Although we feel we know cash intimately, let's take a deeper look at some of its attributes. First of all, it's represented by a physical object: either a banknote or a coin.
If you buy something, you hand over that physical thing to the seller. It leaves your possession and enters theirs. Your net cash worth is reduced by the amount of cash you've handed over.
Second, it's relatively hard to clone your cash. It would be nice if you could just photocopy banknotes - well, at least it would be until everyone started doing it and the global economy crashed a few seconds later - or you could stamp coins more cheaply than you could buy them, but there are various protections to make sure that this is inefficient and costly.
Banknotes are printed on a specific type of paper that is hard to get (in the US, the paper is cotton-based and will even survive a trip through the washing machine - something we're loath to try with a British £5 note) and the design is created to be extremely difficult to copy or to photocopy.
Large denomination coins are designed to be hard to stamp out on simple machines - they have text on the milled edges, they are made from two types of contrasting coloured metal, and so on. Small denomination coins just aren't worth copying: the cost and the work needed will outweigh the benefit of the counterfeit value.
A corollary of that is that cash can only come from those who are authorised to create it: in essence, the government. It's a government department, the Royal Mint, that is charged with replacing British cash that's destroyed (say, banknotes that go through the washing machine or coins that get worn and lose their non-clonable features), and with printing or minting more cash to add to the supply.
Third, it's anonymous. There need be no record of cash changing hands, and the only people who would know about a transaction would be the seller and the buyer. As soon as some other representation of money comes into play, say a cheque or a credit card, records are kept of the transaction. Banks would have to be involved to transfer this amount of money from the buyer's account to the seller's. The transaction would become 'known'.
If we were to design a digital currency, then we would have to replicate these three key features of cash: the ability to transfer it unambiguously from buyer to seller even though it's not a physical object, the inability to clone it (and to limit its creation to those authorised to create it), and its anonymity.
Of these, you'd think the biggest issue would be the cloning problem. We are all aware of how easy it is to duplicate or copy digital objects, from Word documents to MP3s to movies. Even if the digital entity were protected with some kind of DRM, it doesn't take long for someone to work out how to circumvent it. For example, it's how we play DVDs we purchased from England (region 2) in the US on a region 1 player. If it's that easy to copy and to circumvent digital protection, how could there ever be some kind of digital currency?
However, notice what we elided there. The digital entities we were talking about have content; we are interested in these objects for what they contain, not for what they are. An Excel spreadsheet is not interesting as an XLS file you can pass around, it's interesting because it's a file that contains data and calculations - information we may not currently have. An MP3 file is only interesting because it's a recording of a track we like and want.
But a digital coin is not like that. It has no 'content' - it is a digital object that is interesting because of what it is. And guess what - we already know about digital objects that are fully protected and that are interesting for what they are: digital signatures.
Digital signatures are easy for the signer to create and for everyone else to verify, but they are also extremely hard to fake. Knowing this, if we see a digital signature, we know that it can only have come from the signer and no one else. So if we write an email to you for example, and sign it digitally, you know that it can only have come from us and therefore that we have written it. The content of the email could be plaintext or encrypted. It doesn't matter; it's the signature that provides proof of authenticity.
Digital signatures are created through the magic of asymmetric ciphers or public-key cryptography, like RSA. Asymmetric ciphers have two passwords, a private one that only you know and a public one that can be published so everyone else can know it. Data encrypted with the private key can only be decrypted with the public one (and vice versa).
To create a digital signature of a file (or a message), you hash the contents of the file with a cryptographic hash algorithm like SHA-256 and then encrypt that hash with your private key. The result is your digital signature for the file. Someone can verify this signature for the file by hashing the file with the same algorithm and checking that this hash is equal to the hash obtained by decrypting the signature with your public key. If they are equal then the file has not been changed and you signed it; if not, either the file has been changed or you didn't create the signature.
Using this technology, we can start thinking about how to implement digital coins. Let's suppose we had a central 'bank' dishing out numbers, such as the numbers on banknotes (these are unique - each banknote has its own number). The bank hashes the number and signs it with its private key, creating a digital signature for the number. We'll call the combination of the unique number plus its signature a digital coin.
We would have digital coins, yes, and only the bank could create them, but we would still have the cloning problem: we could copy these digital coins all day. Unfortunately, although we can verify that a digital coin is valid, we have no way of determining whether this coin is original or cloned.