Protecting privacy in e-cash schemes by securing hidden identity approaches against statistical attacks

structured abstract Research paper Purpose To enhance security and privacy of e-cash systems that apply revocable anonymity by presenting a stochastic attack, that reveals the hidden ID, and suitable protection means against this kind of attacks. Methodology/Approach The feasibility of a stochastic attack that reveals the ID of user of e-cash schemes with revocable anonymity is shown. To avoid such attacks the application of modulo operations while constructing e-cash coins is proposed. Measurement results are used to back up the suitability of this approach. Findings Revocable anonymity systems can successfully be attacked. Applying modulo operations can prevent such attacks. Practical implications The recommendations given in this paper should be applied whenever an e-cash scheme or similar system with revocable anonymity is designed. Otherwise the promised feature may be compromised very easily. Originality/value of paper The paper identifies a formerly unknown attack against systems with revocable identities, and presents a mathematical solution to protect such systems against the attack presented.