We show a tracking attack against the newest ID-transfer scheme for low-cost RFID tags. In this attack, a wide attacker, i.e. an attacker that can access the verification result of a server, is able to forge a set of specific messages, and to track a tag. The attack is unique as it involves three sessions of the protocol. Finally, a simple feasibility analysis of the attack is given.

Privacy remains an issue for IT services. Users are concerned that their history of service use may be traceable since each user is assigned a single identifier as a means of authentication. In this paper, we propose a perfectly anonymous attribute authentication scheme that is both unidentifiable and untraceable. Then, we present the evaluation results of a prototype system using a PC and mobile phone with the scheme. The proposed scheme employs a self-blindable certificate that a user can change randomly; thus the certificate is modified for each authentication, and the authentication scheme is unidentifiable and untraceable. Furthermore, our scheme can revoke self-blindable certificates without leaks of confidential private information and check the revocation status without online access.

In 1983, Chaum first introduced the concept of blind signature. In 2003, Hwang, Lee and Lai pointed out that the Chaum scheme cannot meet the untraceability property of the blind signature scheme. This letter will demonstrate that Hwang et al.'s claim is incorrect and the Chaum blind signature scheme still keeps the untraceability property.

At EuroCrypt '95, Stadler, Piveteau and Camenish introduced the concept of fair blind signatures to prevent the misuse of blind signature schemes by criminals. Recently, Hwang, Lee and Lai claimed that Stadler et al.'s first fair blind signature scheme cannot meet the untraceability property of the blind signature schemes. However, this letter will demonstrate that Hwang et al.'s claim is incorrect and Stadler et al.'s first scheme still holds the untraceability property.

In this paper, the authors intend to propose a new untraceable blind signature scheme based on the RSA cryptosystem. This paper applies the Extended Euclidean algorithm to our blind signature scheme. Compared with other blind signature schemes, our proposed scheme can meet the all requirements of a blind signature scheme. The security of the proposed scheme, as did that of the RSA cryptosystem, depends on the difficulty of solving the factoring problem.

Recently, Stadler et al. proposed the concept of fair blind signatures to prevent the misuse of blind signature schemes from criminals. In this article, we show the proposed scheme could not meet the untraceability property of blind signature's requirements. We point out that the proposed scheme cannot provide true blind signatures.

In 1998, Fan and Lei proposed a partially blind signature scheme that could reduce the computation load and the size of the database for electronic cash systems. In this Letter, we show that their scheme could not meet the untraceability property of a blind signature.

In this paper, we propose a new type of authentication system, one-time zero-knowledge authentication system. Informally speaking, in this authentication system, double usage of the same authentication is prevented. Based on these one-time zero-knowledge authentication systems, we propose a new untraceable electronic cash scheme satisfying both untraceability and unreusablity. This scheme overcomes the problems of the previous scheme proposed by Chaum, Fiat and Naor through its greater efficiency and provable security under reasonable cryptographic assumptions. We also propose a scheme, transferable untraceable electronic cash scheme, satisfying transferability as well as the above two criteria. Moreover, we also propose a new type of electronic cash, untraceable electronic coupon ticket, in which the value of one piece of the electronic cash can be subdivided into many pieces.