The present invention relates to an off-line electronic transaction system which is secured in respect of cryptographics using a telecommunication system or a smart card and an electronic commercial transaction method using the same.
As information-based society has been constructed, the world much depends on network communication. Thus, computer-based technology has greatly affected the access, the storing and the distribution of the information. An electronic commercial transaction is a representative example of such a computer-based technology, which performs a financial transaction by exchanging the electronic informations on communication network.
However, the electronic commercial transaction has problems in that the transmitted information can be illegally captured or transformed by others in open type network such as the Internet, thereby infringing the privacy of the transaction-related parties or causing them to be economically damaged. These problems make a role of hinderance in implementing the electronic commercial transaction. In addition, for the sake of making the electronic commercial transaction popular, the cost for using the electronic commercial transaction should be reduced to be much smaller than the money to be transacted. That is it should be economical. Therefore, in order for activating the electronic commercial transaction, a safe and high efficient electronic transaction system is required.
This electronic transaction system has been implemented an electronic check, a debit-card, a credit card, a stored value card, an electronic cash or the like. The present invention is addressed to the electronic cash, which is able to be electronically implemented by modelling the real cash currently passing in the real world. The real cash has characteristics that it is easy to be carried, easily authenticated, transferable, divisible into small changes, untraceable and anonymous. Thus, it is necessary that the electronic cash should be designed to have the above characteristics. In particular, the untraceability for payment and anonymity among the above characteristics have been much focused on by electronic cash designers.
For providing the untraceability for payment and the anonymity of payer so that a bank apparatus can not find out who have paid to whom, it is necessary that the bank apparatus can not relate a specific withdrawal transaction to a specific account. This can be accomplished by using a special kind of electronic signature called as "blind signature", which has been disclosed in "Blind signatures for untraceable payments", the Proceedings of Crypto'88, pp.199-203, 1983, by D. Chaum.
Also, since the electronic cash is digital data, it may be easily copied to be illegally used in twice or more times. For preventing the multiple use of an electronic cash, in an on-line transaction system, the bank apparatus intervenes the payment so double-spending can be prevented. However, in an off-line transaction system, since the bank does not intervene when a user pays an electronic cash to a shop, it is more difficult to prevent in advance the multiple use (that is, double-spending) of the electronic cash in comparison with that in an on-line transaction system. Only after the electronic cash having been paid by a user is deposited from a shop to a bank, the electronic cash may be examined with a database stored in the bank so as to find out whether the electronic cash has been illegally double-spent. That is to say, in off-line system the electronic cash can be only traced after the fact.
To compensate for this shortage, there has been recently proposed a tamper-resistant device called as "observer", which is issued from a bank and inserted into a payment apparatus of user, so as,to prevent the multiple use of the electronic cash. In this method, the payment of the electronic cash is successfully made with the cooperation of the observer.