Presentation is loading. Please wait.

Presentation is loading. Please wait.

Practical E-Payment Scheme

Published byPatience Greene Modified over 6 years ago

Similar presentations

Presentation on theme: "Practical E-Payment Scheme"— Presentation transcript:

1 Practical E-Payment Scheme
Author: Mohammad Al-Fayoumi, Sattar Aboud, and Mustafa Al-Fayoumi. Source: International Journal of Computer Science Issues, 2010, Vol. 7, No. 3, pp Presenter: Tsuei-Hung Sun (孫翠鴻) Date: 2010/12/17

2 Outline Introduction Motivation Scheme Security Analysis
Performance Evaluation Advantage vs. Weakness Comment

3 Introduction PayWord Protocol Credit-base Off-line scheme
R. Rivest, A. Shamir, 1996, “PayWord and MicroMint: two simple micropayment schemes,” Proceedings of the International Workshop on Security Protocols, LNCS Vol. 1189, pp Introduction PayWord Protocol Credit-base Off-line scheme Using RSA public key cryptography and hash chain. Decreasing the number of on-line connections between Bank and Merchant. 因為他不是每筆交易完就去跟Bank換錢,而是在一天交易結束後,直接拿最後一次更新的 Index payword去換,所已Customer 跟 Merchant 之間的交易並不需要每次都到Bank在回來,才完成交易 seed 的是代表全部的 random number xi, i=1,…,n 滿足 xi = h(xi+1) root: x0

4 PayWord Protocol Customer Bank Merchant MU = (IDM,CU,w0, EC,IM)PVU
(PKU,PVU) Generates hash chain = (w0, w1, …, wn) wi = h(wi+1), i = n-1, n-2, …, 0 MU = (IDM,CU,w0, EC,IM)PVU CU = (IDB,IDU,AU,PKU,EU,IU)PVB P = (wi,i) Payword chain 是由 Customer 產生的 IU: certificate serial number, credit limits to be applied per vendor, information on how to contact the broker, broker/vendor terms and conditions Bank (PKB,PVB) Merchant MU,P = (wi,i) CU: Customer‘s certificate published by the Bank. IDB: Bank’s ID. IDU: Customer’s ID. AU: Customer’s delivery address. EU: Expiration date. IU: Other information about Customer. MU: Customer’s commitment for Merchant. IDM: Merchant identity. W0: Root of payword chain. EC: Present date. IM: Merchant’s information.

5 Motivation Each payword chain is spent only to a specific Merchant.
Customer need to generate hash chain as many as the number of merchants he want to trade with. Not providing anonymity for Customer. Proposing a new blind signature scheme using discrete logarithm problem. 因為每個Payword chain 都是有指定廠商使用的,所跟幾個廠商交易就要有幾個 payword chain,並且記錄最後一個index

6 Scheme Bank Customer Select 1. prime integer p and generator g
2. private key d, 1 < d < p-2 3. random integer z < p-2 Select random integer v and u. Compute y = gd mod p e, f Publish (y,g,p) and keep d in secret. z Pick a random integer c. Find a Find a-1, j Verify Signature (e,w,x) e: represents an upper limit of cash that the user can use.

7 Security Analysis Forgery Detection Short public key attack
It is almost unfeasible to forge Customer’s payment without knowing Bank’s private key d. It is computationally intractable to obtain Bank’s private key without solving the discrete logarithm problem. Short public key attack Every signature is being randomized by certain random numbers. 所以attack沒辦法偽造Customer的簽章

8 Performance Evaluation
Table 1: Computations of efficacy in blinding scheme Protocol Name Blinding Scheme The pay-word protocol 5Th + 9Ta + 5Tm Proposed protocol 4Th + 8Ta + 4Tm Th: Calculation time for hash function operation Ta: Calculation time for addition in modular multiplication Tm: Calculation time for multiplication modular exponentiation

9 Advantage vs. Weakness Advantage Weakness
More efficient than the payword protocol. It is fast to verify the signature. Guarantee the payment is untraceable. Weakness Using discrete logarithm is still takes more computing time. More complex than the payword protocol. 可能會造成顧客的負擔,因為顧客的計算量很多

10 Comment The payword chain is generated by Customer.
The cash can be verified with both Bank’s and Customer’s information. The scheme only reduce a little computing time but it bring more parameters and step than the payword protocol. The offline payword protocol bring fewer cost then online one. 所以銀行只需要做盲簽章就行了,不用在去弄hash chain 因為離線方式商家只需一天一次全不提交給銀行去兌現,不像上線需一直重複的驗證並贖回

Download ppt "Practical E-Payment Scheme"

Similar presentations

An Introduction to Pairing Based Cryptography Dustin Moody October 31, 2008.

An Introduction to Pairing Based Cryptography Dustin Moody October 31, 2008.
Digital Cash Mehdi Bazargan Fall 2004.

Digital Cash Mehdi Bazargan Fall 2004.
CSC 774 Advanced Network Security

CSC 774 Advanced Network Security
Further improvement on the modified authenticated key agreement scheme Authors: N.Y. Lee and M.F. Lee Source: Applied Mathematics and Computation, Vol.157,

Further improvement on the modified authenticated key agreement scheme Authors: N.Y. Lee and M.F. Lee Source: Applied Mathematics and Computation, Vol.157,
PAYWORD, MICROMINT -TWO MICROPAYMENT SCHEMES PROJECT OF CS 265 SPRING, 2004 WRITTEN BY JIAN DAI.

PAYWORD, MICROMINT -TWO MICROPAYMENT SCHEMES PROJECT OF CS 265 SPRING, 2004 WRITTEN BY JIAN DAI.
Computer Science Dr. Peng NingCSC 774 Advanced Network Security1 Topic 3.2: Micro Payments.

Computer Science Dr. Peng NingCSC 774 Advanced Network Security1 Topic 3.2: Micro Payments.
1 Secure Credit Card Transactions on an Untrusted Channel Source: Information Sciences in review Presenter: Tsuei-Hung Sun ( 孫翠鴻 ) Date: 2010/9/24.

1 Secure Credit Card Transactions on an Untrusted Channel Source: Information Sciences in review Presenter: Tsuei-Hung Sun ( 孫翠鴻 ) Date: 2010/9/24.
Copyright 1996 RSA Data Security, Inc. All rights reserved.Revised 1/1/96 PayWord and MicroMint: Two Simple MicroPayment Schemes Ronald L. Rivest (MIT)

Copyright 1996 RSA Data Security, Inc. All rights reserved.Revised 1/1/96 PayWord and MicroMint: Two Simple MicroPayment Schemes Ronald L. Rivest (MIT)
Slide 1 Vitaly Shmatikov CS 378 Digital Cash. slide 2 Digital Cash: Properties uDigital “payment message” with properties of cash uUnforgeable Users cannot.

Slide 1 Vitaly Shmatikov CS 378 Digital Cash. slide 2 Digital Cash: Properties uDigital “payment message” with properties of cash uUnforgeable Users cannot.
Payment Systems 1. Electronic Payment Schemes Schemes for electronic payment are multi-party protocols Payment instrument modeled by electronic coin that.

Payment Systems 1. Electronic Payment Schemes Schemes for electronic payment are multi-party protocols Payment instrument modeled by electronic coin that.
Introduction to Modern Cryptography, Lecture 13 Money Related Issues ($$$) and Odds and Ends.

Introduction to Modern Cryptography, Lecture 13 Money Related Issues ($$$) and Odds and Ends.
1 Authenticated key agreement without using one-way hash functions Harn, L.; Lin, H.-Y. Electronics Letters, Volume: 37 Issue: 10, 10 May 2001 Presented.

1 Authenticated key agreement without using one-way hash functions Harn, L.; Lin, H.-Y. Electronics Letters, Volume: 37 Issue: 10, 10 May 2001 Presented.
Micro-Payment Protocols and Systems Speaker: Jerry Gao Ph.D. San Jose State University URL:

Micro-Payment Protocols and Systems Speaker: Jerry Gao Ph.D. San Jose State University URL:
Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.

Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.
1 A practical off-line digital money system with partially blind signatures based on the discrete logarithm problem From: IEICE TRANS. FUNDAMENTALS, VOL.E83-A,No.1.

1 A practical off-line digital money system with partially blind signatures based on the discrete logarithm problem From: IEICE TRANS. FUNDAMENTALS, VOL.E83-A,No.1.
How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.

How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.
Cryptography and Network Security Chapter 10. Chapter 10 – Key Management; Other Public Key Cryptosystems No Singhalese, whether man or woman, would venture.

Cryptography and Network Security Chapter 10. Chapter 10 – Key Management; Other Public Key Cryptosystems No Singhalese, whether man or woman, would venture.
J. Wang. Computer Network Security Theory and Practice. Springer 2008 Chapter 4 Data Authentication Part II.

J. Wang. Computer Network Security Theory and Practice. Springer 2008 Chapter 4 Data Authentication Part II.
Computer Science Public Key Management Lecture 5.

Computer Science Public Key Management Lecture 5.
Lecture 8 Digital Signatures. This lecture considers techniques designed to provide the digital counterpart to a handwritten signature. A digital signature.

Lecture 8 Digital Signatures. This lecture considers techniques designed to provide the digital counterpart to a handwritten signature. A digital signature.

Similar presentations

Ads by Google