Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Introduction The State of the Art in Electronic Payment Systems, IEEE Computer, September 1997.

Published byIsaac Bradford Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Introduction The State of the Art in Electronic Payment Systems, IEEE Computer, September 1997."— Presentation transcript:

1 1 Introduction The State of the Art in Electronic Payment Systems, IEEE Computer, September 1997

2 2 Requirements and Safeguards for ECommerce Entity authentication Message integrity Payment non-repudiation Effective audit mechanism Privacy

3 3 Safeguards and Security Mechanisms Cryptography –Private- and Public-key Cryptography –Cryptographic Certificates

4 4 Hello World and Welcome to The simple crypt Key=23 _r{{x7 @xe{s7 vys7@r {txzr7c x7Cr 7d~zg{r 7tengc Private-key Cryptography

5 5 ALICE BOB Eve

6 6 Message This is a big secret Message I?~jhYU WEKUia The Internet Message This is a big secret Message I?~jhYU WEKUia Recipient’s private key Recipient’s PUBLIC key

7 7 PGP,Version 6.5.1 Manual, NetworkAssociates, 1999.

8 8

9 9 Certificate Authorities The Certificate Authority (CA) is a trusted third party Provides the necessary authentication and security infrastructure The CA creates and issues certificates

10 10 PGP,Version 6.5.1 Manual, NetworkAssociates, 1999.

11 11 Sondra Schneider, IFsec, June 11, 1999.

12 12 Using the CA to Establish Trust Customer Merchant The CA 1- Establish a Certificate 2- send signed request and certificate 3- Check Signature 4-Merchant can trust customer and may continue with trade

13 13 Sondra Schneider, IFsec, June 11, 1999.

14 14 Sondra Schneider, IFsec, June 11, 1999.

15 15 Authentication Protocols General-purpose secure messaging protocols include: –SSL –S/MIME Secure protocols for electronic commerce include: –EDI/MIME. –SET

16 16 SET Byte, June 1997

17 17 June 1997

18 18 June 1997

19 19 The Use of Smartcards Byte, June 1997

20 20 Minimal Key Lengths for Symmetric Ciphers, Matt Blaze and others, 1996.

21 21 Avoiding bogus encryption products, Matt Curtin, 1998.

22 22 RSA from the RSA FAQ RSA is a public-key cryptosystem –take two large primes, p and q, –find their product n = pq; (n is called the modulus) –Choose, e, less than n and relatively prime to (p- 1)(q-1), and find its inverse, d, mod (p-1)(q-1), which means that: ed = 1 mod (p-1)(q-1) ; – e and d are called the public and private exponents, respectively. –The public key is the pair (n,e); –the private key is d. –The factors p and q must be kept secret, or destroyed.

23 23 Two numbers are relatively prime when they share no factors in common other than 1. In other words, if the greatest common divisor of a and n is equal to 1. This is written: gcd(a,n) = 1

24 24 It is difficult (presumably) to obtain the private key d from the public key (n,e). If one could factor n into p and q, however, then one could obtain the private key d. Thus the entire security of RSA is predicated on the assumption that factoring is difficult.

25 25 RSA encryption: suppose Alice wants to send a private message, m, to Bob. Alice creates the ciphertext c = m^e mod n, e and n are Bob's public key. To decrypt, Bob computes: m = c^d mod n, and recovers the original message m; the relationship between e and d ensures that Bob correctly recovers m. Since only Bob knows d, only Bob can decrypt.

26 26 public-key operations take O(k^2) steps, private key operations take O(k^3) steps, key generation takes O(k^4) steps where k is the number of bits in the modulus

Download ppt "1 Introduction The State of the Art in Electronic Payment Systems, IEEE Computer, September 1997."

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.

1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (4) Information Security.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (4) Information Security.
15-1 Last time Internet Application Security and Privacy Public-key encryption Integrity.

15-1 Last time Internet Application Security and Privacy Public-key encryption Integrity.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 29 Cryptography and Network.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 29 Cryptography and Network.
95-712 OOP/Java1 Public Key Crytography From: Introduction to Algorithms Cormen, Leiserson and Rivest.

OOP/Java1 Public Key Crytography From: Introduction to Algorithms Cormen, Leiserson and Rivest.
20-751 ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.

ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.
Public Key Crytography1 From: Introduction to Algorithms Cormen, Leiserson and Rivest.

Public Key Crytography1 From: Introduction to Algorithms Cormen, Leiserson and Rivest.
Cryptographic Techniques Instructor: Jerry Gao Ph.D. San Jose State University URL: May,

Cryptographic Techniques Instructor: Jerry Gao Ph.D. San Jose State University URL: May,
20-751 ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.

ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.

8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.

ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 1 Security PART VII.

McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
WS 2006-07 Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.

WS Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.
How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.

How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.

Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS Electronic Payment Systems 20-763 Lecture 6 Epayment Security II.

ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS Electronic Payment Systems Lecture 6 Epayment Security II.

Similar presentations

Ads by Google