TM MilliCent Scrip, Security and Secrets TM Dr. Mark S. Manasse DIGITAL Systems Research Center, Palo Alto

Slides:



Advertisements
Similar presentations
M.B.A. II SEMESTER Course No. 208 Paper No. – XVI E-Business Dr.N.C.Dhande Unit II e-business frameworks e-selling process, e-buying, e-procurement, e-payments:
Advertisements

Michal Bodlák. Referred to as mobile money, mobile money transfer, and mobile wallet generally refer to payment services operated under financial regulation.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Chapter 6 E-commerce Payment Systems. Traditional Payment Systems Cash Checking Transfers Credit Card Accounts Stored Value Accounts Accumulating Balance.
SSL : An Overview Bruhadeshwar Bezawada International Institute of Information Technology, Hyderabad.
Hardware Cryptographic Coprocessor Peter R. Wihl Security in Software.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
Digital Signatures and Hash Functions. Digital Signatures.
Computer Science Dr. Peng NingCSC 774 Advanced Network Security1 Topic 3.2: Micro Payments.
Understanding Networked Applications: A First Course Chapter 14 by David G. Messerschmitt.
1 Secure Credit Card Transactions on an Untrusted Channel Source: Information Sciences in review Presenter: Tsuei-Hung Sun ( 孫翠鴻 ) Date: 2010/9/24.
Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.
TM Systems Research Center MilliCent ™ Scrip, security and secrets Dr. Mark S. Manasse DIGITAL Systems Research Center, Palo Alto
Chapter 13 Paying Via The Net. Agenda Digital Payment Requirements Fraud Detection Online Payment Methods Online Payment Types The Future Payment.
Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.
FIT3105 Smart card based authentication and identity management Lecture 4.
Online Security Tuesday April 8, 2003 Maxence Crossley.
Micro-Payment Protocols and Systems Speaker: Jerry Gao Ph.D. San Jose State University URL:
ELECTRONIC PAYMENT SYSTEMS FALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Electronic Payment Systems Lecture 10 Micropayments II.
1 Encryption What is EncryptionWhat is Encryption Types of EncryptionTypes of Encryption.
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
Electronic Check Payment Protocols and Systems
ELECTRONIC PAYMENT SYSTEMS SPRING 2004 COPYRIGHT © 2004 MICHAEL I. SHAMOS Electronic Payment Systems Lecture 9: Micropayments II.
ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS Electronic Payment Systems Lecture 3 Virtual Money.
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS eCommerce Technology Lecture 10 Micropayments II.
Electronic Payment By: El Panda. What is an electronic payment? Electronic money (also known as e-currency, e-money, electronic cash, electronic currency,
TrustPort Public Key Infrastructure. Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.
Financial Transactions on Internet Financial transactions require the cooperation of more than two parties. Transaction must be very low cost so that small.
Chapter 31 Network Security
Supporting Technologies III: Security 11/16 Lecture Notes.
Digital Cash By Gaurav Shetty. Agenda Introduction. Introduction. Working. Working. Desired Properties. Desired Properties. Protocols for Digital Cash.
BZUPAGES.COM Electronic Payment Systems Most of the electronic payment systems on internet use cryptography in one way or the other to ensure confidentiality.
Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.
Bitcoin (what, why and how?)
Electronic Payment Systems. How do we make an electronic payment? Credit and debit cards Smart cards Electronic cash (digital cash) Electronic wallets.
Cryptography Encryption/Decryption Franci Tajnik CISA Franci Tajnik.
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.
Introduction to Secure Sockets Layer (SSL) Protocol Based on:
E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.
Lecture 8 e-money. Today Secure Electronic Transaction (SET) CyberCash On line payment system using e-money ECash NetCash MilliCent CyberCoin.
4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.
Network Security Lecture 23 Presented by: Dr. Munam Ali Shah.
© 2008 Pearson Prentice Hall, Electronic Commerce 2008, Efraim Turban, et al. Electronic Payment Systems.
What is an electronic payment?
11.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 11 Message Integrity and Message Authentication.
2/16/001 E-commerce Systems Electronic Payment Systems.
Chapter 4 Using Encryption in Cryptographic Protocols & Practices.
IM NTU Distributed Information Systems 2004 Security -- 1 Security Yih-Kuen Tsay Dept. of Information Management National Taiwan University.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
A Practical Comparison of Modern Authentication Mechanisms.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Payment in Identity Federations David J. Lutz Universitaet Stuttgart.
Module 9 Micropayment systems. Properties of micropayment systems Micropayments do not have a real-world cash equivalent – cash cannot be divided into.
OBJECTIVES  To understand the concept of Electronic Payment System and its security services.  To bring out solution in the form of applications to.
Security fundamentals Topic 5 Using a Public Key Infrastructure.
Digital Cash Protocols: A Formal Presentation Delwin F. Lee & Mohamed G.Gouda The University of Texas at Austin Presented by Savitha Krishnamoorthy CIS.
Electronic Payment Systems Presented by Rufus Knight Veronica Ogle Chris Sullivan As eCommerce grows, so does our need to understand current methods of.
Lecture 11 Overview. Digital Signature Properties CS 450/650 Lecture 11: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.
1 Chapter 7 WEB Security. 2 Outline Web Security Considerations Secure Socket Layer (SSL) and Transport Layer Security (TLS) Secure Electronic Transaction.
1/18 Talking to Strangers: Authentication in Ad-Hoc Wireless Networks Dirk Balfanz 외 2 명 in Xerox Palo Alto Research Center Presentation: Lee Youn-ho.
Mar 18, 2003Mårten Trolin1 Agenda Parts that need to be secured Card authentication Key management.
Fourth Edition by William Stallings Lecture slides by Lawrie Brown
Who Uses Encryption? Module 7 Section 3.
Electronic Payment Security Technologies
Presentation transcript:

TM MilliCent Scrip, Security and Secrets TM Dr. Mark S. Manasse DIGITAL Systems Research Center, Palo Alto

TM Scrip  Vendor-specific currency –not quite cash, account, bearer certificate,...  Can represent money, access rights, points, etc.  Generated by either brokers or vendors  Based on secrets and cryptography Like a software pre-paid phone card, with PIN

TM Cryptography in MilliCent  A one-way hash function has the properties: –one-way:  given hash(S), it is hard to find S –collision-free:  given S and hash(S), it is hard to find T such that S  T  and  hash(S) = hash(T)  MD5 or HMAC-MD5 Hash functions

TM Cryptography in MilliCent  Suppose that A and B share a secret S  When A wants to communicate M to B: –for integrity and authenticity  A can send hash(M,S) together with M  B can check hash(M,S) –for secrecy  A can generate and send a random number N, and hash(N,S) XOR M, instead of M  only A and B can recover M Applications of one-way hash functions

TM Hash Master scrip secret 5 Stamp Vendor Value ID# Cust ID# Expiry Props Customer Master scrip secret 4 Master scrip secret 5 Master scrip secret 6 Scrip stamp generation (at vendor or broker)

TM Hash Master scrip secret 5 Stamp Vendor Value ID# Cust ID# Expiry Props Customer Master scrip secret 4 Master scrip secret 5 Master scrip secret 6 Stamp Compare Scrip stamp validation (at vendor)

TM RequestScripCustomer secret Hash Request stamp Request stamp computation (at customer and vendor)

TM Master customer secret 2 Master customer secret 3 Master customer secret 4 Master customer secret 3 Customer secret Hash Vendor Value ID# Cust ID# Expiry Props Cust ID# Customer secret computation (at broker or vendor)

TM Advantages of Scrip  Double-spending is easy to detect –It requires only a local lookup (using a unique sequence number) –In contrast, other kinds of currency may require a round-trip to a central authority  Forgery is hard –Scrip includes a stamp  Scrip cannot be stolen –Payment is cryptographically tied to request Within MilliCent...

TM Advantages of Scrip  Payment for services is reliable  Cheating is hard –For customers –For interlopers and financial agents  Being a vendor is easy –The vendor bills the broker, not the customer –Overhead is small  Both large and small vendors are viable For vendors...

TM Advantages of Scrip  Billing is verifiable –Fraud is detectable –The customer has some control of financial exposure  System preserves some privacy –No one knows everything you buy  Commerce is easy –A web browser can handle payments –The customer may set policy and trust limits For users...

TM Digital Equipment Corporation © 1997

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.