Presentation is loading. Please wait.

Presentation is loading. Please wait.

Network Security Tutorial-17 Design Fundamentals E-Commerce ET-IDA-082

Published byWilfred Baldwin Modified over 5 years ago

Similar presentations

Presentation on theme: "Network Security Tutorial-17 Design Fundamentals E-Commerce ET-IDA-082"— Presentation transcript:

1 Network Security Tutorial-17 Design Fundamentals E-Commerce ET-IDA-082
, v13, Prof. W. Adi

2 Problem 1: Secure Electronic Transaction (SET) Protocol:
A scenario of electronic transaction deploying the SET protocol is introduced respectively through the figures A, B and C. I. Dual Signature (figure A) All starts at the costumer side. In this first stage a dual signature should be issued. The Hash function used in the Dual Signature scheme is: H(x) = x3 mod 91 Compute the message digest of the Payment Information : PIMD Compute the message digest of the Order Information : OIMD Find the customer signing key PRc. RSA public key system is used, with a costumer’s open modulus Nc= 13 x 7 = 91 and a costumer’s public key PUc= 13. Compute the dual signature II. Purchase Request generation (Figure B) A request message is sent by the costumer to the merchant. One of the elements of this request message is the Digital Envelope (a temporary symmetric key encrypted using the customer‘s bank public key PUc). 5. Determine the bank signing key PRb . RSA public key system is used, with a bank open modulus Nb= 13 x 11 = 143 and a bank public key PUb= 17. 6. Generate the Digital Envelope . Ks=22. II. Purchase Request Validation on Merchant Side (Figure C) 7. Perform the verification mechanism done by the merchant by comparing POMD generated through the PIMD hashing with the POMD generated through the decryption of the Dual Signature.

3 SET: Customer Dual Signature
PI= 224 ? ? OI= 13 ? RSA: setup Nc = 13 x 7= 91 PUc = 13 PRc = ? H(x) = x3 mod 91 Source: Stalling Fig. A

4 SET Customer’s Purchase Request to Merchant
Ks= 22 RSA system setup Nb = 13 x 11= 143 PUb = 17 PRb = ? Passed on by merchant to payment gateway (Bank) ? Digital Envelope (DE) = ? ? Received by the Merchant Fig. B Source: Stalling

5 SET Purchase Request Validation on Merchant Side
Passed on by merchant to payment gateway (Bank) H(x) = x3 mod 91 OI= 13 ? ? Fig. C Source: Stalling 5

6 1) H(x) = x3 mod 91, PI = 224 , PIMD =2243 mod 91 = 14
Solution φ (Nc) PUc b1 b2 q r 72 13 1 5 7 -5 6 -11 1) H(x) = x3 mod 91, PI = 224 , PIMD =2243 mod 91 = 14 2) OI = 13 , OIMD = 133 mod 91 = 13 3) RSA: setup, Nc = 13 x 7= 91 PUc = 13 PRc = PUc-1 mod φ (Nc) PRc =7-1= -11 mod 72 = 61 4) POMD = H(PIMD||OIMD)= mod 91= 27 Dual Signature DS: DS= (POMD)PRc mod Nc = (27)61 mod 91= 27 5) RSA: setup, Nb = 13 x 11= 143, PUb= 17 PRb = PUb-1 mod φ (Nb) PRb =17-1=-7 mod 120 = 113 6) Digital Envelope = E(Ks) = (Ks)PUb mod Nb = (22)17 mod 143 = 55 7) POMD = H(PIMD||OIMD)= mod 91= 27 (DS)PUc mod Nc = (27)13 mod 91 = 27 = POMD φ(Nb) PUb b1 b2 q r 120 17 1 7 -7 6

7 Problem 2: Blind Signature:
A bank B is required to sign blindly a bill of 10€ (M=10). 1. The bank publishes his public key e=13 and his modulus as m=77, keeping both prime products p=11 and q=7 secret. Compute the banks secret key d. Bank client user A selects a random r for the blinding factor BF from the list (21,22,4) and give the reasons for a correct selection. 3. Make all necessary computations to calculate a blinded message BM sent to the bank. 4. Let the bank sign the blinded message BM and generates a blindly signed response BSR . Compute BSR. 5. Make the necessary computations by user A to extract the blind signature BS for M=10 and give the blindly signed bill in numerical form. 6. Verify the bill validity when received by other party by using the open directory. MH: Unterscheidet sich der Font auf dieser Folie absichtlich von den anderen?

8 Blindly signing a Message M of user A by user B
Solution Blindly signing a Message M of user A by user B Blinding Factor Open directory Authority Public key is: e Arithmetic modulo is: m m = p q (RSA Modulus) Select a random unit r gcd(m,r) = 1 Blinding factor BF BF= re mod m Private key d D= e-1 mod φ(m) d.e = 1 mod φ(m) User A User B BM = M re mod m BMr = (BM)d BMr = Md r BMr= (BM)d mod m BS = (BMr) r-1 BS = Md 8

9 The bank B blindly signs a message M from user A
Open directory Bank’s public key e = 13 Arithmetic modulo m= 11x 7= 77 Message/Value = M = 10 1. Bank discrete key computation: D = e-1 mod φ(m) φ(m) = φ(77)=φ(7.11)=(7-1)(11-1)=60 d = 13-1 mod 60=-23=37 Private key d = = 37 2. Blinding factor selection: gcd(r,77)=1 => r =4 r-1 =4-1= mod 77 = = 58

10 BF= re mod m = 413 mod 77 = 53 BSR = Md r mod m =40 3. Bank: User B
Blinding Factor BF Bank: User B BF= re mod m = 413 mod 77 = 53 BM = M. BF mod m = mode 77 = 68 Y2 = (Y1)d = Md r = (68)37 mode 77 = 40 4. BSR = Md r mod m =40 4-1 mod 77 5. BS = BSR r-1 = mod 77 = 10 BS = Md = 10 13-1 mod 60 6. Blindly Signed check: ( M, BS ) : ( 10, 10 ) Verification (BS)e = M (10)13 mod 77 = 10=M that is M is authentic

11 Problem 3: Full SET Transaction:
SET Dual Signature scheme is to be designed with the following parameters: Hash function: H(x) = x2 mod 107 Multiplicative Cipher: EK(M) = K. M mod 127 A Certification Trusted Authority CA should certify all SET usable public keys by using RSA setup and signature scheme: For any user such as A , the public A-Information based on RSA are: Ea : Public key Na : Public value A: User IDA or User Serial Number SNA . Info of A‘s certificate: Inf-A = A || Ea || Na The cetificate of a user A is defined as folllows: Cert A =< Inf-A , { H(Inf-A) }CA> { . }CA denotes a signed message by CA by using CA’s secret key Problem requirements: Run all SET protocols needed to execute a full transaction: Use Ks= 99 If any other system parameters are necessary and missing, design your own assumptions with full reasoning.

12 RSA setup for CA: pCA, qCA = 11, NCA= 11 x 29 = 319 , φ(NCA) = (11-1)(29-1)= 280 ECA = 33 DCA = 17 All public keys used for SET transactions are to be certified by CA. RSA setup for Bank: pb, qb = 13, Nb= 13 x 17 = 221 , φ(Nb) = (13-1)(17-1)= 192 Ebank = 61 Dbank = 85 Bank Certificate: Inf-Bank = Bank SN || Eb || Nb , where, Bank SN=134 , Eb = 61, Nb= 221 H(Inf-Bank )=H(Bank SN || Eb || Nb)=H( )= mod 107=13 DCA { H (Inf-Bank ) }CA= {13} = 1317 mod 319= 51 Certb =< Inf-Bank , { H (Inf-Bank ) }CA>=< ,51>

13 RSA setup for Customer:
pc, qc = 19, Nc= 11 x 23 = 209 , φ(Nc) = (19-1)(11-1)= 180 Ec = 47 Dc = 23 Customer Certificate: Inf- Customer = Customer SN || EC || NC , where, Customer SN=105 , EC = 47, NC= 209 H(Inf- Customer )=H(Customer SN || Ec || Nc) =H( ) = mod 107=25 DCA { H (Inf- Customer ) }CA= {25}; = 2517 mod 319= 284 CertC =< Inf- Customer , {H(Inf- Customer ) }CA> = < , 284>

14 SET: Customer Dual Signature
Payment Information PI: PI = Visa: 122 || Price:12€ PI= H(x) = x2 mod 107 ? ? ? Ordering Information OI: OI = Name/Addre:12|| Item:771|| Price: 12€ OI= Fig. (A) Source: Stalling

15 From Fig. A Ordering Information OI: OI = Name/Addre:12|| Item:771|| Price: 12€ = ( ) Payment Information PI: PI = Visa: 122 || Price:12€ = (122 12) Dual signature: (Fig. A) PIMD= H(PI)= mod 107 = 89 OIMD= H(OI)= mod 107 = 102 So that, POMD= H(PI || OI)= (89102)2 mod 107 = 92 Dual Signature: DS= POMDEc mod Nc = 9247 mod 209 = 104

16 SET Customer’s Purchase Request to Merchant
Ks= 99 Passed on by merchant to payment gateway (Bank) ? Digital Envelope (DE) = ? Verify bank’s public key ? Received by the Merchant Fig. (B) Source: Stalling

17 Check Purchase Request to Merchant: Fig. B
Verify the bank’s public key certificate in the side of the customer Certb =< Inf-Bank , { H (Inf-Bank ) }CA> = < ,51> Step 1: Customer computes the hash of Inf-Bank H(Inf-Bank )=H(Bank SN || Eb || Nb)=H( )= mod 107=13 Step 2: Customer verifies the CA signature of the bank’s public key. 51Eca mod NCA= mod 319=13 Check The bank’s public key is authentic Digital envelope (DE): Ks= 99 DE= KsEb mod Nb = 9961 mod 221 = 73 Payment order + Dual Signature + Information Order Digest encryption: E(PI||DS||OIMD)=E(12212||104||102)= E(122) || E(12) || E(104) || E(102) = 122x99+12x99+104x99+102x99 = 13||45||9||65 We split the overall message into chucks which are smaller than the modulo in order to be able to get the same values in time of decryption. In the decryption, make sure that you use the same chunks

18 SET Purchase Request Validation on Merchant Side
Passed on by merchant to payment gateway (Bank) OI= ? H(x) = x2 mod 107 ? Fig. (C)

19 Check: true Order Request Verification by Merchant: Fig. C:
Verify the customer Public Key certificate in the side of the merchant CertC =< Info-Costumer, { H (Info-Costumer) }CA>=< ,284> Step 1: Merchant computes the hash of Info-Costumer H(Info-Costumer)=H( )= mod 107=25 Step 2: Merchant verifies CA signature of the custome’s public key 284Eca mod NCA= mod 319=25 Check: true The costumer public key is authentic Verification of DS in the side of the merchant: H(PIMD || H(OI)) = H(89||H( ))= H(89||102)= 92 (DS)Dc = mod 209= 92

20 SET: Bank Verifies Payment Order
Passed on by merchant to gateway then to Bank Bank’s Verification Process PRb = Bank‘s Private key D Ks D PRb Source: Stalling Fig. (D)

21 on the side of the bank (Fig. D)
Customer certificate verification: The bank verifies the Public Key certificate of the costumer (like previously done by the merchant). Digital envelop decryption: (DE)Db mod Nb =(73)85mod 221=99=Ks Payment order + Dual Signature + Information Order Digest decryption : Ks-1=68 D(13||45||9||65)=13x68||45x68||9x68 ||65x68= Verification process of POMD authenticity: PIMD= H(PI)= mod 107 = 89 OIMD= 102 POMD=H(PIMD||OIMD)= H(89102)=92 Decryption of the dual signature: (DS)Dc = mod 209= 92 => POMD is authentic PI DS OIMD

Download ppt "Network Security Tutorial-17 Design Fundamentals E-Commerce ET-IDA-082"

Similar presentations

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.

1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.
Cryptography and Network Security

Cryptography and Network Security
7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, I've Got You under My Skin“ by Cole Porter.

7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, "I've Got You under My Skin“ by Cole Porter.
Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.

Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.
Cryptography and Network Security Chapter 17

Cryptography and Network Security Chapter 17
Cryptographic Techniques Instructor: Jerry Gao Ph.D. San Jose State University URL: May,

Cryptographic Techniques Instructor: Jerry Gao Ph.D. San Jose State University URL: May,
How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.

How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.
Chapter 8 Web Security.

Chapter 8 Web Security.
J. Wang. Computer Network Security Theory and Practice. Springer 2008 Chapter 4 Data Authentication Part II.

J. Wang. Computer Network Security Theory and Practice. Springer 2008 Chapter 4 Data Authentication Part II.
Secure Electronic Transaction Creating Debts Online with Confidence.

Secure Electronic Transaction Creating Debts Online with Confidence.
Secure Electronic Transaction (SET)

Secure Electronic Transaction (SET)
1 Web Security Web now widely used by business, government, individuals but Internet & Web are vulnerable have a variety of threats –integrity –confidentiality.

1 Web Security Web now widely used by business, government, individuals but Internet & Web are vulnerable have a variety of threats –integrity –confidentiality.
_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.

_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.
Network Security Lecture 26 Presented by: Dr. Munam Ali Shah.

Network Security Lecture 26 Presented by: Dr. Munam Ali Shah.
How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.

How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.
Secure Socket Layer (SSL) and Secure Electronic Transactions (SET) Network Security Fall 2014 Dr. Faisal Kakar

Secure Socket Layer (SSL) and Secure Electronic Transactions (SET) Network Security Fall Dr. Faisal Kakar
Cryptography and Network Security (CS435) Part Fourteen (Web Security)

Cryptography and Network Security (CS435) Part Fourteen (Web Security)
Web Security : Secure Socket Layer Secure Electronic Transaction.

Web Security : Secure Socket Layer Secure Electronic Transaction.
Network Security Lecture 27 Presented by: Dr. Munam Ali Shah.

Network Security Lecture 27 Presented by: Dr. Munam Ali Shah.

Similar presentations

Ads by Google