有技术中的问题,本发明提供一种电子现金系统,该系统,用户客户端Ui向地方银行服务器LBj发送取款请求,LBj为Ui的开户银行服务器;LBj根据取款请求生成电子现金M发送给Ui;Ui验证M的有效性;当验证结果为有效时,导出并保存M,解决可交易中传统纸币带来的各种限制因素,同时有效保护用户的匿名性。Aiming at the problems in the prior art, the present invention provides an electronic cash system. In this system, the user client U i sends a withdrawal request to the local bank server LB j , and LB j is U i 's account opening bank server; LB j according to the withdrawal request Generate electronic cash M and send it to U i ; U i verifies the validity of M; when the verification result is valid, export and save M to solve the various constraints brought by traditional banknotes in the transaction, while effectively protecting the anonymity of users .
(二)技术方案(2) Technical solutions
为了达到上述目的,本发明采用的主要技术方案包括:In order to achieve the above object, the main technical solutions adopted in the present invention include:
一种电子现金系统,所述系统,包括:用户客户端和地方银行服务器;An electronic cash system, the system includes: a user client and a local bank server;
S401,所述用户客户端Ui向地方银行服务器LBj发送取款请求,所述LBj为所述Ui的开户银行服务器;S401, the user client U i sends a withdrawal request to the local bank server LB j , and the LB j is the account opening bank server of the U i ;
S402,所述LBj根据所述取款请求生成电子现金M发送给所述Ui;所述LBj更新所述Ui的用户账户表;S402, the LB j generates electronic cash M according to the withdrawal request and sends it to the U i ; the LB j updates the user account table of the U i ;
S403,所述Ui验证所述M的有效性;S403, the U i verifies the validity of the M;
S404,当验证结果为有效时,导出并保存所述M;S404. When the verification result is valid, export and save the M;
S405当验证结果为无效时,重复执行步骤S401及后续步骤。S405: When the verification result is invalid, repeat step S401 and subsequent steps.
(三)有益效果(3) Beneficial effects
本发明的有益效果是:用户客户端Ui向地方银行服务器LBj发送取款请求,LBj为Ui的开户银行服务器;LBj根据取款请求生成电子现金M发送给Ui;Ui验证M的有效性;当验证结果为有效时,导出并保存M,解决可交易中传统纸币带来的各种限制因素,同时有效保护用户的匿名性。The beneficial effects of the present invention are: the user client U i sends a withdrawal request to the local bank server LB j , and LB j is U i 's account opening bank server; LB j generates electronic cash M according to the withdrawal request and sends it to U i ; U i verifies M The validity; when the verification result is valid, export and save M to solve various constraints brought by traditional banknotes in the transaction, while effectively protecting the anonymity of users.
附图说明Description of drawings
图1是本发明一种电子现金系统架构图;Fig. 1 is a kind of electronic cash system architecture diagram of the present invention;
图2是本发明另一种电子现金系统架构图;Fig. 2 is another electronic cash system architecture diagram of the present invention;
图3是本发明另一种电子现金系统架构图;Fig. 3 is another electronic cash system architecture diagram of the present invention;
图4是本发明另一种电子现金系统架构图;Fig. 4 is another electronic cash system architecture diagram of the present invention;
图5是本发明具体实施方式的注册过程的流程图;Fig. 5 is a flow chart of the registration process of the specific embodiment of the present invention;
图6是本发明具体实施方式的开户流程图;Fig. 6 is the account opening flowchart of the embodiment of the present invention;
图7是本发明具体实施方式的取款过程流程图;Fig. 7 is a flow chart of the withdrawal process of a specific embodiment of the present invention;
图8是本发明具体实施方式的支付过程流程图;Fig. 8 is a flow chart of the payment process in a specific embodiment of the present invention;
图9是本发明具体实施方式的存款过程流程图。Fig. 9 is a flow chart of the deposit process of the specific embodiment of the present invention.
具体实施方式Detailed ways
为了更好的解释本发明,以便于理解,下面结合附图,通过具体实施方式,对本发明作详细描述。In order to better explain the present invention and facilitate understanding, the present invention will be described in detail below through specific embodiments in conjunction with the accompanying drawings.
电子现金涉及的一些关键性技术仍然亟待发明。首要的问题便是如何确保系统的安全;其次,如何使人们真正接受并使用电子现金的关键在于要保证电子现金同传统纸币一样难以被伪造和复制:为了实现难以被伪造,电子现金系统将不可伪造的数字签名作为一笔现金来进行交易。然而,与传统货币不同的是,电子现金的数字化特点导致它很容易被复制,所以在许多电子现金系统中,会存在在不同的交易中支付同一笔电子现金的行为,即重复花费行为。为了避免重复花费行为的滋生,一些电子现金系统将用户的身份信息以一种隐藏的方式编码进电子现金中,使用户在支付时仍然保持匿名性,如果侦测到重复花费行为,该用户身份则会被揭开。除此之外,目前提出的电子现金系统中,在每个协议进行时都需要双方进行至少三次交互,这对通信效率和网络的安全要求很高,所以如何减少双方交互的次数也是一个在实际应用中非常重要的问题。Some key technologies involved in electronic cash are still waiting to be invented. The first problem is how to ensure the security of the system; secondly, the key to how to make people accept and use electronic cash is to ensure that electronic cash is as difficult to be counterfeited and copied as traditional banknotes: in order to be difficult to be counterfeited, the electronic cash system will not be able to Forged digital signatures are traded as cash. However, unlike traditional currencies, the digital characteristics of electronic cash make it easy to be copied, so in many electronic cash systems, there will be behaviors of paying the same electronic cash in different transactions, that is, double spending behavior. In order to avoid the breeding of double spending behavior, some electronic cash systems code the user's identity information into electronic cash in a hidden way, so that the user still maintains anonymity when paying. If double spending behavior is detected, the user's identity will be revealed. In addition, in the currently proposed electronic cash system, each protocol requires at least three interactions between the two parties, which requires high communication efficiency and network security, so how to reduce the number of interactions between the two parties is also a practical issue. very important issue in application.
基于此,本发明提供一种电子现金系统,至少包括:用户客户端和地方银行服务器,用户客户端Ui向地方银行服务器LBj发送取款请求,LBj为Ui的开户银行服务器;LBj根据取款请求生成电子现金M发送给Ui;Ui验证M的有效性;当验证结果为有效时,导出并保存M,解决可交易中传统纸币带来的各种限制因素,同时有效保护用户的匿名性。Based on this, the present invention provides an electronic cash system, at least including: user client and local bank server, user client U i sends withdrawal request to local bank server LB j , LB j is U i 's account opening bank server; LB j Generate electronic cash M according to the withdrawal request and send it to U i ; U i verifies the validity of M; when the verification result is valid, export and save M to solve various constraints brought by traditional banknotes in tradable, while effectively protecting users of anonymity.
参见图1,本实施例提供的电子现金系统,包括:用户客户端和地方银行服务器。通过图1所示的由用户客户端和地方银行服务器组成的电子现金系统,可实现用户通过用户客户端从地方银行服务器中提取电子现金的功能。Referring to Fig. 1, the electronic cash system provided by this embodiment includes: a user client and a local bank server. Through the electronic cash system composed of the user client and the local bank server shown in Figure 1, the user can realize the function of withdrawing electronic cash from the local bank server through the user client.
除此之外,参见图2,本实施例提供的电子现金系统,还包括:中央银行服务器。通过图2所示的由用户客户端、地方银行服务器和中央银行服务器组成的电子现金系统,可实现如下功能:1)电子现金系统的初始化。2)客户端的注册和地方银行服务器的注册。3)用户通过用户客户端在地方银行服务器开户。4)用户通过用户客户端从地方银行服务器中提取电子现金。5)中央银行服务器监控非法交易。In addition, referring to FIG. 2 , the electronic cash system provided in this embodiment further includes: a central bank server. Through the electronic cash system composed of user client, local bank server and central bank server as shown in Fig. 2, the following functions can be realized: 1) Initialization of the electronic cash system. 2) Registration of the client and registration of the local bank server. 3) The user opens an account on the local bank server through the user client. 4) The user withdraws electronic cash from the local bank server through the user client. 5) The central bank server monitors illegal transactions.
除此之外,参见图3,本实施例提供的电子现金系统,还包括:商家客户端。通过图3所示的由用户客户端、地方银行服务器、中央银行服务器和商家客户端组成的电子现金系统,可实现如下功能:1)电子现金系统的初始化。2)客户端的注册和地方银行服务器的注册。3)用户通过用户客户端在地方银行服务器开户。4)用户通过用户客户端从地方银行服务器中提取电子现金。5)用户通过用户客户端向商家客户端支付购物费用。6)商家通过商家客户端在地方银行服务器中存入电子现金。7)中央银行服务器监控非法交易。8)两客户端的电子现金仲裁。In addition, referring to FIG. 3 , the electronic cash system provided in this embodiment further includes: a merchant client. Through the electronic cash system composed of user client, local bank server, central bank server and merchant client as shown in Figure 3, the following functions can be realized: 1) Initialization of the electronic cash system. 2) Registration of the client and registration of the local bank server. 3) The user opens an account on the local bank server through the user client. 4) The user withdraws electronic cash from the local bank server through the user client. 5) The user pays the shopping fee to the merchant client through the user client. 6) The merchant deposits electronic cash in the local bank server through the merchant client. 7) The central bank server monitors illegal transactions. 8) Electronic cash arbitration between two clients.
其中,客户端可以为用户客户端,也可以为商家客户端,2)用户客户端的注册、商家客户端的注册和地方银行服务器的注册。7)为仲裁2个用户客户端间的电子交易纠纷,或者,仲裁2个商家客户端间的电子交易纠纷,或者,仲裁1个用户客户端和1个商家客户端间的电子交易纠纷。Wherein, the client can be a user client or a merchant client, 2) registration of the user client, registration of the merchant client and registration of the local bank server. 7) To arbitrate electronic transaction disputes between 2 user clients, or to arbitrate electronic transaction disputes between 2 merchant clients, or to arbitrate electronic transaction disputes between 1 user client and 1 merchant client.
下面以图4所示的电子现金系统架构为例,对本发明提供的电子现金系统的运行流程进行详细说明。Taking the electronic cash system architecture shown in FIG. 4 as an example, the operation process of the electronic cash system provided by the present invention will be described in detail below.
本发明的电子现金系统,参与的实体主要有以下四种:中央银行(Central Bank,CB)、地方银行(Local Bank,LB),消费者(Customer,C)以及商家(Merchant,M)。其中中央银行可以看做群签名方案中的群管理者与开启者,地方银行可以看做群签名方案中的签名者以及仲裁者,而消费者与商家则充当了群签名方案中验证者的角色。In the electronic cash system of the present invention, there are mainly four types of participating entities: the central bank (Central Bank, CB), the local bank (Local Bank, LB), the consumer (Customer, C) and the merchant (Merchant, M). Among them, the central bank can be regarded as the group manager and opener in the group signature scheme, the local bank can be regarded as the signer and arbitrator in the group signature scheme, and consumers and merchants act as the verifier in the group signature scheme .
所述的中央银行CB为系统的建立者,作为中央金融机构,负责管理地方银行以及发布电子现金验证信息,并为合法的地方银行与用户颁发银行证书与用户证书,并管理维护用户注册表,其中为用户标识符;The central bank CB is the founder of the system. As a central financial institution, it is responsible for managing local banks and issuing electronic cash verification information, issuing bank certificates and user certificates for legal local banks and users, and managing and maintaining the user registry. where is the user identifier;
所述的地方银行LB为电子现金发行者,拥有中央银行办法的银行资格证书,负责为用户开户并管理其电子现金账户,具体来讲,客户取款时,除此之外,地方银行应具有客户身份以及电子现金真伪验证能力。The local bank LB mentioned above is an issuer of electronic cash, has a bank qualification certificate issued by the central bank, and is responsible for opening accounts for users and managing their electronic cash accounts. Specifically, when customers withdraw money, the local bank should also have customer Identity and electronic cash authenticity verification capabilities.
所述的消费者C为电子现金合法拥有者,通过开户协议与地方银行进行交互,得到属于自己的账户,其中包含一定数值的电子现金,消费者C在与商家M进行交易时,可以用支付协议将相应数值的电子现金支付给商家。The consumer C mentioned above is the legal owner of the electronic cash, interacts with the local bank through the account opening agreement, and obtains his own account, which contains a certain amount of electronic cash. When the consumer C conducts transactions with the merchant M, he can use the payment The protocol pays the corresponding value of electronic cash to the merchant.
所述的商家M为电子现金合法拥有者,得到消费者发送的电子现金时可以离线验证电子现金的合法性,并存入自己的账户。The merchant M mentioned above is the legal owner of the electronic cash, and can verify the legitimacy of the electronic cash offline when receiving the electronic cash sent by the consumer, and deposit it into his own account.
因此本发明的电子现金系统为支持多银行的公平离线电子现金系统。Therefore, the electronic cash system of the present invention is a fair offline electronic cash system supporting multiple banks.
如图4所示,中央银行CB为合法的地方银行LB、消费者C以及商家M颁发证书,对于系统内的消费者C,还需向中央银行CB发送自己的追踪密钥以便管理。地方银行LB通过中央银行CB颁发的证书来表示自己是合法的银行,通过生成的签名密钥来签发电子现金,并在此之后可处于离线状态。用户U可以向地方银行LB申请开户,开户成功后可以从此地方银行进行存取电子现金,取款时,地方银行LB对自己要发行的电子现金进行签名,并且在电子现金中绑定证书,地方银行LB通过Groth-Sahai非交互式零知识证明方法向用户证明该证书的合法有效性。在支付过程中,消费者C需要将已经得到电子现金支付给商家M,并同时发送现金的序列号与交易标识。根据Groth-Sahai非交互式零知识证明方法的特点,商家M并不需要与银行或用户任意一方进行交互,也不会知道用户的任何私人信息,便可验证此笔现金是否合法有效,若在现金流通过程中产生经济纠纷,或者有非法行为,用户可以向中央银行CB申请打开电子现金,从而追踪出非法用户的身份。除此之外,在某些特定情况下,若系统中需要确认某笔现金是否属于某名用户,可以向签发此笔现金的银行发起仲裁申请,银行能够在不揭示用户身份的情况下,输出判定结果,所有人都能通过此致来判定此笔电子现金是否是某用户生成的。As shown in Figure 4, the central bank CB issues certificates for the legal local bank LB, consumer C and merchant M. For consumer C in the system, it is necessary to send its own tracking key to the central bank CB for management. The local bank LB represents itself as a legal bank through the certificate issued by the central bank CB, issues electronic cash through the generated signature key, and can be offline after that. User U can apply to the local bank LB to open an account. After the account is successfully opened, the local bank can deposit and withdraw electronic cash. When withdrawing money, the local bank LB signs the electronic cash to be issued by itself and binds the certificate to the electronic cash. The local bank LB proves the legal validity of the certificate to the user through the Groth-Sahai non-interactive zero-knowledge proof method. During the payment process, consumer C needs to pay the merchant M with electronic cash, and at the same time send the serial number of the cash and the transaction identifier. According to the characteristics of the Groth-Sahai non-interactive zero-knowledge proof method, the merchant M does not need to interact with the bank or the user, and will not know any private information of the user to verify whether the cash is legal and valid. In the event of economic disputes or illegal activities in the cash circulation process, users can apply to the Central Bank CB to open electronic cash, so as to trace the identity of illegal users. In addition, in some specific cases, if the system needs to confirm whether a certain amount of cash belongs to a certain user, an arbitration application can be initiated to the bank that issued the cash, and the bank can output As a result of the judgment, everyone can judge whether the electronic cash is generated by a certain user through this letter.
在具体实现时,消费者持有本地设备客户端,电子现金存储在本地设备中。消费者给商家交易时,发送的是本地设备中存储的电子现金,但是发送之前需要对其进行修改,使其满足有效性,可验证性。消费者拥有自己的客户端,在售款的时候,可以选择展示二维码,付款方通过扫描二维码或者输入地址等方式连接收款方进行付款。In specific implementation, the consumer holds the client terminal of the local device, and the electronic cash is stored in the local device. When consumers trade with merchants, they send electronic cash stored in local devices, but it needs to be modified before sending to make it valid and verifiable. Consumers have their own client. When selling money, they can choose to display the QR code, and the payer can connect to the payee to make payment by scanning the QR code or entering the address.
一、电子现金系统的初始化1. Initialization of the electronic cash system
完成电子现金系统的初始化的具体流程如下:The specific process of completing the initialization of the electronic cash system is as follows:
S101-1,中央银行服务器CB选择系统参数。S101-1. The central bank server CB selects system parameters.
S101-2,CB生产能够对电子现金进行验证的群公钥pk及私钥,私钥包括CB的主私钥msk以及开启密钥sk0。S101-2, CB produces group public key pk and private key capable of verifying electronic cash, and the private key includes CB's master private key msk and unlock key sk0.
S101-3,CB设立数据库,数据库用于存储已花费的电子现金,且LBj拥有对数据库的访问权限。S101-3, CB sets up a database, the database is used to store spent electronic cash, and LB j has access to the database.
例如,中央银行服务器选择系统参数,生产能够对电子现金进行验证的群公钥pk以及私钥(中央银行的主私钥msk以及开启密钥sk0)。中央银行服务器在中央银行本地设立一个数据库专门用于存储已花费的电子现金Reg[C],所有地方银行拥有对此数据库的访问权限。For example, the server of the central bank selects system parameters and produces group public key p k and private key (master private key msk and unlock key sk0 of the central bank) capable of verifying electronic cash. The central bank server sets up a database locally at the central bank to store spent electronic cash Reg[C], and all local banks have access to this database.
二、客户端的注册和地方银行服务器的注册2. Client registration and local bank server registration
地方银行或者用户在系统中进行注册,参与的实体是中央银行服务器和地方银行服务器/用户客户端,任何想加入此系统的实体必须和中央银行交互执行此步骤。可以看做群签名方案中群成员Me(用户或者地方银行)和群管理者(中央银行)之间进行的交互式协议,分别运行在用户或地方银行端和中央银行服务端群成员Me以(pk,sk1,sk2)为输入,中央银行以PK为输入,运行该协议。当该协议运行成功时,一方面中央银行在群成员注册表reg中为群成员建立一个条目,记为reg[e],条目的内容条目的内容地方银行资格证书以及公钥;另一方面群成员Me(用户或者地方银行)获得中央银行颁发的地方银行资格证书certe,另外地方银行生成签名密钥以及验证密钥(sske,vke),用户生成追踪密钥tk[e]。Local banks or users register in the system. The participating entities are the central bank server and local bank server/user client. Any entity that wants to join this system must interact with the central bank to perform this step. It can be regarded as an interactive protocol between the group member M e ( user or local bank) and the group manager (central bank) in the group signature scheme, which runs on the user or local bank end and the central bank server end respectively. Take (pk,sk 1 ,sk 2 ) as input and the central bank takes PK as input to run the protocol. When the protocol runs successfully, on the one hand, the central bank creates an entry for the group members in the group member registry reg, which is denoted as reg[e], and the content of the entry is the local bank qualification certificate and public key; on the other hand, the group Member M e (user or local bank) obtains the local bank qualification certificate cert e issued by the central bank. In addition, the local bank generates a signature key and a verification key (ssk e , vk e ), and the user generates a tracking key tk[e].
本步骤包括用户客户端的注册、商家客户端的注册和地方银行服务器的注册。This step includes the registration of the user client, the registration of the merchant client and the registration of the local bank server.
1、地方银行服务器的注册1. Registration of local bank server
如LBj在电子现金系统中注册流程如下:For example, the registration process of LB j in the electronic cash system is as follows:
S201-1,LBj根据PKI中的密钥对(lbsk[j],lbpk[j])计算并发送密钥的承诺值Y′j给CB。S201-1, LB j calculates according to the key pair (lbsk[j], lbpk[j]) in PKI and sends the key commitment value Y′ j to CB.
S201-1具体包括:S201-1 specifically includes:
S201-1-1,LBj调取PKI中的密钥对(lbsk[j],lbpk[j])。S201-1-1, LB j retrieves the key pair (lbsk[j], lbpk[j]) in the PKI.
S201-1-2,LBj随机选择y′j←Zp。S201-1-2, LB j randomly selects y′ j ← Z p .
S201-1-3,LBj计算将Y′j发送给CB。S201-1-3, LB j calculation Send Y'j to CB.
S201-2,CB根据Y′j生成LBj的资格证书certj的前半部分,并发送给LBj。S201-2, CB generates the first half of LB j 's qualification certificate cert j according to Y′ j , and sends it to LB j .
S201-2具体包括:S201-2 specifically includes:
S201-2-1,CB选择 S201-2-1, CB selection
S201-2-1,CB生成LBj的资格证书certj的前半部分(yj″,Aj,Xj,2),并发送(yj″,Aj,Xj,2)给LBj。S201-2-1, CB generates the first half (y j ″,A j ,X j,2 ) of LB j ’s qualification certificate cert j , and sends (y j ″ ,A j ,X j,2 ) to LB j .
其中, in,
S201-3,LBj确定certj的前半部有效后,计算LBj的私钥sk[j],并对sk[j]进行签名得到s[j],将s[j]发送给CB。S201-3. After determining that the first half of cert j is valid, LB j calculates LB j 's private key sk[j], signs sk[j] to obtain s[j], and sends s[j] to CB.
S201-3具体包括:S201-3 specifically includes:
S201-3-1,LBj校验是否成立。S201-3-1, LB j verification Whether it is established.
S201-3-2,若成立,则LBj计算sk[j]=yj=y′j+yj″,并得到等式 S201-3-2, if established, then LB j calculates sk[j]=y j =y′ j +y j ″, and obtains the equation
S201-3-3,对进行签名得到sj。S201-3-3, yes Sign it to get s j .
S201-3-4,将(j,lbpk[j],Aj,Xj,Sj)发送给CB。S201-3-4. Send (j, lbpk[j], A j , X j , S j ) to the CB.
其中,sj为LBj对进行签名得到的签名值。Among them, s j is the pair of LB j The signature value obtained by signing.
lbpk[j]是LBj的公钥;Aj)和Xj,2是LBj和中央银行在之前交互过程中得到的证书的一部分。lbpk[j] is the public key of LB j ; A j ) and X j,2 are part of the certificate obtained by LB j and the central bank during the previous interaction process.
S201-4,CB根据lbpk[j]验证s[j]正确后,将LBj的信息添加到注册表RegLB[j]中。S201-4. After verifying that s[j] is correct according to lbpk[j], the CB adds the information of LB j to Reg LB [j].
具体的,CB根据lbpk[j]验证s[j]正确后,将(j,lbpk[j],Aj,Xj,Sj)添加到注册表RegLB[j]中。Specifically, after verifying that s[j] is correct according to lbpk[j], the CB adds (j, lbpk[j], A j , X j , S j ) to the registry Reg LB [j].
S201-5,CB发送certj的前后部分Xj,1给LBj。S201-5. The CB sends the front and back parts X j,1 of the cert j to the LB j .
具体的,CB发送certj的前后部分给LBj。Specifically, CB sends the front and rear parts of cert j to LB j .
S201-6,LBj验证Xj,1正确后,将certj的前半部分和Xj,1合并为certj。S201-6. After verifying that X j ,1 is correct, LB j merges the first half of cert j and X j,1 into cert j .
S201-6具体包括:S201-6 specifically includes:
S201-6-1,LBj验证是否成立;S201-6-1, LB j verification whether it is established;
S201-6-2,如果成立,则LBj验证Xj,1正确;S201-6-2, if established, LB j verifies that X j,1 is correct;
S201-6-3,将certj的前半部分和Xj,1合并为certj。S201-6-3, merge the first half of cert j and X j,1 into cert j .
S201-7,LBj生成sskj以及电子现金验证密钥vk,并公布vk。S201-7, LB j generates ssk j and electronic cash verification key vk, and announces vk.
S201-7具体包括:S201-7 specifically includes:
S201-7-1,LBj选取随机数z←Zp;S201-7-1, LB j selects a random number z←Z p ;
S201-7-2,LBj生成sskj=kz以及vk=gz,并公布vk。S201-7-2, LB j generates ssk j =k z and vk=g z , and announces vk.
2、用户客户端的注册、商家客户端的注册2. Registration of user client and merchant client
其中,用户客户端的注册和商家客户端的注册流程相同,本实施例仅以用户客户端的注册为例进行说明。Wherein, the registration process of the user client is the same as that of the merchant client, and this embodiment only uses the registration of the user client as an example for illustration.
如Ui在电子现金系统中注册流程如下:For example, the registration process of U i in the electronic cash system is as follows:
S202-1,Ui根据PKI中的密钥对(lbsk[i],lbpk[i])计算并发送密钥的承诺值Y′i给CB。S202-1, U i calculates and sends the key commitment value Y′ i to the CB according to the key pair (lbsk[i], lbpk[i]) in the PKI.
S202-2,CB根据Y′i生成Ui的资格证书certi的前半部分,并发送给Ui。S202-2, the CB generates the first half of U i 's qualification certificate cert i according to Y′ i , and sends it to U i .
S202-3,Ui确定certi的前半部有效后,计算Ui的私钥yi,并对yi进行签名得到si,将si发送给CB。S202-3. After U i determines that the first half of cert i is valid, it calculates U i 's private key y i , signs y i to obtain s i , and sends s i to the CB.
S202-4,CB根据lbpk[i]验证si正确后,将Ui的信息添加到注册表Regu[i]中。S202-4. After verifying that s i is correct according to lbpk[i], the CB adds the information of U i to the registry Reg u [i].
S202-5,CB发送certi的前后部分Xi,1给Ui。S202-5. The CB sends the front and back parts X i,1 of the cert i to U i .
S202-6,Ui验证Xi,1正确后,将certi的前半部分和Xi,1合并为certi。S202-6. After U i verifies that X i,1 is correct, merge the first half of cert i and X i,1 into cert i .
S202-7,Ui根据yi生成追踪密钥tk[i],加密tk[i]得到用户追踪密钥密文ei。S202-7, U i generates a tracking key tk[i] according to y i , and encrypts tk[i] to obtain the user tracking key ciphertext e i .
S202-8,Ui将ei,Ai,Xi,2,签名后发送至CB。S202-8, U i will e i , A i , Xi ,2 , Signed and sent to CB.
其中,Ai,Xi,2分别是Ui的证书的一部分,是在用户注册过程中和银行交互时得到的。Among them, A i , Xi , 2 are part of the certificate of U i respectively, which are obtained when the user interacts with the bank during the user registration process.
yi是Ui的私钥,也是在注册过程中用户生成的。可以看做Ui的公钥信息。y i is the private key of U i , which is also generated by the user during the registration process. It can be regarded as the public key information of U i .
CB将元组(i,lbpk[i],Ai,Xi,ei,si)添加到Regu[i]中。CB adds the tuple (i,lbpk[i],A i ,X i ,e i ,s i ) into Reg u [i].
其中,Xi是Ui证书信息的一部分,是在用户注册过程中和银行交互时得到的。Among them, X i is a part of U i certificate information, which is obtained when the user interacts with the bank during the registration process.
Si为用户对其私钥yi进行签名得到的签名值。S i is the signature value obtained by the user signing his private key y i .
下面再以图5所示的流程,对客户端的注册和地方银行服务器的注册再次说明。Next, the registration of the client and the registration of the local bank server will be described again with the flow shown in FIG. 5 .
1.1,地方银行服务器LBj进行注册,LBj拥有在PKI中的密钥对(lbsk[j],lbpk[j]),计算并发送密钥的承诺值Y′j给中央银行服务器CB。1.1. The local bank server LB j registers. LB j owns the key pair (lbsk[j], lbpk[j]) in the PKI, calculates and sends the key commitment value Y′ j to the central bank server CB.
具体的,LBj管理人员点击地方银行LBj客户端中的注册按钮,客户端调取地方银行拥有的在PKI中的密钥对(lbsk[j],lbpk[j]),随机选择y′j←Zp,计算并发送给中央银行服务器。Specifically, the manager of LB j clicks the registration button on the local bank’s LB j client, and the client retrieves the key pair (lbsk[j], lbpk[j]) owned by the local bank in the PKI, and randomly selects y′ j ← Z p , calculate and send to the central bank server.
本发明提供的电子现金系统中,每个银行都需要进行注册,才能获得权力来获得用户开户并接受用户存取电子现金等功能,若不注册,则无法使用。In the electronic cash system provided by the present invention, each bank needs to be registered in order to obtain the authority to obtain functions such as user opening an account and accepting user access to electronic cash. If you do not register, you cannot use it.
1.2,CB生成地方银行资格证书certj的前半部分并发送给LBj。1.2, CB generates the first half of local bank qualification certificate cert j and sends it to LB j .
具体的,CB收到地方银行的注册响应,管理人员接收地方银行发来的响应,则CB选择生成地方银行资格证书certj的前半部分(yj″,Aj,Xj,2)其中并发送(yj″,Aj,Xj,2)给地方银行LBj。Specifically, CB receives the registration response from the local bank, and the manager receives the response from the local bank, then the CB chooses Generate the first half of the local bank qualification certificate cert j (y j ″,A j ,X j,2 ) where And send (y j ″,A j ,X j,2 ) to local bank LB j .
1.3,LBj验证前半部分证书的有效性,若有效,则计算自己的私钥sk[j],并对私钥进行签名得到s[j],将签名发送给CB。1.3. LB j verifies the validity of the first half of the certificate. If it is valid, it calculates its own private key sk[j], signs the private key to obtain s[j], and sends the signature to CB.
具体的,地方银行LBj客户端收到元组序列后,校验等式是否成立,若成立,计算私钥sk[j]=yj=y′j+yj″,得到等式对进行签名得到s[j],最后,将(j,lbpk[j],Aj,Xj,Sj)发送给CB。Specifically, after the local bank LB j client receives the tuple sequence, it checks the equation Whether it is true, if it is true, calculate the private key sk[j]=y j =y′ j +y j ″, and get the equation right Sign to get s[j], and finally, send (j,lbpk[j],A j ,X j ,S j ) to CB.
1.4,CB收到s[j]后,利用lbpk[j]验证签名s[j]的正确性,然后将地方银行的信息添加到注册表RegLB[j]中。然后发送成员资格证书的最后一部分Xj,1给LBj。1.4. After receiving s[j], CB uses lbpk[j] to verify the correctness of signature s[j], and then adds the information of the local bank to the registry Reg LB [j]. Then send the last part X j,1 of the membership certificate to LB j .
具体的,CB收到s[j]后,用lbpk[j]验证签名s[j]的正确性,然后将元组(j,lbpk[j],Aj,Xj,Sj)添加到注册表RegLB[j]中。然后发送成员资格证书的最后一部分给LBj。Specifically, after receiving s[j], CB uses lbpk[j] to verify the correctness of signature s[j], and then adds the tuple (j,lbpk[j],A j ,X j ,S j ) to Registry Reg LB [j]. Then send the last part of the membership certificate to LB j .
1.5,LBj验证收到的值Xj,1的正确性,如验证成功,则得到一个有效的证书certj。随后,LBj生成电子现金签名私钥sskj,以及电子现金验证密钥vk,随后公布验证密钥。1.5. LB j verifies the correctness of the received value X j,1 . If the verification is successful, a valid certificate cert j will be obtained. Subsequently, LB j generates electronic cash signature private key ssk j and electronic cash verification key vk, and then publishes the verification key.
具体的,LBj验证收到的值Xj,1是否确实为(是否与满足配对等式如验证成功,则得到一个有效的证书随后,LBj选择随机数z←Zp,生成电子现金签名私钥sskj=kz,以及电子现金验证密钥vk=gz,随后公布验证密钥。同时地方银行客户端提示管理人员注册成功。Specifically, LB j verifies whether the received value X j,1 is indeed (whether with satisfy the pairing equation If the verification is successful, a valid certificate is obtained Subsequently, LB j selects a random number z←Z p , generates an electronic cash signature private key ssk j =k z , and an electronic cash verification key vk=g z , and then publishes the verification key. At the same time, the local bank client prompts the manager to register successfully.
至此地方银行注册结束。So far the local bank registration is over.
用户注册,与银行注册(步骤2.1到步骤2.5)大体相同,但是用户客户端Ui收到证书certi后,无需计算电子现金签名私钥与验证密钥,但是需要利用私钥yi生成其追踪密钥tk[i]并加密tk[i]得到ei。最后,需要在ei连同Ai,Xi,2,上进行签名并发送给中央银行服务器。中央银行服务器将元组(i,lbpk[i],Ai,Xi,ei,si)添加到注册表Regu[i]中。User registration is roughly the same as bank registration (step 2.1 to step 2.5), but after the user client U i receives the certificate cert i , it does not need to calculate the electronic cash signature private key and verification key, but needs to use the private key y i to generate its Track key tk[i] and encrypt tk[i] to get e i . Finally, it is required that e i together with A i , Xi ,2 , Sign on and send to the central bank server. The central bank server adds the tuple (i,lbpk[i],A i ,X i ,e i ,s i ) into the registry Reg u [i].
具体的,用户注册时首先进行步骤2.1到步骤2.5,与银行注册协议大体相同。注册功能是通过用户客户端和中央银行服务器之间进行通信来完成。用户首先点击用户客户端注册标识符,输入PKI中存有的公私钥对,用户客户端发送用户密钥承诺值(用户客户端对其公钥进行签名,将签名作为请求发送给服务器;)发送给中央银行服务器。首先中央银行服务器验证签名的有效性,若有效,则颁发资格证书发送给用户客户端;用户客户端对服务器的响应进行处理,得到成员资格证书,用户客户端在本地存储证书,并提示用户注册成功。同时,用户客户端生成其追踪密钥:利用私钥yi生成其追踪密钥tk[i],并加密tk[i]得到ei。最后,需要在ei连同Ai,Xi,2,上进行签名并发送给中央银行服务器。中央银行服务器将元组(i,lbpk[i],Ai,Xi,ei,si)添加到注册表Regu[i]中。Specifically, when a user registers, first perform steps 2.1 to 2.5, which are roughly the same as the bank registration protocol. The registration function is accomplished through communication between the user client and the central bank server. The user first clicks on the user client registration identifier, enters the public-private key pair stored in the PKI, and the user client sends the user key commitment value (the user client signs its public key, and sends the signature to the server as a request;) Send to the central bank server. First, the central bank server verifies the validity of the signature, and if it is valid, it issues a qualification certificate and sends it to the user client; the user client processes the server's response to obtain the membership certificate, and the user client stores the certificate locally and prompts the user to register success. At the same time, the user client generates its tracking key: uses the private key y i to generate its tracking key tk[i], and encrypts tk[i] to obtain e i . Finally, it is required that e i together with A i , Xi ,2 , Sign on and send to the central bank server. The central bank server adds the tuple (i,lbpk[i],A i ,X i ,e i ,s i ) into the registry Reg u [i].
注册动作对于用户本身来说就是点击注册,输入PKI的公私钥即可、其余与服务器之间的交互均由用户客户端进行,无需用户处理。For the user itself, the registration action is to click to register, just enter the PKI public and private keys, and the rest of the interaction with the server is performed by the user client without user processing.
商家客户端的注册是通过商家客户端和中央银行服务器之间进行通信来完成。用户首先商家点击商家客户端注册标识符,商家客户端从本地调出用户公私钥,发送用户密钥承诺值(商家客户端对其公钥进行签名,将签名作为请求发送给中央银行服务器)发送给中央银行服务器。首先中央银行服务器验证签名的有效性,若有效,则颁发资格证书发送给商家客户端;商家客户端对中央银行服务器的响应进行处理,得到成员资格证书,商家客户端在本地存储证书,并提示用户注册成功。同时,商家客户端生成其追踪密钥,最后,需要在声称的所有参数上进行签名并发送给中央银行服务器。中央银行将用户添加到注册表中。The registration of the merchant client is accomplished through communication between the merchant client and the central bank server. The user first clicks on the merchant client to register the identifier, and the merchant client calls out the user’s public and private keys locally, and sends the user’s key commitment value (the merchant client signs its public key, and sends the signature to the central bank server as a request) to the central bank server. First, the central bank server verifies the validity of the signature, and if it is valid, it issues a qualification certificate and sends it to the merchant client; the merchant client processes the response from the central bank server to obtain the membership certificate, and the merchant client stores the certificate locally and prompts User registration is successful. At the same time, the merchant client generates its tracking key, and finally, all the parameters of the claim need to be signed and sent to the central bank server. The central bank adds the user to the registry.
三、用户通过用户客户端在地方银行服务器开户3. The user opens an account on the local bank server through the user client
用户在地方银行进行开户,运行于用户和地方银行之间。用户打开本地用户客户端Ui,选择开户,界面显示已经合法注册的地方银行列表,点击地方银行。同时,Ui利用用户已保存的资格证书,通过生成证书承诺值证明值以及追踪密文密钥来证明其身份的合法性,发送给地方银行服务器LBj,地方银行服务器验证请求通过后,则为此用户在本银行开户。地方银行服务器生成响应数据并返回给用户客户端,随后发送追踪密钥密文到中央银行服务器来请求用户追踪密钥,中央银行服务器利用开启密钥对发送的密文进行解密,并生成响应数据返回给地方银行客户端,地方银行客户端对响应进行处理,将追踪密钥密文对存储在用户表中。The user opens an account in the local bank, and it runs between the user and the local bank. The user opens the local user client U i , selects to open an account, the interface displays a list of legally registered local banks, and clicks on the local bank. At the same time, U i uses the qualification certificate saved by the user to prove the legitimacy of its identity by generating the certificate commitment value proof value and tracking the ciphertext key, and sends it to the local bank server LB j . After the local bank server verification request is passed, then For this purpose the user opens an account with the bank. The local bank server generates response data and returns it to the user client, and then sends the tracking key ciphertext to the central bank server to request the user tracking key. The central bank server uses the unlock key to decrypt the sent ciphertext and generates response data Return to the local bank client, the local bank client processes the response, and stores the tracking key ciphertext pair in the user table.
此过程中央银行无需知道用户选择哪个地方银行,这也是安全的电子现金一个性质。中央银行服务器在执行响应之前,首先对接收到的信息进行身份验证,主要验证银行证书的合法性。合法性通过之后将响应数据(追踪密钥)返回给地方银行服务器。地方银行服务器随即对响应进行处理,将追踪密钥密文对存储在用户表中。In this process, the central bank does not need to know which local bank the user chooses, which is also a property of safe electronic cash. Before executing the response, the central bank server first authenticates the received information, mainly verifying the legitimacy of the bank certificate. After the legality is passed, the response data (tracking key) is returned to the local bank server. The local bank server then processes the response and stores the tracking key ciphertext pair in the user table.
S301,Ui对Ui的证书certi进行承诺,得到承诺值并生产证明值Πi。S301, U i makes a commitment to U i 's certificate cert i , and obtains the commitment value And produce proof value Π i .
其中,certi为 Among them, cert i is
S301具体包括:S301 specifically includes:
S301-1,Ui随机选择其中b=1,…,5。S301-1, U i is randomly selected where b=1,...,5.
S301-2,Ui计算 S301-2, U i Computing
其中, in,
其中,表示承诺值的向量表示形式。对于c()表示对括号内的元素进行承诺生成的值的一部分,共同组成大写向量 是系统生成基于DLin假设下的非交互式证明系统通用参考串CRS(即初始化时系统已经生成好的公共参数)。σi是用户Ui证书的第i部分。是中央银行选择的开启密钥,在产生纠纷需要追踪客户时使用, in, A vector representation representing the promise value. For c(), it means part of the value generated by committing to the elements in the brackets, which together form an uppercase vector It is the system that generates the common reference string CRS of the non-interactive proof system based on the assumption of DLin (that is, the public parameters that the system has generated during initialization). σ i is the i-th part of user U i's certificate. It is the opening key selected by the central bank, which is used when a dispute arises and the customer needs to be tracked.
S301-3,Ui根据计算:S301-3, U i according to calculate:
S302,Ui将Πi,以及ei发送至LBj。S302, U i will Π i , and e i are sent to LB j .
具体的,Ui将发送至LBj。Specifically, U i will Send to LB j .
S303,LBj确认Ui身份及certi合法后,为Ui开户。S303, LB j opens an account for U i after confirming U i's identity and cert i are valid.
S303具体包括:S303 specifically includes:
S303-1,LBj验证如下等式是否成立:S303-1, LB j verifies whether the following equation holds true:
其中τT(u)表示一个3×3矩阵,(3,3)位置为u∈GT其余位置为单位元1,即 Where τ T (u) represents a 3×3 matrix, and the position (3,3) is u∈G T , and the rest positions are identity elements 1, that is
所以这里表示一个3×3矩阵,其中(3,3)位置为e(g,u)其余位置为单位元1。So here represents a 3×3 matrix, where the (3,3) position is e(g,u) and the rest of the positions are identity elements 1.
S303-2,若等式成立,则LBj确认Ui身份及certi合法,向Ui返回确认信息并为Ui开户。S303-2, if the equation is established, then LB j confirms that U i's identity and cert i are legal, returns confirmation information to U i and opens an account for U i .
S303-2,若等式不成立,则LBj确认Ui身份及certi不合法,向Ui返回失败信息。S303-2, if the equality is not established, then LB j confirms that U i's identity and cert i are invalid, and returns a failure message to U i .
S304,LBj将ei发送至CB。S304, LB j sends e i to CB.
S305,CB根据sk0计算追踪密钥值tk[i],将ei及tk[i]发送至LBj。S305, the CB calculates the tracking key value tk[i] according to sk0, and sends e i and tk[i] to LB j .
具体的,CB根据sk0(α1,α2)计算将ei及tk[i]发送至LBj。Specifically, CB is calculated according to sk0(α 1 ,α 2 ) Send e i and tk[i] to LB j .
S306,LBj将(ei,tk[i])添加到用户开户列表中。S306, LB j adds (e i ,tk[i]) to the user account opening list.
下面再以图6所示的流程,对用户通过用户客户端在地方银行服务器开户再次说明。Next, with the flow shown in FIG. 6 , the account opening by the user on the local bank server through the user client will be explained again.
2.1,用户客户端Ui需要对持有的证书certi进行承诺计算承诺值 2.1, the user client U i needs to make a commitment to the certificate cert i it holds to calculate the commitment value
因为从用户隐私想考虑,用户不想泄露自己的证书信息给地方银行,仅仅想象地方银行证明自己是合法用户,所以需要对用户客户端存储的证书进行处理。处理过程为,用户打开用户客户端,选择开户,界面显示已经合法注册的地方银行列表,点击地方银行,随即用户客户端计算用户证书的承诺值,承诺值不泄露证书信息,但是能使地方银行验证证书的有效性。Considering user privacy, users do not want to disclose their certificate information to the local bank, but only imagine that the local bank proves that they are legitimate users, so the certificate stored on the user client needs to be processed. The processing process is as follows: the user opens the user client, selects to open an account, the interface displays a list of legally registered local banks, clicks on the local bank, and then the user client calculates the commitment value of the user certificate. The commitment value does not disclose the certificate information, but can make the local bank Verify the validity of the certificate.
具体的,Ui需要对持有的证书进行承诺,客户端随机选择其中b=1,…,5,计算承诺值其中,Specifically, U i needs to hold the certificate Make a commitment, the client randomly chooses Where b=1,...,5, calculate the commitment value in,
2.2,用户并生成证明值Πi。2.2, the user generates a proof value Π i .
本步骤仅仅是用户在用户客户端中申请在某地方银行开户后,用户客户端在本地计算的证明值。This step is only the proof value calculated locally by the user client after the user applies for opening an account with a local bank in the user client.
具体的,客户端计算关于满足如下等式的证明值Πi:Specifically, the client calculates the proof value Π i satisfying the following equation:
每个等式的证明值要包含9个群元素。The proof value of each equation contains 9 group elements.
证明值计算如下:proof value Calculated as follows:
证明值计算如下:proof value Calculated as follows:
证明值计算如下:proof value Calculated as follows:
2.3,Ui将承诺,证明值连同追踪密钥的密文一起发送给LBj。2.3, U i will commit, the proof value together with the ciphertext to track the key Send them to LB j together.
具体的,Ui将承诺,证明值连同追踪密钥的密文一起发送给LBj。Specifically, U i will promise that the proof value together with the ciphertext to track the key Send them to LB j together.
2.4,LBj验证用户的身份即证书的真实合法性,如果验证通过,则向Ui返回确认信息1,表示用户可以在此存取电子现金,为用户开户,否则向Ui返回失败信息0。2.4. LB j verifies the identity of the user, that is, the authenticity of the certificate. If the verification is passed, it will return a confirmation message 1 to U i , indicating that the user can deposit and withdraw electronic cash here, and open an account for the user; otherwise, it will return a failure message 0 to U i .
具体的,LBj收到用户开户响应,要验证用户的身份,即证书的真实合法性,即验证下列等式是否成立:Specifically, LB j receives the user's account opening response and needs to verify the user's identity, that is, the authenticity of the certificate, that is, to verify whether the following equations are true:
如果验证通过,则向Ui返回确认信息1,表示用户可以在此存取电子现金,为用户开户,否则向Ui返回失败信息0。用户客户端收到银行客户端返回的信息后,向用户显示确认开户成功或者失败。If the verification is passed, return confirmation information 1 to U i , indicating that the user can deposit and withdraw electronic cash here, and open an account for the user; otherwise, return failure information 0 to U i . After the user client receives the information returned by the bank client, it will display to the user to confirm the success or failure of the account opening.
2.5,地方银行为了获得对此用户的仲裁权利,需要与要向中央银行申请得到此开户用户的追踪密钥tk[i],中央银行将对于用户的仲裁权利能力赋予地方银行。2.5. In order to obtain the right to arbitrate the user, the local bank needs to apply to the central bank to obtain the tracking key tk[i] of the user who opened the account. The central bank will give the local bank the ability to arbitrate the user.
此步骤中的地方银行并非中央银行选择的,而是用户自己选择的在某地方银行开户,这个地方银行为了获得对此用户的仲裁权利,需要与要向中央银行申请得到此开户用户的追踪密钥,中央银行将对于用户的仲裁权利能力赋予地方银行。The local bank in this step is not selected by the central bank, but the user chooses to open an account in a local bank. In order to obtain the arbitration right of the user, the local bank needs to apply to the central bank to obtain the tracking password of the user who opened the account. Key, the central bank will give the local bank the ability to arbitrate the user.
具体的,LBj为了获得对Ui的仲裁权利,需要向中央银行申请得到此开户用户的追踪密钥 Specifically, in order to obtain the right to arbitrate U i , LB j needs to apply to the central bank for the tracking key of the user who opened the account
2.6,LBj在Ui发送的信息中提取到关于追踪密钥的密文ei,发送给中央银行服务器。2.6, LB j extracts the ciphertext e i about the tracking key from the information sent by U i , and sends it to the central bank server.
具体的,用户开户成功后,LBj将Ui发送的信息中提取到关于追踪密钥的密文ei,发送给中央银行服务器。Specifically, after the user successfully opens an account, LB j extracts the ciphertext e i about the tracking key from the information sent by U i , and sends it to the central bank server.
2.7,中央银行服务器利用开启密钥sk0,计算tk[i],提取出用户的追踪密钥tk[i],并发送给地方银行LBj。2.7. The server of the central bank calculates tk[i] using the unlock key sk0, extracts the tracking key tk[i] of the user, and sends it to the local bank LB j .
具体的,中央银行服务端收到地方银行客户端的信息后,管理人员确认信息来源可靠后,同意中央银行服务端执行响应。中央银行服务器利用sk0(α1,α2)计算提取出用户的追踪密钥tk[i],并发送至LBj。Specifically, after the server of the central bank receives the information from the client of the local bank, the manager confirms that the source of the information is reliable, and agrees to the server of the central bank to execute the response. The central bank server uses sk0(α 1 ,α 2 ) to calculate Extract the user's tracking key tk[i] and send it to LB j .
2.8,LBj将二元组(ei,tk[i])添加到用户开户列表regu[i]中。2.8, LB j adds the binary group (e i ,tk[i]) to the user account opening list reg u [i].
具体的,LBj收到中央银行服务器信息后将二元组(ei,tk[i])添加到用户开户列表regu[i]中。Specifically, LB j adds the binary group (e i , tk[i]) to the user account opening list reg u [i] after receiving the information from the central bank server.
四、用户通过用户客户端从地方银行服务器中提取电子现金4. The user withdraws electronic cash from the local bank server through the user client
用户在其开户的银行取走一笔电子现金,用户得到银行签名的电子现金M,银行则在用户的账户中扣除相应的金额。用户客户端发送取款请求,地方银行服务器利用电子现金签名密钥生成电子现金值作为响应数据发送给用户客户端,并更新用户账户表。用户客户端处理响应并验证电子现金的有效性,若有效则导出并保存电子现金,若无效则重新发送请求。The user withdraws a sum of electronic cash from the bank where the account is opened, the user gets the electronic cash M signed by the bank, and the bank deducts the corresponding amount from the user's account. The user client sends a withdrawal request, and the local bank server uses the electronic cash signature key to generate an electronic cash value and sends it to the user client as response data, and updates the user account table. The user client processes the response and verifies the validity of the electronic cash. If it is valid, it will export and save the electronic cash. If it is invalid, it will resend the request.
S401,用户客户端Ui向地方银行服务器LBj发送取款请求,LBj为Ui的开户银行服务器。S401, the user client U i sends a withdrawal request to the local bank server LB j , where LB j is the server of U i 's account opening bank.
S402,LBj根据取款请求生成电子现金M发送给Ui。S402, LB j generates electronic cash M according to the withdrawal request and sends it to U i .
除此之外,LBj还会更新Ui的用户账户表。In addition, LB j will also update the user account table of U i .
由于取款请求中包括取款金额,因此S402具体包括:Since the withdrawal request includes the withdrawal amount, S402 specifically includes:
S402-0,LBj确认取款金额不大于Ui用户账户表中的存款金额。S402-0, LB j confirms that the withdrawal amount is not greater than the deposit amount in the user account table of U i .
S402-1,根据取款请求确定电子现金M。S402-1. Determine the electronic cash M according to the withdrawal request.
S402-2,LBj利用电子现金签名密钥sskj对M进行签名,生成签名值σ(M)。S402-2, LB j uses the electronic cash signature key ssk j to sign M to generate a signature value σ(M).
S402-2具体包括:S402-2 specifically includes:
S402-2-1,LBj选取随机数s←Zp。S402-2-1, LB j selects a random number s←Z p .
其中,Zp指的是循环群,s是在0到p整数之间选择的一个随机整数。Among them, Z p refers to the cyclic group, and s is a random integer selected between 0 and p integers.
S402-2-2,LBj通过如下公式计算σ(M):S402-2-2, LB j calculates σ(M) by the following formula:
σ(M)=(sskjF(M)s,gs)=(kZF(m)s,gs)。σ(M)=(ssk j F(M) s ,g s )=(k Z F(m) s ,g s ).
gs为g的s次幂,gs为LBj将M进行签名时的一部分,k为M的长度,m=(m1,…,mk)∈{0,1}k。g s is the s power of g, g s is a part of LB j signing M, k is the length of M, m=(m 1 ,...,m k )∈{0,1} k .
其中u0到uk为电子现金系统在初始化时发布的随机向量,ui为随机向量的第i个值u:(u0,u1,…,uk)←Gk+1这里电子现金长度也为k,所以对于电子现金M,计算其签名函数为σ(M)=(sskjF(M)s,gs)=(kZF(m)s,gs)。Among them, u 0 to u k are the random vectors released by the electronic cash system during initialization, and u i is the i-th value u of the random vector: (u 0 ,u 1 ,…,u k )←G k+1 where electronic cash The length is also k, so for electronic cash M, calculate its signature function as σ(M)=(ssk j F(M) s ,g s )=(k Z F(m) s ,g s ).
S402-3,LBj对LBj的证书certj进行承诺并生产证明值 S402-3, LB j makes a commitment to LB j 's certificate cert j and produce proof value
其中,certj=(Aj,Xj,jj),σj4=(uz,gz),σj5=kZF(M)s,σj6=gs;Among them, cert j = (A j ,X j ,j j ), σ j4 =(u z ,g z ), σ j5 =k Z F(M) s , σ j6 =g s ;
且满足如下等式:And satisfy the following equation:
其中Xj,yj,Aj分别是地方银行的证书信息的一部分,证书应为certj=(Aj,Xj,jj),这三个值是在注册时地方银行和中央银行交互式时两方生成的。Among them, X j , y j , and A j are part of the certificate information of the local bank, and the certificate should be cert j = (A j , X j , j j ), these three values are the interaction between the local bank and the central bank during registration The formula is generated by two parties.
e()是双线性配对运算符号,Ω=gγ是中央银行公开的参数,γ是中央银行主密钥;e() is the symbol of bilinear pairing operation, Ω=g γ is the parameter disclosed by the central bank, and γ is the master key of the central bank;
S402-4,LBj将σj,和σ(M)发送给Ui。S402-4, LB j will be σ j , and σ(M) are sent to U i .
S403,Ui验证M的有效性。S403, U i verifies the validity of M.
S403具体包括:S403 specifically includes:
S403-1,Ui根据σj,验证LBj的身份。S403-1, U i according to σ j , Verify the identity of LB j .
S403-2,Ui验证σ(M)。S403-2, U i verifies σ(M).
具体的,验证如下等式是否满足:Specifically, verify whether the following equations are satisfied:
σj,5,σj,4,2,σj,6,σj,4,1,σj,4,2为LBj发给Ui的M中包含的元素。σ j,5 , σ j,4,2 , σ j,6 , σ j,4,1 , σ j,4,2 are the elements contained in M sent by LB j to U i .
S403-3,若S403-1的验证结果为验证通过,且,S403-2的验证结果也为验证通过,则确定验证结果为有效。S403-3. If the verification result of S403-1 is verification passed, and the verification result of S403-2 is also verification passed, determine that the verification result is valid.
S403-4,若S403-1的验证结果为验证不通过,或者,若403-2的验证结果为验证不通过,则确定验证结果为无效。S403-4. If the verification result in S403-1 is that the verification fails, or if the verification result in 403-2 is that the verification fails, determine that the verification result is invalid.
S404,当验证结果为有效时,导出并保存M。S404. Export and save M when the verification result is valid.
S405,当验证结果为无效时,重复执行步骤S401至S403。S405. When the verification result is invalid, repeatedly execute steps S401 to S403.
下面再以图7所示的流程,对用户通过用户客户端从地方银行服务器中提取电子现金再次说明。Next, the process shown in FIG. 7 will be used to explain again how the user withdraws electronic cash from the local bank server through the user client.
3.1,LBj利用电子现金签名私钥sskj对电子现金M进行签名生成签名值σ(M)。3.1. LB j uses the electronic cash signature private key ssk j to sign the electronic cash M to generate a signature value σ(M).
具体的,用户在用户客户端中点击取款功能,选择地方银行。Ui显示用户在地方银行的余额,用户点击取款功能,Ui显示输入框,用户输入取款金额(小于余额)。Ui将取款请求发送给LBj。Specifically, the user clicks on the withdrawal function in the user client and selects a local bank. U i displays the user's balance in the local bank, the user clicks the withdrawal function, U i displays an input box, and the user enters the withdrawal amount (less than the balance). U i sends the withdrawal request to LB j .
LBj收到用户取款请求,验证取款金额小于存款金额,成功则继续执行,否则返回拒绝请求服务。LB j receives the withdrawal request from the user, verifies that the withdrawal amount is less than the deposit amount, and if it succeeds, it will continue to execute; otherwise, it will return a rejection request service.
LBj客户端利用电子现金签名私钥sskj对电子现金M进行签名:选取随机值s←Zp设电子现金M的长度表示为k,那么对于M的签名值可被计算为σ(M)=(sskjF(M)s,gs)=(kZF(m)s,gs),其中(m=(m1,…,mk)∈{0,1}k)。The LB j client uses the electronic cash signature private key ssk j to sign the electronic cash M: select a random value s←Z p and let the length of the electronic cash M be expressed as k, then the signature value for M can be calculated as σ(M) =(ssk j F(M) s ,g s )=(k Z F(m) s ,g s ), where (m=(m 1 ,...,m k )∈{0,1} k ).
3.2,LBj同样需要对自己的证书进行承诺及证明,生成所以LBj最后生成σj,并生成证明值 3.2, LB j also needs to promise and prove its own certificate, generate So LB j finally generates σ j and generates proof value
具体的,LBj同样需要对自己的证书进行承诺及证明,生成所以LBj最后生成并生成证明值 Specifically, LB j also needs to promise and prove its own certificate, and generate So LB j finally generates and generate a proof value
其中,σj4=(u2,g2),σj5=kZF(M)s,σj6=gs。in, σ j4 =(u 2 , g 2 ), σ j5 =k Z F(M) s , σ j6 =g s .
且满足如下等式:And satisfy the following equation:
3.3,LBj将以及证明值一起作为电子现金M发送给Ui。3.3, LB j will and proof value Send them together as electronic cash M to U i .
3.4,Ui对得到的电子现金值要进行正确性验证,首先要用对LBj的身份进行验证,其次要对这笔现金的签名进行判定;若两次均通过验证,则证明该客户得到的电子现金是真实有效的,并且此电子现金可用于以后的支付协议。3.4, U i needs to verify the correctness of the obtained electronic cash value, first of all, it needs to verify the identity of LB j , and second, it needs to judge the signature of the cash; if it passes the verification twice, it proves that the customer has received The electronic cash is real and effective, and this electronic cash can be used for future payment agreements.
具体的,Ui得到的电子现金值要进行正确性验证,首先要用对LBj身份进行验证,即验证证明值与同构的等式成立。其次要对这笔现金的签名进行判定,即验证签名值是否满足以下两个等式:Specifically, to verify the correctness of the electronic cash value obtained by U i , the identity of LB j must be verified first, that is, to verify that the proof value and the isomorphic equation are established. Secondly, it is necessary to judge the signature of the cash, that is, to verify whether the signature value satisfies the following two equations:
若两次均通过验证,则证明该客户得到的电子现金是真实有效的,并且此电子现金可用于以后的支付协议。则Ui向用户显示取款成功,并在本地存储此笔电子现金。If both pass the verification, it proves that the electronic cash obtained by the customer is real and valid, and this electronic cash can be used in future payment agreements. Then U i displays to the user that the withdrawal is successful, and stores the electronic cash locally.
五、用户通过用户客户端向商家客户端支付购物费用5. The user pays the shopping fee to the merchant client through the user client
用户想要在商家进行购物需要支付一笔电子现金,商家输出为1表示接受,输出为0表示拒绝。设此次交易的交易标识为R,并且交易中的电子现金为消费者花费的第F笔电子现金。用户客户端首先生成证书承诺值以及证明值,随后一同将现金序列号以及防双重支付值绑定进即将支付的电子现金中并发送给商家客户端,商家客户端接受响应后验证电子现金有效性,若有效则导出并存储电子现金,并且向消费者客户端返回响应结果。The user needs to pay a sum of electronic cash if he wants to shop at the merchant. The merchant outputs 1 for acceptance and 0 for rejection. Let the transaction identifier of this transaction be R, and the electronic cash in the transaction is the Fth electronic cash spent by the consumer. The user client first generates the certificate commitment value and proof value, and then binds the cash serial number and anti-double payment value into the electronic cash to be paid and sends it to the merchant client, and the merchant client verifies the validity of the electronic cash after receiving the response , if valid, export and store electronic cash, and return the response result to the consumer client.
其中,用户客户端的支付过程如下:消费者在用户客户端中选择点击支付,扫描商家二维码或者输入上家客户端地址信息,成功后,用户客户端成证书承诺值和证明之,在用户客户端中选择在地方银行中取出的电子现金,用户客户端将现金序列号以及防双重支付值绑定进即将支付的电子现金中,用户客户端将上述生成的值发送给商家客户端。Among them, the payment process of the user client is as follows: the consumer chooses to click to pay in the user client, scans the QR code of the merchant or enters the address information of the previous client. The client selects the electronic cash withdrawn from the local bank, the user client binds the cash serial number and the anti-double payment value into the electronic cash to be paid, and the user client sends the value generated above to the merchant client.
上述过程中,消费者呈现给商家的是3个东西:1)消费者的身份信息,即证书的承诺值和证明值。2)电子现金。3)证明电子现金有效的信息(序列号,防双重支付值)。In the above process, what the consumer presents to the merchant is three things: 1) The identity information of the consumer, that is, the commitment value and proof value of the certificate. 2) Electronic cash. 3) Information proving the validity of the electronic cash (serial number, anti-double payment value).
在具体消费中,首先消费者利用本地用户客户端识别商家客户端地址(通过扫描二维码或者输入地址等途径),识别成功后,则可以选择支付金额,进入选择电子现金界面,选择从银行取出的电子现金。选择成功后用户客户端进行一系列计算,完成后用户可以点击支付,将选择的电子现金发送给商家。商家客户端受到响应后,验证现金的有效性和来源的合法性,验证成功后提示商家提示收到现金一笔,金额XX。In specific consumption, consumers first use the local user client to identify the address of the merchant client (by scanning the QR code or inputting the address, etc.). Withdrawn electronic cash. After the selection is successful, the user client performs a series of calculations. After the completion, the user can click Pay to send the selected electronic cash to the merchant. After the merchant client receives the response, it verifies the validity of the cash and the legitimacy of the source. After the verification is successful, it prompts the merchant to receive a cash amount of XX.
S501,Ui计算花费电子现金时的序列号S以及防双重支付值 S501, U i calculates the serial number S and anti-double payment value when spending electronic cash
S502,Ui将M的替换成Ui对自己身份的承诺 S502, U i will M's Replaced by U i's commitment to its own identity
S503,Ui生成花费的电子现金的临时标识 S503, U i generates a temporary identification of spent electronic cash
S504,Ui生成证明值 S504, U i generates proof value
S504具体包括:S504 specifically includes:
Ui根据计算:U i according to calculate:
S505,Ui生成花费的电子现金S505, U i generates electronic cash for spending
S506,Ui将M'支付给商家客户端。S506, U i pays M' to the merchant client.
S507,商家客户端对Ui的身份进行验证。S507, the merchant client verifies the identity of U i .
S507具体包括:S507 specifically includes:
商家客户端验证如下等式是否成立:The merchant client verifies whether the following equation holds true:
S508,商家客户端确认M'是否由LBj签名。S508, the merchant client confirms whether M' is signed by LB j .
S508具体包括:S508 specifically includes:
商家客户端验证如下等式是否成立:The merchant client verifies whether the following equation holds true:
S509,若S507验证通过,且,S508确认成功,则商家客户端接收M'。S509, if the verification in S507 is passed, and the confirmation in S508 is successful, then the merchant client receives M'.
S510,电子现金系统删除花费电子现金相关的交易标识,并执行交易。S510, the electronic cash system deletes transaction identifiers related to spending electronic cash, and executes the transaction.
下面再以图8所示的流程,对用户通过用户客户端向商家客户端支付购物费用再次说明。Next, with the flow shown in FIG. 8 , the payment of the shopping fee by the user to the merchant client through the user client will be described again.
4.1,为了防止重花费问题,消费者(也即特殊用户)需要首先计算在花费此笔电子现金时的序列号S以及防双重支付值T。4.1. In order to prevent double spending, consumers (that is, special users) need to first calculate the serial number S and anti-double payment value T when spending this electronic cash.
具体的,用户想要在商家进行购物需要支付一笔电子现金,首先打开消费者用户客户端Ui,选择支付功能。Ui向消费者显示客户端中电子现金的余额以及个数,消费者选择需要支付的相应电子现金。Ui计算花费电子现金时的序列号S以及防双重支付值 Specifically, the user needs to pay a sum of electronic cash if he wants to shop at the merchant. First, he opens the consumer user client U i and selects the payment function. U i displays the balance and number of electronic cash in the client to the consumer, and the consumer selects the corresponding electronic cash to be paid. U i calculates the serial number S and anti-double payment value when spending electronic cash
4.2,Ui将从银行中取出的电子现金进行修改,将电子现金内与银行身份有关的信息替换成Ui对自己身份的承诺 4.2, U i will modify the electronic cash withdrawn from the bank, and the information related to the identity of the bank in the electronic cash Replaced by U i's commitment to its own identity
4.3,Ui生成与此电子现金有关的临时ID,记为σ0,生成证明值 4.3, U i generates a temporary ID related to this electronic cash, denoted as σ 0 , and generates a proof value
具体的,Ui生成与此电子现金有关的临时ID:记为σ0。同时给出下列公式相应证明:Specifically, U i generates a temporary ID related to this electronic cash: Denote as σ 0 . At the same time, the corresponding proof of the following formula is given:
前三个等式是关于σ'1,1,σ'1,2,σ'2,2,σ'3的二次配对等式,因此每个等式的证明与步骤2.2的证明方法相同。根据Groth-Sahai证明系统,对于第四个等式的证明计算如下:The first three equations are quadratic pairing equations about σ' 1,1 , σ' 1,2 , σ' 2,2 , σ' 3 , so the proof of each equation is the same as that of step 2.2. According to the Groth-Sahai proof system, for the proof of the fourth equation Calculated as follows:
4.4,Ui将序列号S,防双重支付值T以及临时ID添加进电子现金M'中,则电子现金4.4, U i adds the serial number S, anti-double payment value T and temporary ID to the electronic cash M', then the electronic cash
4.5,Ui将电子现金M'支付给商家客户端。4.5, U i pays the electronic cash M' to the merchant client.
具体的,消费者需要协助Ui绑定商家地址。Ui需要通过扫描二维码或者输入商家地址信息等方式识别商家地址。实现将电子现金支付给商家Mj。Specifically, the consumer needs to assist U i to bind the merchant address. U i needs to identify the business address by scanning the QR code or inputting the business address information. Realize the payment of electronic cash to the merchant M j .
4.6,商家客户端收到电子现金后,首先要用对用户的身份进行验证。4.6. After the merchant client receives the electronic cash, it must first verify the identity of the user.
具体的,商家客户端收到电子现金后,首先要用对用户的身份进行验证,即验证证明值是否满足等式:Specifically, after the merchant client receives the electronic cash, it must first verify the user's identity, that is, verify whether the proof value satisfies the equation:
4.7,商家客户端对这笔现金的签名进行判定,即验证下列等式是否成立,来确定现是否金是由银行签名的。4.7, the merchant client judges the signature of the cash, that is, verifies whether the following equations are true, to determine whether the cash is signed by the bank.
4.8,如果上2个步骤均验证成功,则接受该电子现金,电子现金系统自动删除交易标识并执行买卖交易,否则拒绝。4.8. If the verification in the previous two steps is successful, the electronic cash will be accepted, and the electronic cash system will automatically delete the transaction ID and execute the transaction, otherwise it will be rejected.
具体的,如果上2个步骤均验证成功,则接受该电子现金,商家客户端提示商家收款成功,否则拒绝。Specifically, if the verification in the previous two steps is successful, the electronic cash is accepted, and the merchant client prompts the merchant that the payment has been successfully received, otherwise it is rejected.
六、商家通过商家客户端在地方银行服务器中存入电子现金6. The merchant deposits electronic cash in the local bank server through the merchant client
商家在其开户的银行存入一笔电子现金,银行则在用户的账户中增添相应的金额。商家客户端首先生成证书承诺值以及证明值,随后连同收到的现金一起发送给地方银行服务器,地方银行服务器接受响应后验证电子现金有效性,若有效则继续验证电子现金是否被重复花费,若两者均验证通过,则更新用户账户表,最后向商家客户端返回响应。The merchant deposits an amount of electronic cash in the bank where the merchant opens the account, and the bank adds the corresponding amount to the user's account. The merchant client first generates the certificate commitment value and proof value, and then sends them together with the received cash to the local bank server. After receiving the response, the local bank server verifies the validity of the electronic cash. If it is valid, it continues to verify whether the electronic cash has been spent repeatedly. If both are verified, update the user account table, and finally return a response to the merchant client.
S601,商家客户端将M'的替换成商家客户端对自己身份的承诺并生产证明值 S601, the merchant client sends the M' Replaced by the merchant's client's commitment to its own identity and produce proof value
S602,商家客户端将S601替换后的代存电子现金发送给地方银行服务器LBc。S602, the deposit electronic cash after the merchant client replaces S601 Send to local bank server LB c .
S603,LBc验证商家客户端身份。S603, LB c verifies the identity of the merchant client.
S604,LBc确定M”是否有效。S604, LB c determines whether M" is valid.
S605,若S603验证通过,且,S604确认成功,则LBc检查数据库中是否有与S相同的值。S605, if the verification in S603 is passed, and the confirmation in S604 is successful, then LB c checks whether there is a value identical to S in the database.
S606,若无与S相同的值,则LBc将M”存入商家客户端的账户,并在数据库中记录M”的交易信息,交易信息至少包括S和T。S606, if there is no value identical to S, then LB c deposits M" into the account of the merchant client, and records the transaction information of M" in the database, the transaction information includes at least S and T.
S607,若有与S相同的值,则LBc获取数据库中S值对应的计算将g1/S+i+1带入T=gZ·(g1/S+i+1)R求得根据识别重复花费用户身份信息。S607, if there is the same value as S, then LB c obtains the value corresponding to the S value in the database calculate Put g 1/S+i+1 into T=g Z ·(g 1/S+i+1 ) R to obtain according to Identify duplicate spending user identity information.
下面再以图9所示的流程,对商家通过商家客户端在地方银行服务器中存入电子现金再次说明。Next, with the flow shown in FIG. 9 , the merchant deposits electronic cash in the local bank server through the merchant client to explain again.
5.1,商家将从消费者处得到的电子现金存入银行,首先需要将电子现金进行处理,将电子现金内与消费者身份有关的信息替换成客户对自己身份的承诺,并给出相应证明值,同步骤4.2。5.1, when the merchant deposits the electronic cash obtained from the consumer into the bank, it first needs to process the electronic cash, replace the information related to the consumer's identity in the electronic cash with the customer's commitment to his own identity, and give the corresponding proof value , same as step 4.2.
具体的,商家客户端电子现金M'存入银行LBc,首先在商家客户端中选择存款功能,商家客户端显示用户已开户的地方银行列表,用户选择银行LBc。商家客户端显示用户本地收到的电子现金,用户选择想要存入银行的现金M'。商家客户端首先需要将电子现金进行处理,将电子现金内与消费者身份有关的信息替换成商家客户端对自己身份的承诺并给出相应证明值,同步骤4.2。Specifically, the merchant client deposits electronic cash M' into bank LB c , first selects the deposit function in the merchant client, and the merchant client displays the list of local banks where the user has opened an account, and the user selects the bank LB c . The merchant client displays the electronic cash received locally by the user, and the user selects the cash M' that he wants to deposit in the bank. The merchant client first needs to process the electronic cash, and the information related to the identity of the consumer in the electronic cash Replaced by the merchant's client's commitment to its own identity And give the corresponding proof value, same as step 4.2.
5.2,商家客户端将处理后的现金发送给LBc。5.2, the merchant client sends the processed cash to LB c .
具体的,商家客户端将处理后的现金发送给LBc。Specifically, the merchant client will process the cash Send to LB c .
5.3,LBc首先要确定商家的身份即承诺及证明的真实合法性,验证方法同步骤2.4。5.3, LB c must first determine the identity of the merchant, that is, the authenticity and legitimacy of the promise and proof, and the verification method is the same as step 2.4.
5.4,LBc要对电子现金进行判定,即验证M”中的签名值能否使配对等式是否成立。5.4, LB c needs to judge the electronic cash, that is, to verify whether the signature value in M" can make the pairing equation hold.
5.5,若步骤5.3和5.4的验证同时成立,则证明LBc得到的电子现金是真实有效的,并将其存入商家账户。5.5. If the verifications of steps 5.3 and 5.4 are established at the same time, it proves that the electronic cash obtained by LB c is authentic and valid, and it will be deposited into the merchant's account.
5.6,LBc需要在电子现金存入电子现金数据库Reg[C]中检查是否有值与S相等,若有相等的情况,则此笔电子现金被重复花费过,则银行提取出两笔S值相等的现金中的中T,T'进行如下计算:随后银行可以将g1/S+i+1的值带入T求得从而重复花费用户身份信息被识别出。若没有被重复花费过,则将此笔现金存入商家账户。并在已花费电子现金数据库中记录此笔现金。5.6, LB c needs to check whether there is a value equal to S in the electronic cash stored in the electronic cash database Reg[C]. If there is an equal situation, the electronic cash has been spent repeatedly, and the bank withdraws two S values T, T' in equal cash is calculated as follows: Then the bank can bring the value of g 1/S+i+1 into T to get Thus, the identity information of the double-spending user is identified. If it has not been spent repeatedly, the cash will be deposited into the merchant's account. And record the cash in the spent electronic cash database.
具体的,LBc在电子现金存入电子现金数据库Reg[C]中检查是否有值与S相等若有相等的情况,则此笔电子现金被重复花费过,则银行提取出两笔S值相等的现金中的中进行如下计算:随后LBc将g1/S+i+1的值带入T=gZ·(g1/S+i+1)R便可求得从而重复花费客户身份信息被识别出。若没有被重复花费过,则将此笔现金存入商家账户。并在已花费电子现金数据库中记录此笔现金。Specifically, LB c checks whether there is a value equal to S in the electronic cash stored in the electronic cash database Reg[C]. If it is equal, the electronic cash has been spent repeatedly, and the bank withdraws two S values equal of the cash Do the following calculations: Then LB c takes the value of g 1/S+i+1 into T=g Z ·(g 1/S+i+1 ) R to obtain In this way, the identity information of customers who spend repeatedly is identified. If it has not been spent repeatedly, the cash will be deposited into the merchant's account. And record the cash in the spent electronic cash database.
七、中央银行服务器监控非法交易7. The central bank server monitors illegal transactions
若存在非法交易,合法用户或者地方银行有权通报中央银行。中央银行需要通过此步骤来追踪出交易方用户的身份。中央银行输入用户资格证书CID与开启密钥sk0,输出用户身份ID。In case of illegal transactions, legal users or local banks have the right to notify the central bank. The central bank needs to go through this step to trace the identity of the transaction party user. The central bank inputs the user qualification certificate C ID and the unlock key sk0, and outputs the user ID.
S701,CB从电子现金M″′中提取C(σ3),通过sk0打开C(σ3),计算 S701, CB extracts C(σ 3 ) from electronic cash M″′, opens C(σ 3 ) through sk0, and calculates
S702,CB在RegLB[i]中查找是否有表项 S702, CB checks whether there is an entry in Reg LB [i]
S702,若有表项则CB根据d追踪M″′涉及的客户端身份,客户端为用户客户端,或者,客户端为商家客户端。S702, if there is an entry Then the CB tracks the identity of the client involved in M"' according to d, and the client is a user client, or the client is a merchant client.
例如,E.g,
6.1,中央银行服务器首先从电子现金中提取出得到客户的证书承诺值C(σ3),利用开启密钥sk0=(α1,α2),在签名中打开C(σ3),计算出 6.1, the central bank server first extracts the customer's certificate commitment value C(σ 3 ) from the electronic cash, uses the open key sk0=(α 1 ,α 2 ), opens C(σ 3 ) in the signature, and calculates
具体的,首先合法用户或者地方银行通过本地客户端,将非法电子现金发送至中央银行服务器。中央银行服务器验证信息有效性,若有效,则首先从电子现金中提取出得到用户的证书承诺值C(σ3),利用开启密钥sk0=(α1,α2),在签名中打开C(σ3),计算出 Specifically, firstly, a legal user or a local bank sends illegal electronic cash to the server of the central bank through a local client. The central bank server verifies the validity of the information. If it is valid, it first extracts the user’s certificate commitment value C(σ 3 ) from the electronic cash, and uses the open key sk0=(α 1 ,α 2 ) to open C in the signature. (σ 3 ), calculate
6.2,中央银行服务器在注册列表RegLB[i]中查找是否有表项若存在则返回对应的标志符d,追踪到客户的身份。6.2, the central bank server checks whether there is an entry in the registration list Reg LB [i] If it exists, return the corresponding identifier d to trace the identity of the customer.
八、两客户端的电子现金仲裁8. Electronic cash arbitration between two clients
其中,客户端可以为用户客户端,也可以为商家客户端,即可以仲裁2个用户客户端间的电子交易纠纷,也可以仲裁2个商家客户端间的电子交易纠纷,还可以仲裁1个用户客户端和1个商家客户端间的电子交易纠纷。Among them, the client can be a user client or a merchant client, that is, it can arbitrate electronic transaction disputes between two user clients, it can also arbitrate electronic transaction disputes between two merchant clients, and it can also arbitrate one An electronic transaction dispute between a user client and a merchant client.
特定情况下,若用户双方产生纠纷,用户意图通过签发电子现金的某地方银行,来判定某笔电子现金是否是由用户生成的这一判定进行仲裁,输入某笔电子现金与追踪密钥密钥tk[d],输出判定向量τ,所有人都能通过此致来判定此电子现金是否是拥有追踪密钥tk[d]的用户生成的。Under certain circumstances, if there is a dispute between the two users, the user intends to arbitrate through a certain local bank that issued the electronic cash to determine whether a certain amount of electronic cash was generated by the user, and enter a certain amount of electronic cash and the tracking key key tk[d], the output judgment vector τ, everyone can judge whether the electronic cash is generated by the user who has the tracking key tk[d] through this letter.
下面以用户1和用户2发生纠纷为例,进行说明。In the following, a dispute between user 1 and user 2 is taken as an example for illustration.
S801,用户1通过用户客户端1根据电子现金Md中的vk确定签发Md的地方银行服务器LBd,并向LBd发送Md的仲裁申请。S801, user 1 determines the local bank server LB d that issues M d through the user client 1 according to vk in the electronic cash M d , and sends an arbitration application for M d to LB d .
S802,LBd提取Md的用户追踪密钥密文ed,确定对应的追踪密钥值tk[d],根据tk[d]确认Md的生成客户端。S802, LB d extracts the user tracking key ciphertext ed of M d , determines the corresponding tracking key value tk[d], and confirms the generation client of M d according to tk[d].
S803,LBd输出盲化值以及生成客户端,以使客户端2能够验证的有效性,并跟踪仲裁过程。S803, LB d output blinding value and generate the client to enable client 2 to authenticate validity and to track the arbitration process.
S803具体包括:S803 specifically includes:
S803-1,LBd选取β←Zp。S803-1, LB d selects β←Z p .
S803-2,LBd输出以及生成客户端。S803-2, LB d output and generate the client.
S804,用户2的用户客户端2通过基于和e(σ4,2,c3)=e(c2,g)验证的有效性,并通过跟踪仲裁过程。S804, the user client 2 of the user 2 passes the and e(σ 4,2 ,c 3 )=e(c 2 ,g) verify validity, and by Track the arbitration process.
例如,E.g,
7.1,用户从电子现金中提取出验证公钥vk,来找到签发此笔电子现金的地方银行,并向其服务器LBd发送目标电子现金值Md来申请执行仲裁。7.1, the user extracts the verification public key vk from the electronic cash to find the local bank that issued the electronic cash, and sends the target electronic cash value M d to its server LB d to apply for arbitration.
具体的,用户1和用户2发生纠纷,则用户1在用户客户端1中选择仲裁功能,从用户1处收到的电子现金中提取出验证公钥vk,来识别出到签发此笔电子现金的地方银行。用户客户端1向LBd发送目标电子现金值Md来申请执行仲裁。Specifically, when a dispute occurs between user 1 and user 2, user 1 selects the arbitration function in user client 1, and extracts the verification public key vk from the electronic cash received by user 1 to identify and issue the electronic cash local bank. User client 1 sends target electronic cash value M d to LB d to apply for arbitration.
7.2,LBd从电Md中提取出用户追踪密钥密文ed,从用户表中找到与其对应的追踪密钥值tk[d],来确认此笔现金确实是由此用户生成的。7.2, LB d extracts the user tracking key ciphertext ed from email M d , and finds the corresponding tracking key value tk[d] from the user table to confirm that the cash is indeed generated by this user.
具体的,LBd管理员确认后,LBd从Md中提取出用户追踪密钥密文ed。从用户表中找到与其对应的追踪密钥值tk[d],来确认此笔现金确实是由此用户生成的。Specifically, after the administrator of LB d confirms, LB d extracts the user tracking key ciphertext ed from M d . Find the corresponding tracking key value tk[d] from the user table to confirm that the cash is indeed generated by this user.
7.3,LBd输出一个盲化值以及生成客户端。任何人能够验证这一盲化值的有效性,并确定追踪过程的结果。7.3, LB d outputs a blinded value and generate the client. Anyone can verify the validity of this blinded value and determine the outcome of the tracking process.
具体的,LBd选取β←Zp,输出一个盲化三元组以及生成客户端给用户客户端2。Specifically, LB d selects β←Z p and outputs a blinded triplet And generate the client to the user client 2.
用户客户端2通过等式和e(σ4,2,c3)=e(c2,g)来验证这一三元组的有效性,并通过验证等式是否成立来确定追踪过程的结果,最终将结果通过用户客户端2界面发布给用户2。User client 2 passes the equation and e(σ 4,2 ,c 3 )=e(c 2 ,g) to verify the validity of this triplet, and by verifying the equation Whether it is true or not determines the result of the tracking process, and finally publishes the result to the user 2 through the user client 2 interface.
本实施例提供的系统,用户客户端Ui向地方银行服务器LBj发送取款请求,LBj为Ui的开户银行服务器;LBj根据取款请求生成电子现金M发送给Ui;Ui验证M的有效性;当验证结果为有效时,导出并保存M,解决可交易中传统纸币带来的各种限制因素,同时有效保护用户的匿名性。In the system provided in this embodiment, the user client U i sends a withdrawal request to the local bank server LB j , and LB j is U i 's account opening bank server; LB j generates electronic cash M according to the withdrawal request and sends it to U i ; U i verifies M The validity; when the verification result is valid, export and save M to solve various constraints brought by traditional banknotes in the transaction, while effectively protecting the anonymity of users.
需要明确的是,本发明并不局限于上文所描述并在图中示出的特定配置和处理。为了简明起见,这里省略了对已知方法的详细描述。在上述实施例中,描述和示出了若干具体的步骤作为示例。但是,本发明的方法过程并不限于所描述和示出的具体步骤,本领域的技术人员可以在领会本发明的精神后,作出各种改变、修改和添加,或者改变步骤之间的顺序。It is to be understood that the invention is not limited to the specific arrangements and processes described above and shown in the drawings. For conciseness, detailed descriptions of known methods are omitted here. In the above embodiments, several specific steps are described and shown as examples. However, the method process of the present invention is not limited to the specific steps described and shown, and those skilled in the art can make various changes, modifications and additions, or change the sequence of steps after understanding the spirit of the present invention.
还需要说明的是,本发明中提及的示例性实施例,基于一系列的步骤或者装置描述一些方法或系统。但是,本发明不局限于上述步骤的顺序,也就是说,可以按照实施例中提及的顺序执行步骤,也可以不同于实施例中的顺序,或者若干步骤同时执行。It should also be noted that the exemplary embodiments mentioned in the present invention describe some methods or systems based on a series of steps or devices. However, the present invention is not limited to the order of the above steps, that is, the steps may be performed in the order mentioned in the embodiment, or may be different from the order in the embodiment, or several steps may be performed simultaneously.
最后应说明的是:以上所述的各实施例仅用于说明本发明的技术方案,而非对其限制;尽管参照前述实施例对本发明进行了详细的说明,本领域的普通技术人员应当理解:其依然可以对前述实施例所记载的技术方案进行修改,或者对其中部分或全部技术特征进行等同替换;而这些修改或替换,并不使相应技术方案的本质脱离本发明各实施例技术方案的范围。Finally, it should be noted that: the above-described embodiments are only used to illustrate the technical solutions of the present invention, rather than to limit them; although the present invention has been described in detail with reference to the foregoing embodiments, those of ordinary skill in the art should understand : It is still possible to modify the technical solutions described in the foregoing embodiments, or perform equivalent replacements to some or all of the technical features; and these modifications or replacements do not make the essence of the corresponding technical solutions deviate from the technical solutions of the various embodiments of the present invention range.
Claims (11)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711346525.0A CN108090751A (en) | 2017-12-15 | 2017-12-15 | Electronic cash system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711346525.0A CN108090751A (en) | 2017-12-15 | 2017-12-15 | Electronic cash system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN108090751A true CN108090751A (en) | 2018-05-29 |
Family
ID=62176416
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201711346525.0A Pending CN108090751A (en) | 2017-12-15 | 2017-12-15 | Electronic cash system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108090751A (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108737435A (en) * | 2018-05-30 | 2018-11-02 | 阿里巴巴集团控股有限公司 | A method and device for account initialization |
US11226952B2 (en) | 2018-07-27 | 2022-01-18 | Advanced New Technologies Co., Ltd. | Method, apparatus and electronic device for blockchain-based asset issuance |
CN114519573A (en) * | 2020-11-19 | 2022-05-20 | 如般量子科技有限公司 | Digital currency double-off-line transaction method and system with two anonymous sides |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5926548A (en) * | 1996-05-29 | 1999-07-20 | Nippon Telegraph And Telephone Corporation | Method and apparatus for implementing hierarchical electronic cash |
US6003765A (en) * | 1996-05-16 | 1999-12-21 | Nippon Telegraph And Telephone Corporation | Electronic cash implementing method with a surveillance institution, and user apparatus and surveillance institution apparatus for implementing the same |
CN2828937Y (en) * | 2005-09-17 | 2006-10-18 | 柳长庆 | Device for recogniting number on paper money |
-
2017
- 2017-12-15 CN CN201711346525.0A patent/CN108090751A/en active Pending
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6003765A (en) * | 1996-05-16 | 1999-12-21 | Nippon Telegraph And Telephone Corporation | Electronic cash implementing method with a surveillance institution, and user apparatus and surveillance institution apparatus for implementing the same |
US5926548A (en) * | 1996-05-29 | 1999-07-20 | Nippon Telegraph And Telephone Corporation | Method and apparatus for implementing hierarchical electronic cash |
CN2828937Y (en) * | 2005-09-17 | 2006-10-18 | 柳长庆 | Device for recogniting number on paper money |
Non-Patent Citations (3)
Title |
---|
徐明等: "电子支付研究综述", 《计算机技术与发展》 * |
李宇溪: "基于可追踪动态签名的公平离线电子现金系统", 《中国优秀硕士学位论文全文数据库·经济与管理科学辑》 * |
袁遇晴等: "基于身份的高效的群盲签名方案", 《计算机应用与软件》 * |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108737435A (en) * | 2018-05-30 | 2018-11-02 | 阿里巴巴集团控股有限公司 | A method and device for account initialization |
CN108737435B (en) * | 2018-05-30 | 2020-09-18 | 阿里巴巴集团控股有限公司 | Account initialization method and device |
US11226952B2 (en) | 2018-07-27 | 2022-01-18 | Advanced New Technologies Co., Ltd. | Method, apparatus and electronic device for blockchain-based asset issuance |
CN114519573A (en) * | 2020-11-19 | 2022-05-20 | 如般量子科技有限公司 | Digital currency double-off-line transaction method and system with two anonymous sides |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108764874B (en) | Blockchain-based anonymous transfer method, system and storage medium | |
US20240303635A1 (en) | Token-based off-chain interaction authorization | |
US20200336315A1 (en) | Validation cryptogram for transaction | |
US10535065B2 (en) | Secure payment transactions based on the public bankcard ledger | |
EP3834156A1 (en) | Systems and methods for blockchain addresses and owner verification | |
TW201944757A (en) | Computer-implemented system and method suitable for increasing the security of instant off-line blockchain transactions | |
Hwang et al. | A simple micro-payment scheme | |
CN107230054B (en) | Method and system for depositing digital currency into a deposit account | |
TW200820108A (en) | Method for automatically validating a transaction, electronic payment system and computer program | |
CN104717067B (en) | Safe verification method, equipment and system based on non-interactive type Zero Knowledge | |
US9165297B2 (en) | Virtual account and token-based digital cash protocols | |
CN112232828A (en) | Power grid data transaction method and system | |
Zhang et al. | An anonymous off-blockchain micropayments scheme for cryptocurrencies in the real world | |
US20230325791A1 (en) | Proxied cross-ledger authentication | |
CN108090751A (en) | Electronic cash system | |
WO2009137971A1 (en) | Method and system of secure payment based on electronic contracts | |
Hampiholi et al. | Privacy-preserving webshopping with attributes | |
US20240078522A1 (en) | Interaction channel balancing | |
Mazumdar et al. | On-line electronic payment system using signcryption | |
Sadeghi et al. | Electronic payment systems | |
EP4379631A1 (en) | Digital wallet device and dual offline transaction method thereof | |
JP2021052260A (en) | Transaction information processing system | |
EP3792857A1 (en) | Efficient partially spendable e-cash | |
JP3599493B2 (en) | Electronic cash method and user device with separate issuing agency number registration type | |
Luo et al. | An e-cash Scheme with Multiple Denominations and Transferability |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20180529 |
|
RJ01 | Rejection of invention patent application after publication |