Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Experimenting with Electronic Commerce on the PalmPilot Neil DaswaniDan Boneh Public Key Solutions ‘99 April.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Experimenting with Electronic Commerce on the PalmPilot Neil DaswaniDan Boneh Public Key Solutions ‘99 April."— Presentation transcript:

1 1 Experimenting with Electronic Commerce on the PalmPilot Neil DaswaniDan Boneh daswani@cs.stanford.edu dabo@cs.stanford.edu Public Key Solutions ‘99 April 12 - 14

2 2 Overview zSecurity Applications on a PDA (advantages / disadvantages?) zHow about a payment system? (wide-deployment of PDAs?) zIs this feasible with existing PDA technology?

3 3 Outline zTrade-offs zE-Commerce on the PalmPilot zPDA-PayWord zPerformance zConclusions

4 4 Trade-offs zVs. SmartCards yno tamper resistance yno cryptographic accelerators ydirect line of communication with user ymore processing power ymore memory

5 5 Trade-offs zVs. Desktops yless memory yless processing power yportable

6 6 E-Commerce on the PalmPilot zSecurity Features (Lack of?) zCryptographic Primitives zAuthentication zMemory Mgmt. & Backups zPrototypical Application

7 7 Security Features (Lack of?) zDatabases -- No Access Control ynon-volatile ycreatorID y“secret” attribute (just a suggestion) zPassword Entry

8 8 * DES, SHA-1, RSA figures obtained with SSLeay * ECC-DSA figures obtained with Certicom Security Builder Toolkit Cryptographic Primitives

9 9 E-Commerce on the PalmPilot zAuthentication yPro: direct line of communication with owner yCon: entering passwords zMemory Management & Backups yEncrypted Storage (Instrument Manager) yPalmPilot Databases (deletion, double spending)

10 10 E-Commerce on the PalmPilot zSmall payments ($5 -> $50) zTarget Application: Pony Vending Machine

11 11 E-Commerce on the PalmPilot zWhere to start? yPayWord (Rivest, Shamir) zWhy PayWord? yamortize cost of signatures ycoins = hash tokens

12 12 PDA-PayWord zPalmPilot implementation of PayWord zMinimize cryptographic operations zMinimize storage requirements

13 13 PDA-PayWord Characteristics zVendor-Specific zPre-Pay (Debit-Based) zVendor = Bank zHash Chain Based

14 14 PDA-PayWord: Withdrawal Y0Y0 Y1Y1 YkYk {Y k, k, d, vid} S ECC- DSA (User) User’s Wallet Bank Pre-Paid? Yes HCC= {Y k, k, d, exp,vid} S RSA (Bank)

15 15 PDA-PayWord: Purchase Y0Y0 Y1Y1 Y k-i Y k-i, i, HCC User’s Wallet Y k-i Y k-i+1 YkYk Vendor

16 16 PDA-PayWord: Withdrawal Timings Note: d = 5

17 17 PDA-PayWord: Purchase Timings (First time $1.50 buy)

18 18 PDA-PayWord Variations zMultiple hash chains / Multiple denominations zStoring “sentinel” values zMultiple Vendors (Introduce Online Broker)

19 19 Conclusions / Summary zPDA = portable commerce device w/o tamper resistance zSuitable for small payments zCommerce protocols can be adapted zExample: PDA-PayWord yleverages best of ECC and RSA

20 20 Acknowledements zCerticom zAndrew Toy

Download ppt "1 Experimenting with Electronic Commerce on the PalmPilot Neil DaswaniDan Boneh Public Key Solutions ‘99 April."

Similar presentations

Internet payment systems

Internet payment systems
Biometry and Security: Secure Biometric Authentication for Weak Computational Devices Author: Zelenevskiy Vladimir Based on the research by M.J. Atallah.

Biometry and Security: Secure Biometric Authentication for Weak Computational Devices Author: Zelenevskiy Vladimir Based on the research by M.J. Atallah.
1 Chapter 10 Network Security. 2 Security Requirements zConfidentiality zIntegrity zAvailability.

1 Chapter 10 Network Security. 2 Security Requirements zConfidentiality zIntegrity zAvailability.
Customized Network Security Protocols Cristina Nita-Rotaru and Jeffrey Seibert SPONSORED BY DOUBLE-TAKE SOFTWARE (Jan. 2009 - July 2009) Department of.

Customized Network Security Protocols Cristina Nita-Rotaru and Jeffrey Seibert SPONSORED BY DOUBLE-TAKE SOFTWARE (Jan July 2009) Department of.
Hardware Cryptographic Coprocessor Peter R. Wihl Security in Software.

Hardware Cryptographic Coprocessor Peter R. Wihl Security in Software.
1 GP Confidential ©2013 1 GlobalPlatform’s Value Proposition for Mobile Point of Sale (mPOS)

1 GP Confidential © GlobalPlatform’s Value Proposition for Mobile Point of Sale (mPOS)
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.

_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.
_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.

_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.
Electronic Payment Systems Speaker: Jerry Gao Ph.D. San Jose State University URL: May,

Electronic Payment Systems Speaker: Jerry Gao Ph.D. San Jose State University URL: May,
PAYWORD, MICROMINT -TWO MICROPAYMENT SCHEMES PROJECT OF CS 265 SPRING, 2004 WRITTEN BY JIAN DAI.

PAYWORD, MICROMINT -TWO MICROPAYMENT SCHEMES PROJECT OF CS 265 SPRING, 2004 WRITTEN BY JIAN DAI.
Computer Science Dr. Peng NingCSC 774 Advanced Network Security1 Topic 3.2: Micro Payments.

Computer Science Dr. Peng NingCSC 774 Advanced Network Security1 Topic 3.2: Micro Payments.
Understanding Networked Applications: A First Course Chapter 14 by David G. Messerschmitt.

Understanding Networked Applications: A First Course Chapter 14 by David G. Messerschmitt.
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.

1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
Digital Cash Present By Kevin, Hiren, Amit, Kai. What is Digital Cash?  A payment message bearing a digital signature which functions as a medium of.

Digital Cash Present By Kevin, Hiren, Amit, Kai. What is Digital Cash?  A payment message bearing a digital signature which functions as a medium of.
Mobile Payments Index: Introduction Technologies Payment methods

Mobile Payments Index: Introduction Technologies Payment methods
An In-Depth Examination of PKI Strengths, Weaknesses and Recommendations.

An In-Depth Examination of PKI Strengths, Weaknesses and Recommendations.
Implementation of LSI for Privacy Enhancing Computation Kazue Sako, Sumio Morioka 2011.2.10

Implementation of LSI for Privacy Enhancing Computation Kazue Sako, Sumio Morioka
Principles and Learning Objectives

Principles and Learning Objectives
IHP Im Technologiepark 25 15236 Frankfurt (Oder) Germany IHP Im Technologiepark 25 15236 Frankfurt (Oder) Germany www.ihp-microelectronics.com © 2004 -

IHP Im Technologiepark Frankfurt (Oder) Germany IHP Im Technologiepark Frankfurt (Oder) Germany ©

Similar presentations

Ads by Google