Centre Name : ICAI Bhawan, Cuffe Parade,

Mumbai.

Group Leader: Hrishikesh

Name

Yash

Shubbham

Abrar

Samuel Thomas

Hrishikesh

Vijay

1

2

1. In the era of information Tech revolution, advances in computer

technology and internet have led to development and gradual widespread use of

concepts such as e-commerce, e-banking, DMAT accounts, e-governance, e-retail.

2. Countries and trade blocs are vying each other to become the global currency

for trade, currently dollar holds the distinction of being the most widely

accepted currency. Advances in Digital Cash mechanism could create a truly

global currency, and e-currencies like `Bitcoin’ could also be traded offline.

3. Global response Digital cash and e-currencies like `Flooz’,`Beenz’, and David

Chaum created `DigiCash’, is evidence of its potential. Specifically, merchants are

interested in new and exciting payment mechanism, something which would

offer anonymity and global acceptance.

3

Digital cash aims to mimic the functionality of paper cash, by providing such properties

of anonymity and transferability of payment. Digital cash is intended to be

implemented data which can be copied, stored, or given as payment (for example,

attached to an email message, or via a USB stick, Bluetooth, etc).

Just like paper currency and coins, digital cash is intended to represent value because it

is backed by a trusted third party (namely, the government and the banking industry).

A payment message bearing a digital signature which functions as a medium of

exchange or store of value.

Need to be backed by a trusted third party, usually the government or banks.

4

David Lee Chaum (born 1955) is the inventor of many cryptography protocols, as well as E-cash and DigiCash. His 1981 paper, "Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms", laid the groundwork for the field of anonymous communications research. The first electronic payment was sent in 1994.

5

• Most money is already paid in electronic form; for example, by credit or debit card, and by

direct transfer between accounts, or by on-line services such as PayPal. This kind of electronic

money is not digital cash, because it doesn't have the properties of cash (namely, anonymous

and off-line transferability between holders).

• Buyer can pay electronically by transmitting a unique number (called digital certificate)

similar to a banknote number. Like the serial numbers on real dollar bills, the digital cash

numbers are unique. Each one is issued by a bank and represents a specified sum of real

money. One of the key features of digital cash is that, like real cash, it is anonymous and

reusable. That is, when a digital cash amount is sent from a buyer to a vendor, there is no way

to obtain information about the buyer.

• Unlike credit card payments where the identity of the buyer can be established,

digital cash (just like real cash) is anonymous. Credit cards and e-cash can be used for online

transactions or via POS machines only , Digital cash can be used offline.

• Thus all digital cash is e-cash but all e-cash is not digital cash. Also called electronic

cash.6

How cash will transform!

7

Anonymous Reusable (Portable)Offline

Transaction

Secure Peer-to-Peer

Widely Accepted

8

Transfer Digital Cash

Linked with other

banks.

9

Traceable Online Digital Cash

Untraceable Offline Digital

Cash

Untraceable Online Digital

Cash

Traceable Offline Digital

Cash10

Bank

MerchantUser

• Alice gets Digital Cash from

Bank

– Alice creates m=amount,

serial number

– Private, public key pair of

the bank is d,e (mod n)

– Bank returns md

• Alice pays Digital Cash to a

Merchant

– md

• Merchant can verify md with

the Bank

Link with Other Banks

Payments

Wit

hdra

w C

oin

s

11

• Blind signatures are used when you want someone to sign something but you don’t want them to see what they are signing.

• This is done by multiplying the message by a secret number (called blinding).

• The signer signs the blinded message.

• The secret number can be divided out to get a signed version of the message.

12

• message m = amount

• d is secret key of the

Bank

• Add a blinding factor b

r = (m)be

rd = (mbe)d

Bank could keep a

record of r

Remove blinding factor

(mbe)d = (m)dbed

b-1 md

13

• Banks public key = 17 (n=77)

• Banks private key = 53

• Alice’s message = 28

• Alice chooses a blinding factor=6

• Alice asks Bob to sign 28*617

mod 77 = 70

• Bob signs 70 and sends Alice 7053 mod 77=42

• Alice can compute 42.6-1(mod 77) to get 7

– Note that 2853 mod 77 = 7

Blind Signature

14

• Alice creates k items of m

Random Serial Number

m1

Random Serial Number

, …, mk

m1 = (…, amount, serial number)

mk = (…, amount, serial number)

15

• Alice creates blinding factors:b1e,…, bk

e

• Blind the units - m1b1e, …, mk bk

e

m1b1e mkbk

e, …,

Bank

• Send to bank for signing

16

• Bank chooses k –1 items to check (at random)

• Customer gives all blinding factors except one

(say unit i)

• Bank checks they are correct

i

17

• Bank signs the remaining one and sends it

back – (mibe

i)d = mi

dbi

Customer

• The customer removes the blind using bi-1

mid

18

Here is the summary of the pros and cons of the online system:

Pros

• Provides fully anonymous

and untraceable digital cash:

• No double spending

problems (coins are checked

in real time during the

transaction).

• No additional secure

hardware required

Cons

• Communications overhead between merchant and the bank.

• Huge database of coin records -- the bank server needs to maintain an ever-growing database for all the used coins’ serial numbers.

• Difficult to scale, need synchronization between bank servers.

• Coins are not reusable

19

Processing Cost per Transaction

0.00

0.20

0.40

0.60

0.80

1.00

1.20

Cash Check Credit

Card

Electronic

Bill

Debit E-Cash

Electronic

Paper Cash

Source: The Boston Consulting Group 20

Bank

MerchantUser

Tamper-

resistant

device

Others

Linked to other banks.

21

• Let us denote Alice’s username as I

• We will split I into n parts such that

–Each part on its own does not contain any

information about I

–All n parts can be combined to reveal

username

• How does it work?

–Alice picks a random numbers r

–Alice calculates s = I r22

• Alice’s Username = 2510

• Alice picks a random number r = 1500:

• S=2510 1500 = 3090

• The username can now be split into 2 parts

– 1500 and 3090

• On their own they don’t reveal the username,

but when combined using the XOR, the

username is revealed

– 1500 3090 = 2510

23

A Coin

• User ID:

1500 3090

4545 6159

5878 7992

Header Information – 100$

Serial number - 123456

Transaction Item – pairs of user IDs

24

• User ID:

1500 XOR 3090 = 2510

4545 XOR 6159 = 2510

5878 XOR 7992 = 2510

User ID

Header Information – 100$

Serial number - 123456

Transaction Item – pairs of user ID’s

25

• Alice presents a token to a Merchant

• Merchant asks Alice to reveal part of each user ID pair– Merchant decides if he

wants to know the right half or the left half

– Alice blanks out the other half

26

• User ID:

0 3090

4545 6159

5878 7992

Randomly blank one side of each identity pair

27

• User ID:

0 3090

4545 0

5878 7992

Randomly blank one side of each identity pair

28

• User ID:

0 3090

4545 0

5878 0

Randomly blank one side of each identity pair

29

• User ID:

0 3090

4545 0

5878 0

•You can no longer tell who owns the coin

•Merchant would now deposit this coin into the bank

•Note that token has half of user ID pair revealed

•Bank verifies token and adds to database of spent tokens

30

• User ID:

1500 0

4545 0

0 7992

•Before the user spent the coin the first time, the user

made a copy of it

•Merchant would now deposit this coin into the

bank31

• Original Coin• User ID:

0 3090

4545 0

5878 0

• Duplicate Coin

• User ID:

1500 0

4545 0

0 7992

This is what is in the bank

32

Pros

• Off-line, portable scheme

• User is fully anonymous unless

double spends

• Bank can detect double

spender (with high probability)

• Banks don’t need to

synchronize database in each

transaction.

• Coins are reusable

Cons

• Might not prevent double

spending immediately

• More expensive to

implement - the extra

security hardware needed in

the system requires an

additional cost

33

Reduces Transaction Costs

Truly Global Currency

Economic Integration

Offline Transactions

Anonymity

Authentication

Untraceable

34

Forgery

Money laundering

Private minting of cash

Low Financial Inclusion in developing countries

Susceptible to hacking

High dependency on power

35

• There a number of competing protocols, and it is unclear which ones will become dominant. Most digital cash systems start with a participating bank that issues cash numbers or other unique identifiers that carry a given value.Bitcoin is a successful digital currency, developed on the concept of digital cash developed by David Chaum. Bitcoin cannot be traded offline.

36

37

/

• Peter Wayner, Digital Cash, Academic Press Inc; Pap/Cdr edition(1 October 1995)

• https://www.cs.bham.ac.uk/~mdr/teaching/modules06/netsec/lectures/DigitalCash.html

• David Chaum, Amos Fiat and Moni Naor, "Untraceable Electronic Cash", in Advances in Cryptology - CRYPTO '88 Proceedings.

• David Chaum, “Blind Signature System”. US Patent #4759063

• illinois.edu

38

39