Skip to Main content Skip to Navigation
Conference papers

Lattice-Based E-Cash, Revisited

Abstract : Electronic cash (e-cash) was introduced 40 years ago as the digital analogue of traditional cash. It allows users to withdraw electronic coins that can be spent anonymously with merchants. As advocated by Camenisch et al. (Eurocrypt 2005), it should be possible to store the withdrawn coins compactly (i.e., with logarithmic cost in the total number of coins), which has led to the notion of compact e-cash. Many solutions were proposed for this problem but the security proofs of most of them were invalidated by a very recent paper by Bourse et al. (Asiacrypt 2019). The same paper describes a generic way of fixing existing constructions/proofs but concrete instantiations of this patch are currently unknown in some settings. In particular, compact e-cash is no longer known to exist under quantum-safe assumptions. In this work, we resolve this problem by proposing the first secure compact e-cash system based on lattices following the result from Bourse et al. Contrarily to the latter work, our construction is not only generic, but we describe two concrete instantiations. We depart from previous frameworks of e-cash systems by leveraging lossy trapdoor functions to construct our coins. The indistinguishability of lossy and injective keys allows us to avoid the very strong requirements on the involved pseudo-random functions that were necessary to instantiate the generic patch proposed by Bourse et al.
Document type :
Conference papers
Complete list of metadata

Cited literature [18 references]  Display  Hide  Download
Contributor : Benoit Libert Connect in order to contact the contributor
Submitted on : Friday, November 6, 2020 - 8:38:45 PM
Last modification on : Saturday, September 11, 2021 - 3:19:41 AM
Long-term archiving on: : Monday, February 8, 2021 - 3:31:12 AM


Files produced by the author(s)


  • HAL Id : hal-02993620, version 1



Amit Deo, Benoît Libert, Khoa Nguyen, Olivier Sanders. Lattice-Based E-Cash, Revisited. Asiacrypt 2020 - 26th Annual International Conference on the Theory and Application of Cryptology and Information Security, Dec 2020, Corée (devenu virtuel pour cause de COVID), South Korea. pp.1-47. ⟨hal-02993620⟩



Record views


Files downloads