Lecture 12 E-Commerce and Digital Cash. As communication technologies, such as the Internet and wireless networks, have advanced, new avenues of commerce.

Slides:



Advertisements
Similar presentations
Digital Cash Mehdi Bazargan Fall 2004.
Advertisements

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
Information Assurance Management Key Escrow Digital Cash Week 12-1.
Recoverable and Untraceable E-Cash Dr. Joseph K. Liu The Chinese University of HongKong.
Understanding Networked Applications: A First Course Chapter 14 by David G. Messerschmitt.
Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
Digital Cash Present By Kevin, Hiren, Amit, Kai. What is Digital Cash?  A payment message bearing a digital signature which functions as a medium of.
Slide 1 Vitaly Shmatikov CS 378 Digital Cash. slide 2 Digital Cash: Properties uDigital “payment message” with properties of cash uUnforgeable Users cannot.
Payment Systems 1. Electronic Payment Schemes Schemes for electronic payment are multi-party protocols Payment instrument modeled by electronic coin that.
Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.
Introduction to Modern Cryptography, Lecture 13 Money Related Issues ($$$) and Odds and Ends.
Electronic Transaction Security (E-Commerce)
Your Presenter Amer Sharaf Electronic Payments: Where do we go from here? ByMarkus Jakobsson David Mraihi Yiannis Tsiounis Moti Yung.
1 Applications of Computers Lecture-3 2 E-Commerce 4 Almost all major companies have their homes on the web, mainly for advertising 4 Companies were.
Digital Cash Damodar Nagapuram. Overview ► Monetary Freedom ► Digital Cash and its importance ► Achieving Digital Cash ► Disadvantages with digital cash.
Electronic Payment Systems. Transaction reconciliation –Cash or check.
Financial Transactions on Internet Financial transactions require the cooperation of more than two parties. Transaction must be very low cost so that small.
E-Money / Digital Cash Lin Huang. Money / Digital Cash What is Money –Coins, Bill – can’t exist on two places at one time –Bearer bonds: immediate cashable.
E- Business Digital Signature Varna Free University Prof. Teodora Bakardjieva.
J. Wang. Computer Network Security Theory and Practice. Springer 2008 Chapter 4 Data Authentication Part II.
Secure Electronic Transactions (SET). SET SET is an encryption and security specification designed to protect credit card transactions on the Internet.
Chapter 13 Digital Signature
Supporting Technologies III: Security 11/16 Lecture Notes.
Digital Cash By Gaurav Shetty. Agenda Introduction. Introduction. Working. Working. Desired Properties. Desired Properties. Protocols for Digital Cash.
BZUPAGES.COM Electronic Payment Systems Most of the electronic payment systems on internet use cryptography in one way or the other to ensure confidentiality.
Secure Electronic Transaction (SET)
1 Web Security Web now widely used by business, government, individuals but Internet & Web are vulnerable have a variety of threats –integrity –confidentiality.
Electronic Payment Systems. How do we make an electronic payment? Credit and debit cards Smart cards Electronic cash (digital cash) Electronic wallets.
E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.
Securing Electronic Transactions University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
Network Security Lecture 26 Presented by: Dr. Munam Ali Shah.
Cryptography, Authentication and Digital Signatures
E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.
Chapter 18: Doing Business on the Internet Business Data Communications, 4e.
Clemente-Cuervo et al. A PDA Implementation of an Off-line e-Cash Protocol.
Digital Cash. p2. OUTLINE  Properties  Scheme  Initialization  Creating a Coin  Spending the Coin  Depositing the Coin  Fraud Control  Anonymity.
CSCD 218 : DATA COMMUNICATIONS AND NETWORKING 1
Cryptography and Network Security (CS435) Part Fourteen (Web Security)
Chapter 6:Esoteric Protocols Dulal C Kar. Secure Elections Ideal voting protocol has at least following six properties 1.Only authorized voters can vote.
Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.
2/16/001 E-commerce Systems Electronic Payment Systems.
Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Network Security Lecture 27 Presented by: Dr. Munam Ali Shah.
OBJECTIVES  To understand the concept of Electronic Payment System and its security services.  To bring out solution in the form of applications to.
CIS-325: Data Communications1 CIS-325 Data Communications Dr. L. G. Williams, Instructor.
Private key
Electronic Payment Systems Presented by Rufus Knight Veronica Ogle Chris Sullivan As eCommerce grows, so does our need to understand current methods of.
Secure untraceable off-line electronic cash system Sharif University of Technology Scientia Iranica Volume 20, Issue 3, Pp. 637–646, June 2013 Baseri,
1 Chapter 7 WEB Security. 2 Outline Web Security Considerations Secure Socket Layer (SSL) and Transport Layer Security (TLS) Secure Electronic Transaction.
多媒體網路安全實驗室 Private Information Retrieval Scheme Combined with E- Payment in Querying Valuable Information Date: Reporter: Chien-Wen Huang 出處:
Electronic Banking & Security Electronic Banking & Security.
Henric Johnson1 Chapter 7 WEB Security Henric Johnson Blekinge Institute of Technology, Sweden
PAYMENT GATEWAY Presented by SHUJA ASHRAF SHAH ENROLL: 4471
Who Uses Encryption? Module 7 Section 3.
Secure Electronic Transaction (SET) University of Windsor
ELECTRONIC PAYMENT SYSTEM.
Presentation transcript:

Lecture 12 E-Commerce and Digital Cash

As communication technologies, such as the Internet and wireless networks, have advanced, new avenues of commerce have become available. This great potential to reach more customers has led to great potential for theft and fraud. Transmitting credit card and purchase information over nonprotected channels can lead to unwanted parties invading customer privacy and stealing vital credit information. Securing the information necessary to conduct electronic commerce is therefore very important.

We look at three examples of how cryptography can be used in electronic business transactions. We use the signatures with additional functionality. The mechanisms described in this lecture provide functionality beyond authentication and non-repudiation. In most instances, they combine a basic digital signature scheme with a specific protocol to achieve additional features which the basic method does not provide.

Outline  Secure Electronic Transaction  Undeniable Signature  Digital Cash

1 Secure Electronic Transaction Every time someone places an order in an electronic transaction over the internet. These data must be protected from unwanted eavesdroppers in order to ensure the customer ’ s privacy and prevent credit fraud.

1.1 Requirements

1.2 SET Protocol In 1996, the credit card companies MasterCard and Visa called for the establishment of standards for electronic commerce. The result, whose development involved several companies, is called the SET. It starts with the existing credit card system and allows people to use it securely over open channels. The SET protocol is fairly complex, involving many technique details. In the following, we ’ ll discuss one aspect of the whole protocol, namely the use of dual signature.

1.2.1 Elements Participants  Bank  Cardholder  Merchant Cardholder ’ s two pieces of information  GSO=goods and services order, which consists of the cardholder ’ s and merchant ’ s names, the quantities of each item ordered, the prices, etc.  PI=Payment Instructions, including the merchant ’ s name, the credit card number, the total price, etc.

1.2.2 Problem The bank does not need to know what the customer is ordering, and for security reasons the merchant should not know the card number. However, these two pieces of information need to be linked in some way. Otherwise, the merchant could attach the payment information to another order.

1.2.3 Transaction Scheme The system uses a public hash function H. A public key algorithm RSA is used, and the cardholder, the merchant, and the bank have their own public and private keys. Let E C, E M, and E B denote the encryption functions for the cardholder, the merchant, and the bank, and let D C, D M, and D B be the decryption functions.

1.2.3 Transaction Scheme (Continued)

Bank Cardholder Merchant

1.2.3 Transaction Scheme (Continued)

2 Undeniable Signature Normal digital signatures can be copied exactly. Sometimes this property is useful, as in the dissemination of public announcements. Other times it could be a problem. Imagine a digitally signed personal or business letter. If many copies of that document were floating around, each of which could be verified by anyone, this could lead to embarrassment or blackmail. The best solution is a digital signature that can be proven valid, but that the recipient cannot show to a third party without the signer ’ s consent.

2.1 Scenarios for Undeniable Signature

2.1 Scenarios for Undeniable Signature (Continued)

2.2 Basic Idea

2.2 Basic Idea (Continued)

2.3 Chaum-Antwerpen Scheme

2.3 Chaum-Antwerpen Scheme (Continued)

2.4 Further Consideration

2.4 Further Consideration (Continued)

3 Digital Cash Cash is a problem. It ’ s annoying to carry, it spreads germs, and people can steal it from you. Checks and credit cards have reduced the amount of physical cash flowing through society, but the complete elimination of cash is virtually impossible. It'll never happen; drug dealers and politicians would never stand for it. Checks and credit cards have an audit trail; you can ’ t hide to whom you gave money.

Checks and credit cards allow people to invade your privacy to a degree never before imagined. You might never stand for the police following you your entire life, but the police can watch your financial transactions. They can see where you buy your gas, where you buy your food, who you call on the telephone — all without leaving their computer terminals. People need a way to protect their anonymity in order to protect their privacy.

A great social need exists for this kind of thing. With the growing use of the Internet for commercial transactions, there is more call for network-based privacy and anonymity in business. (There are good reasons people are reluctant to send their credit card numbers over the Internet.)

3.1 Scenarios for Digital Cash Lobbyist Alice can transfer digital cash to congress critter Bob so that newspaper reporter Eve does not know Alice's identity. Bob can then deposit that electronic money into his bank account, even though the bank has no idea who Alice is. But if Alice tries to buy cocaine with the same piece of digital cash she used to bribe Bob, she will be detected by the bank. And if Bob tries to deposit the same piece of digital cash into two different accounts, he will be detected — but Alice will remain anonymous. Sometimes this is called anonymous digital cash.

3.2 Requirements for Digital Cash (1) Independence. The security of the digital cash is not dependent on any physical location. The cash can be transferred through computer networks. (2) Security. The digital cash cannot be copied and reused. (3) Privacy (Untraceability). The privacy of the user is protected; no one can trace the relationship between the user and his purchases.

3.2 Requirements for Digital Cash (Continued) (4) Off-line payment. When a user pays for a purchase with electronic cash, meaning no communication with the central bank is needed during the transaction. (5) Transferability. The digital cash can be transferred to other users. (6) Divisibility. A piece of digital cash in a given amount can be subdivided into smaller pieces of cash in smaller amounts. (Of course, everything has to total up properly in the end.)

3.3 Brands ’ s Digital Cash Scheme We describe a system that satisfies 1 through 4. The system is much more complicated than the centuries old system of actual coins. This is because electronic objects can be reproduced at essentially no cost, in contrast to physical cash, which has usually been rather difficult to counterfeit. Therefore, steps are needed to catch electronic cash counterfeiters. This means that something like a user ’ s signature needs to be attached to an electronic coin. The “ restricted blind signature ” is used to preserve the anonymity.

3.3.1 Architecture of Brands ’ s Scheme Participants  Bank  Spender  Merchant Algorithms  Initialization  Creating a coin  Spending a coin  Depositing a coin

Bank Spender Merchant Initialization Creating a coin Spending a coin Depositing a coin

3.3.2 Algorithms of Brands ’ s Scheme

3.3.2 Algorithms of Brands ’ s Scheme (Continued)

3.3.3 Anonymity of Brands ’ s Scheme

3.3.4 Other Security Concerns of Brands ’ s Scheme

Thank You!

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.