{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,14]],"date-time":"2026-02-14T04:09:38Z","timestamp":1771042178295,"version":"3.50.1"},"reference-count":30,"publisher":"MDPI AG","issue":"3","license":[{"start":{"date-parts":[[2019,7,20]],"date-time":"2019-07-20T00:00:00Z","timestamp":1563580800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Cryptography"],"abstract":"<jats:p>Electronic money (e-money or e-Cash) is the digital representation of physical banknotes augmented by added use cases of online and remote payments. This paper presents a novel, anonymous e-money transaction protocol, built based on physical unclonable functions (PUFs), titled PUF-Cash. PUF-Cash preserves user anonymity while enabling both offline and online transaction capability. The PUF\u2019s privacy-preserving property is leveraged to create blinded tokens for transaction anonymity while its hardware-based challenge\u2013response pair authentication scheme provides a secure solution that is impervious to typical protocol attacks. The scheme is inspired from Chaum\u2019s Digicash work in the 1980s and subsequent improvements. Unlike Chaum\u2019s scheme, which relies on Rivest, Shamir and Adlemans\u2019s (RSA\u2019s) multiplicative homomorphic property to provide anonymity, the anonymity scheme proposed in this paper leverages the random and unique statistical properties of synthesized integrated circuits. PUF-Cash is implemented and demonstrated using a set of Xilinx Zynq Field Programmable Gate Arrays (FPGAs). Experimental results suggest that the hardware footprint of the solution is small, and the transaction rate is suitable for large-scale applications. An in-depth security analysis suggests that the solution possesses excellent statistical qualities in the generated authentication and encryption keys, and it is robust against a variety of attack vectors including model-building, impersonation, and side-channel variants.<\/jats:p>","DOI":"10.3390\/cryptography3030018","type":"journal-article","created":{"date-parts":[[2019,7,22]],"date-time":"2019-07-22T02:55:37Z","timestamp":1563764137000},"page":"18","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":16,"title":["Physical Unclonable Function (PUF)-Based e-Cash Transaction Protocol (PUF-Cash)"],"prefix":"10.3390","volume":"3","author":[{"given":"Jeff","family":"Calhoun","sequence":"first","affiliation":[{"name":"Department of Electrical and Computer Engineering, University of New Mexico, Albuquerque, NM 87131, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9569-664X","authenticated-orcid":false,"given":"Cyrus","family":"Minwalla","sequence":"additional","affiliation":[{"name":"Bank of Canada, 234 Wellington St., Ottawa, ON K1A 0G9, Canada"}]},{"given":"Charles","family":"Helmich","sequence":"additional","affiliation":[{"name":"Department of Electrical and Computer Engineering, University of New Mexico, Albuquerque, NM 87131, USA"}]},{"given":"Fareena","family":"Saqib","sequence":"additional","affiliation":[{"name":"Department of Electrical and Computer Engineering, University of North Carolina at Charlotte (UNCC), Charlotte, NC 28223, USA"}]},{"given":"Wenjie","family":"Che","sequence":"additional","affiliation":[{"name":"Klipsch School of Electrical and Computer Engineering, New Mexico State University, Las Cruces, NM 88003, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1876-117X","authenticated-orcid":false,"given":"Jim","family":"Plusquellic","sequence":"additional","affiliation":[{"name":"Department of Electrical and Computer Engineering, University of New Mexico, Albuquerque, NM 87131, USA"}]}],"member":"1968","published-online":{"date-parts":[[2019,7,20]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","unstructured":"Gassend, B., Clarke, D.E., Van Dijk, M., and Devadas, S. (2002, January 18\u201322). Silicon Physical Random Functions. Proceedings of the Conference on Computer and Communications Security, New York, NY, USA.","DOI":"10.1145\/586110.586132"},{"key":"ref_2","first-page":"17","article-title":"HELP: A Hardware-Embedded Delay-Based PUF","volume":"30","author":"Aarestad","year":"2013","journal-title":"Des. Test Comput."},{"key":"ref_3","doi-asserted-by":"crossref","unstructured":"Che, W., Martin, M., Pocklassery, G., Kajuluri, V.K., Saqib, F., and Plusquellic, J. (2017). A Privacy-Preserving, Mutual PUF-Based Authentication Protocol. Cryptography, 1.","DOI":"10.3390\/cryptography1010003"},{"key":"ref_4","doi-asserted-by":"crossref","first-page":"1030","DOI":"10.1145\/4372.4373","article-title":"Security Without Identification: Transaction Systems to Make Big Brother Obsolete","volume":"28","author":"Chaum","year":"1987","journal-title":"Commun. ACM"},{"key":"ref_5","doi-asserted-by":"crossref","unstructured":"Chaum, D. (1982). Blind Signatures for Untraceable Payments. Advances in Cryptology, Springer.","DOI":"10.1007\/978-1-4757-0602-4_18"},{"key":"ref_6","unstructured":"Chaum, D., Fiat, A., and Naor, M. (1988). Untraceable Electronic Cash. Advances in Cryptology\u2014CRYPTO\u2019 88, Proceedings of the Conference on the Theory and Application of Cryptography, Santa Barbara, CA, USA, 21\u201325 August 1988, Springer."},{"key":"ref_7","doi-asserted-by":"crossref","first-page":"338","DOI":"10.1007\/3-540-49248-8_16","article-title":"Security Aspects of the e-cash Payment System","volume":"Volume 1528","author":"Schoenmaker","year":"1998","journal-title":"State of the Art in Applied Cryptography"},{"key":"ref_8","unstructured":"Brands, S. (1993, January 22\u201326). Untraceable Off-Line Cash in Wallet with Observers. Proceedings of the International Cryptology Conference on Advances in Cryptology, Santa Barbara, CA, USA."},{"key":"ref_9","first-page":"252","article-title":"Provably Secure Blind Signature Schemes","volume":"1163","author":"Pointcheval","year":"1996","journal-title":"Adv. Cryptol."},{"key":"ref_10","doi-asserted-by":"crossref","unstructured":"Camenisch, J., Lysanskaya, A., and Meyerovich, M. (2007). Endorsed E-Cash IEEE Symposium on Security and Privacy, IEEE.","DOI":"10.1109\/SP.2007.15"},{"key":"ref_11","first-page":"16","article-title":"Statistical Zero Knowledge Protocols to Prove Modular Polynomial Relations","volume":"1294","author":"Fujisaki","year":"1997","journal-title":"Adv. Cryptogr."},{"key":"ref_12","doi-asserted-by":"crossref","unstructured":"Okamoto, T. (1995). An efficient divisible electronic cash scheme. Advances in Cryptology\u2014CRYPT0\u2019 95, Proceedings of the Annual International Cryptology Conference, Santa Barbara, CA, USA, 27\u201331 August 1995, Springer.","DOI":"10.1007\/3-540-44750-4_35"},{"key":"ref_13","unstructured":"Ruckert, M. (2010, January 5\u20139). Lattice-based Blind Signatures. Proceedings of the AsiaCrypt, Singapore."},{"key":"ref_14","doi-asserted-by":"crossref","unstructured":"Yang, B., Yang, K., Zhang, Z., Qin, Y., and Feng, D. (2016). AEP-M: Practical Anonymous E-Payment for Mobile Devices using ARM TrustZone and Divisible E-Cash, Information Security. Information Security, Proceedings of the International Conference on Information Security, Honolulu, HI, USA, 3\u20136 September 2016, Springer.","DOI":"10.1007\/978-3-319-45871-7_9"},{"key":"ref_15","doi-asserted-by":"crossref","unstructured":"Sakalauskas, E., Muleravicius, J., and Timofejeva, I. (2017, January 19\u201321). Computational Resources for Mobile E-Wallet System with Observers. Proceedings of the Electronics, Palanga, Lithuania.","DOI":"10.1109\/ELECTRONICS.2017.7995226"},{"key":"ref_16","doi-asserted-by":"crossref","unstructured":"R\u00fchrmair, U., Sehnke, F., S\u00f6lter, J., Dror, G., Devadas, S., and Schmidhuber, J. (2010, January 4\u20138). Modeling Attacks on Physical Unclonable Functions. Proceedings of the 17th ACM Conference on Computer and Communications Security, Chicago, IL, USA.","DOI":"10.1145\/1866307.1866335"},{"key":"ref_17","doi-asserted-by":"crossref","unstructured":"Plusquellic, J., and Areno, M. (2018, February 21). Correlation-Based Robust Authentication (Cobra) Using Helper Data Only. Available online: http:\/\/www.mdpi.com\/2410-387X\/2\/3\/21.","DOI":"10.3390\/cryptography2030021"},{"key":"ref_18","doi-asserted-by":"crossref","unstructured":"Bolotny, L., and Robins, G. (2007, January 19\u201323). Physically Unclonable Function-based Security and Privacy in RFID Systems. Proceedings of the PerCom, White Plains, NY, USA.","DOI":"10.1109\/PERCOM.2007.26"},{"key":"ref_19","doi-asserted-by":"crossref","first-page":"807","DOI":"10.1016\/j.pmcj.2008.07.001","article-title":"A Tamper-Proof and Lightweight Authentication Scheme","volume":"4","author":"Hammouri","year":"2008","journal-title":"Pervasive Mob. Comput."},{"key":"ref_20","first-page":"281","article-title":"Enhancing RFID Security and Privacy by Physically Unclonable Functions","volume":"23","author":"Sadeghi","year":"2010","journal-title":"Inf. Secur. Cryptogr."},{"key":"ref_21","doi-asserted-by":"crossref","unstructured":"Kocabas, U., Peter, A., Katzenbeisser, S., and Sadeghi, A. (2012). Converse PUF-Based Authentication. Trust and Trustworthy Computing, Proceedings of the International Conference on Trust and Trustworthy Computing, Vienna, Austria, 13\u201315 June 2012, Springer.","DOI":"10.1007\/978-3-642-30921-2_9"},{"key":"ref_22","doi-asserted-by":"crossref","unstructured":"Majzoobi, M., Rostami, M., Koushanfar, F., Wallach, D.S., and Devadas, S. (2012, January 24\u201325). Slender PUF Protocol: A Lightweight, Robust, and Secure Authentication by Substring Matching. Proceedings of the Symposium on Security and Privacy Workshop, San Francisco, CA, USA.","DOI":"10.1109\/SPW.2012.30"},{"key":"ref_23","doi-asserted-by":"crossref","first-page":"232","DOI":"10.1049\/iet-ifs.2015.0401","article-title":"Compact and Low-power ASIP Design for Lightweight PUF-based Authentication Protocols","volume":"10","author":"Aysu","year":"2016","journal-title":"IET Inf. Secur."},{"key":"ref_24","unstructured":"Che, W., Martinez-Ramon, M., Saqib, F., and Plusquellic, J. (May, January 30). Delay Model and Machine Learning Exploration of a Hardware-Embedded Delay PUF. Proceedings of the International Symposium on Hardware-Oriented Security and Trust, Washington, DC, USA."},{"key":"ref_25","doi-asserted-by":"crossref","unstructured":"Che, W., Kajuluri, V.K., Saqib, F., and Plusquellic, J. (2017). Leveraging Distributions in Physical Unclonable Functions. Cryptography, 1.","DOI":"10.3390\/cryptography1030017"},{"key":"ref_26","doi-asserted-by":"crossref","unstructured":"R\u00fchrmair, U., Xu, X., Solter, J., Mahmoud, A., Majzoobi, M., Koushanfar, F., and Burleson, W. (2014). Efficient Power and Timing Side Channels for Physical Unclonable Functions. Cryptographic Hardware and Embedded Systems\u2013CHES 2014, Proceedings of the International Workshop on Cryptographic Hardware and Embedded Systems, Busan, Korea, 23\u201326 September 2014, Springer.","DOI":"10.1007\/978-3-662-44709-3_26"},{"key":"ref_27","doi-asserted-by":"crossref","first-page":"37","DOI":"10.1109\/TETC.2014.2300635","article-title":"Robust and Reverse-Engineering Resilient PUF Authentication and Key-Exchange by Substring Matching","volume":"2","author":"Rostami","year":"2014","journal-title":"IEE Trans. Emerg. Top. Comput."},{"key":"ref_28","doi-asserted-by":"crossref","first-page":"2043","DOI":"10.1109\/TIFS.2019.2891223","article-title":"Machine-Learning Attacks on PolyPUFs, OB-PUFs, RPUFs, LHS-PUFs, and PUF-FSMs","volume":"14","author":"Delvaux","year":"2019","journal-title":"Trans. Inf. Forensics Secur."},{"key":"ref_29","unstructured":"Mangard, S., Oswald, E., and Popp, T. (2007). Power Analysis Attacks: Revealing the Secrets of Smart Cards, Springer."},{"key":"ref_30","doi-asserted-by":"crossref","unstructured":"Bassham, L., Rukhin, A., Soto, J., Nechvatal, J., Smid, M., Barker, E., Leigh, S., Levenson, M., Vangel, M., and Banks, D. (2010, April 15). A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications, Available online: https:\/\/csrc.nist.gov\/publications\/detail\/sp\/800-22\/rev-1a\/final.","DOI":"10.6028\/NIST.SP.800-22r1a"}],"container-title":["Cryptography"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2410-387X\/3\/3\/18\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T13:07:56Z","timestamp":1760188076000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2410-387X\/3\/3\/18"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019,7,20]]},"references-count":30,"journal-issue":{"issue":"3","published-online":{"date-parts":[[2019,9]]}},"alternative-id":["cryptography3030018"],"URL":"https:\/\/doi.org\/10.3390\/cryptography3030018","relation":{},"ISSN":["2410-387X"],"issn-type":[{"value":"2410-387X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2019,7,20]]}}}