Electronic cash controlled by non-homomorphic signatures

US 7,640,432 B2
Filed: 12/11/2000
Issued: 12/29/2009
Est. Priority Date: 12/11/2000
Status: Active Grant

First Claim

Patent Images

1. A method of providing anonymous digital cash, the method comprising:

providing an entity with a secure co-processor;

a user establishing a secure channel to a program running on said coprocessor;

the user sending an unsigned coin to be digitally signed to the coprocessor using any secure digital signature algorithm; and

said co-processor forming a copy of the unsigned coin;

signing the unsigned coin with a non-homomorphic signature; and

said co-processor encrypting the signed coin and encrypting the copy of the unsigned coin using a public key of a given encryption scheme having said public key and a private key;

sending back to the user both the encrypted copy of the signed coin and the encrypted copy of the unsigned coin, the user having the private key of said given encryption scheme, wherein the user then using said private key to decrypt both the signed and unsigned copies of the coin, and using the pair of signed and unsigned copies of the coin as a unit as digital cash for payment to a recipient while keeping the identity of the user unknown to the coprocessor.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system for establishing and managing digital cash. This method is to emit and circulate secure electronic cash that allows to use non-homomorphic signature schemes, and avoids having to use blind signature techniques. With one specific embodiment, the method provides anonymous digital cash, and comprises the steps of providing an entity with a secure coprocessor, a user establishing a secure channel to a program running on said coprocessor, and the user sending a coin to be digitally signed to the coprocessor.

49 Citations

View as Search Results

14 Claims

1. A method of providing anonymous digital cash, the method comprising:
- providing an entity with a secure co-processor;
  
  a user establishing a secure channel to a program running on said coprocessor;
  
  the user sending an unsigned coin to be digitally signed to the coprocessor using any secure digital signature algorithm; and
  
  said co-processor forming a copy of the unsigned coin;
  
  signing the unsigned coin with a non-homomorphic signature; and
  
  said co-processor encrypting the signed coin and encrypting the copy of the unsigned coin using a public key of a given encryption scheme having said public key and a private key;
  
  sending back to the user both the encrypted copy of the signed coin and the encrypted copy of the unsigned coin, the user having the private key of said given encryption scheme, wherein the user then using said private key to decrypt both the signed and unsigned copies of the coin, and using the pair of signed and unsigned copies of the coin as a unit as digital cash for payment to a recipient while keeping the identity of the user unknown to the coprocessor.
- View Dependent Claims (2, 3, 4, 5)
- - 2. A method according to claim 1, further comprising the steps of:
    - the processor providing a signature to authenticate;
      
      the user using said encrypted signed coin for payment to a merchant; and
      
      the merchant returning the encrypted signed coin to the entity for credit to an account of the merchant.
  - 3. A method according to claim 2, wherein:
    - the communicating step includes the step of the customer sending to the generator the public key of the encryption scheme; and
      
      the step of using the secure cryptography generator includes the step of using the public key to encrypt the signature on the signed coin.
  - 4. A method according to claim 3, wherein:
    - the signing step includes the step of using a non-homomorphic signature scheme to sign the coin;
      
      the non-homomorphic signature scheme includes a private key and a public key; and
      
      the step of using the non-homomorphic signature scheme includes the step of using the private key of the non-homomorphic signature scheme to sign the coin.
  - 5. A method according to claim 1, wherein the public key of said given encryption scheme is sent to the secure co-processor by the user.

6. A method of creating and managing electronic cash, comprising the steps:
- a customer communicating to a secure cryptography generator of a bank (i) a given encryption scheme having a public key and a private key, and a (ii) cash amount;
  
  establishing an unsigned unit representing the cash amount and a copy of the unsigned unit;
  
  signing the unsigned unit with a non-homomorphic signature to enable the customer to use the electronic cash while keeping the identity of the customer unknown to a coprocessor;
  
  the bank using the secure cryptography generator to encrypt a signed unit and the copy of the unsigned unit using the public key of said given encryption scheme;
  
  storing in a database the encrypted signed unit and a value for the unit;
  
  transmitting back to the customer an encrypted copy of the signed unit and an encrypted copy of the unsigned unit;
  
  the customer using the private key of said given encryption scheme to decrypt both the encrypted signed unit and the encrypted unsigned unit to obtain the signed unit and the unsigned unit;
  
  said customer using the decrypted pair of signed and unsigned copies of the coin as a unit as a payment to a recipient; and
  
  said recipient presenting the pair of signed and unsigned copies of the coin to the bank for credit.
- View Dependent Claims (7, 8)
- - 7. A method according to claim 6, further including the steps of:
    - establishing an expiration date for the signed encrypted unit; and
      
      storing the expiration date in the database.
  - 8. A method according to claim 6, wherein the signing step includes the step of using the secure cryptography generator to sign the unit.

9. A system for creating and managing electronic cash, comprising the steps:
- a secure cryptography generator, including means for receiving from a customer (i) a cash amount, and (ii) a given encryption scheme having a public key and a private key;
  
  means for establishing a unit representing the cash amount and an unsigned copy of the unit;
  
  means for signing the unit with a non-homomorphic signature to enable the customer to use the electronic cash while keeping the identity of the customer unknown to a coprocessor;
  
  wherein the secure cryptography generator encrypts both the signed unit and the unsigned copy of the unit using the public key of said given encryption scheme;
  
  a database for storing the encrypted signed unit and a value for the unit;
  
  means for transmitting back to the customer both the encrypted copy of the signed unit and the encrypted copy of the unsigned unit;
  
  means for the customer using the private key of the given encryption scheme to decrypt both the encrypted signed unit and the encrypted unsigned unit to obtain the signed unit and the unsigned unit, wherein the customer then uses the pair of the signed and unsigned copies of the coin as a unit as a payment to a recipient.
- View Dependent Claims (10, 11)
- - 10. A system according to claim 9, further including means for establishing an expiration date for the signed encrypted unit, and wherein the expiration date is stored in the database.
  - 11. A system according to claim 9, wherein the secure cryptography generator includes means for signing the unit.

12. A program storage device readable by machine, tangibly embodying a program of instructions executable by the machine to perform method steps for creating and managing electronic cash, said method steps comprising:
- using a secure cryptography generator of a bank to receive from a customer (i) a given encryption scheme having a public key and a private key, and (ii) a cash amount;
  
  establishing an unsigned unit representing the cash amount and a copy of the unsigned unit;
  
  signing the unit with a non-homomorphic signature to enable the customer to use the electronic cash while keeping the identity of the customer unknown to a coprocessor;
  
  using the secure cryptography generator to encrypt signed unit and the copy of the unsigned unit using the public key of said given encryption scheme;
  
  storing in a database the encrypted signed unit and a value for the unit;
  
  transmitting back to the customer an encrypted copy of the signed unit and an encrypted copy of the unsigned unit;
  
  the customer using the private key of said given encryption scheme to decrypt both the encrypted signed unit and the encrypted unsigned unit to obtain the signed unit and the unsigned unit;
  
  the customer using decrypted pair of the signed and unsigned copies of the coin as a unit as a payment to a recipient; and
  
  the recipient presenting the pair of signed and unsigned copies of the coin to the bank for credit.
- View Dependent Claims (13, 14)
- - 13. A program storage device according to claim 12, wherein said method steps further include the steps of:
    - establishing an expiration date for the signed encrypted unit;
      
      storing the expiration date in the database.
  - 14. A program storage device according to claim 12, wherein the signing step includes the step of using the secure cryptography generator to sign the unit.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
PayPal, Inc. (PayPal Holdings, Inc.)
Original Assignee
International Business Machines Corporation
Inventors
Gennaro, Rosario, Tresser, Charles
Primary Examiner(s)
Korzuch; William R
Assistant Examiner(s)
Moorthy; Aravind K

Application Number

US09/734,102
Publication Number

US 20020073318A1
Time in Patent Office

3,305 Days
Field of Search

713/180, 713/200, 713/193, 713/194, 705/64, 705/65, 705/66, 705/69, 705/76, 705/77
US Class Current

713/180
CPC Class Codes

G06Q 20/02   involving a neutral party, ...

G06Q 20/06   Private payment circuits, e...

G06Q 20/085   involving remote charge det...

G06Q 20/367   involving electronic purses...

G06Q 20/3674   involving authentication

G06Q 20/3821   Electronic credentials

G06Q 20/3829   involving key management

G06Q 20/401   Transaction verification

Electronic cash controlled by non-homomorphic signatures

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

49 Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Electronic cash controlled by non-homomorphic signatures

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

49 Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links