Presentation is loading. Please wait.

Presentation is loading. Please wait.

Secure Electronic Transaction (SET) University of Windsor

Published bySuparman Tan Modified over 5 years ago

Similar presentations

Presentation on theme: "Secure Electronic Transaction (SET) University of Windsor"— Presentation transcript:

1 Secure Electronic Transaction (SET) University of Windsor
Shervin Erfani Electrical and Computer Engineering Department University of Windsor December 2003 Reference: Chapter 7 of the Text, pp December 2, 2003 ECE Dept. – University of Windsor

2 ECE Dept. – University of Windsor
Overview of SET What is SET Protocol? What is the Goal of SET? How does it work? What does SET provide? December 2, 2003 ECE Dept. – University of Windsor

3 ECE Dept. – University of Windsor
SET Protocol The current version, SETv1, is a set of security protocol and formats to establish credit card transactions on the Internet. Provides a secure communication channel among all parties involved in an E-commerce transaction Provides trust by the use of X.509v3 digital certificates Ensures privacy December 2, 2003 ECE Dept. – University of Windsor

4 Secure Electronic Commerce Component
December 2, 2003 ECE Dept. – University of Windsor

5 Participants in the SET System
CARDHOLDER – Consumers and corporate purchasers using the Internet to Merchants MERCHANT – An organization that offers goods or services over the Internet ISSUER – A financial institution or bank providing the cardholder with the payment card ACQUIRER – A financial institution that processes payment card authorizations and payments on behalf of the merchant PAYMENT GATEWAT – A security interface function to process merchant payment messages for the Acquirer CERTIFICATION AUTHORITY (CA) – A trusted entity 3rd party issuing X.509v3 public-key certificates for cardholder, merchants, and payment gateways. December 2, 2003 ECE Dept. – University of Windsor

6 SET Encryption Overview
December 2, 2003 ECE Dept. – University of Windsor

7 SET Encryption Process
Sender’s Functions Step 1 – Alice generate MD of the plaintext, using a one-way hash  Data Integrity Step 2 – Alice encrypts the generated MD using her private key  Digital Signature Step 3 – Alice encrypts the plaintext, MD, and her certificate, using a generated session key (i.e., the hypertext)  Privacy Step 4 – Alice encrypts her generated symmetric session key with Bob’s public key ( i.e., a Digital Envelope)  Confidentiality Step 5 – Alice sends the hypertext along with the Digital Envelope to Bob December 2, 2003 ECE Dept. – University of Windsor

8 SET Encryption Process (Cont.)
Receiver’s Functions Step 6 – Receiving Alice’s message, Bob decrypts the Digital Envelope, using his private key to retrieve the session key  Decrypt Digital Envelope Step 7 – Bob decrypts the decrypted message using the session key  Decryption Step 8 – Bob decrypts the digital signature, using Alice’s public key  Recover the MD Step 9 – Bob runs the plaintext through the same one-way hash to produce a new MD for the received plaintext  Integrity Check Step 10 – Bob compares the generated MD with the received MD for Integrity Check; otherwise, he discards the message and notifies Alice  ACk or NAK December 2, 2003 ECE Dept. – University of Windsor

9 ECE Dept. – University of Windsor
Certificate Issuance SET certificates are verified through a hierarchy of trust. The public signature key of the root is known to all SET participants. The root key will be distributed in a self-signed certificate. A party can confirm its valid root key by sending an initiate request to the CA that has the root key. A replacement key for the root key is stored securely until it is needed. December 2, 2003 ECE Dept. – University of Windsor

10 SET Payment Processing
SET defines a variety of transaction protocols to securely conduct E-Commerce: Cardholder Registration Merchant Registration Purchase Request Payment Authorization Payment Capture December 2, 2003 ECE Dept. – University of Windsor

11 Cardholder Registration
December 2, 2003 ECE Dept. – University of Windsor

12 Merchant Registration
December 2, 2003 ECE Dept. – University of Windsor

13 ECE Dept. – University of Windsor
Purchase Request December 2, 2003 ECE Dept. – University of Windsor

14 Payment Authorization
December 2, 2003 ECE Dept. – University of Windsor

15 ECE Dept. – University of Windsor
Payment Capture December 2, 2003 ECE Dept. – University of Windsor

16 ECE Dept. – University of Windsor
What Does SET Provide? Confidentiality of Information: Conventional encryption such as DES is used for passing Cardholder account and payment information. Integrity of Data: RSA digital signature using SHA-1 hash codes are used. Cardholder Account Authentication: using X.509v3 digital certificates with RSA signatures. Merchant Authentication: SET uses X.509v3 digital certificates with RSA signatures December 2, 2003 ECE Dept. – University of Windsor

Download ppt "Secure Electronic Transaction (SET) University of Windsor"

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Cryptography and Network Security

Cryptography and Network Security
7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, I've Got You under My Skin“ by Cole Porter.

7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, "I've Got You under My Skin“ by Cole Porter.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
Cryptography and Network Security Chapter 17

Cryptography and Network Security Chapter 17
SET – Secure Electronic Transaction Setting The Stage For Safe Internet Shopping -Jignesh Shah- -Riyaz Malbari-

SET – Secure Electronic Transaction Setting The Stage For Safe Internet Shopping -Jignesh Shah- -Riyaz Malbari-
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
Chapter 8 Web Security.

Chapter 8 Web Security.
Secure Electronic Transactions (SET). SET SET is an encryption and security specification designed to protect credit card transactions on the Internet.

Secure Electronic Transactions (SET). SET SET is an encryption and security specification designed to protect credit card transactions on the Internet.
Supporting Technologies III: Security 11/16 Lecture Notes.

Supporting Technologies III: Security 11/16 Lecture Notes.
Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.

Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.
Secure Electronic Transaction (SET)

Secure Electronic Transaction (SET)
1 Web Security Web now widely used by business, government, individuals but Internet & Web are vulnerable have a variety of threats –integrity –confidentiality.

1 Web Security Web now widely used by business, government, individuals but Internet & Web are vulnerable have a variety of threats –integrity –confidentiality.
E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.

E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.
Electronic Payments E-payment methods –Credit cards –Electronic funds transfer (EFT) –E-payments Smart cards Digital cash and script Digital checks E-billing.

Electronic Payments E-payment methods –Credit cards –Electronic funds transfer (EFT) –E-payments Smart cards Digital cash and script Digital checks E-billing.
Securing Electronic Transactions University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.

Securing Electronic Transactions University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
Network Security Lecture 26 Presented by: Dr. Munam Ali Shah.

Network Security Lecture 26 Presented by: Dr. Munam Ali Shah.
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.

Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.
E-commerce What are the relationships among: – Client (i.e. you) – Server – Bank – Certification authority Other things to consider: – How to set up your.

E-commerce What are the relationships among: – Client (i.e. you) – Server – Bank – Certification authority Other things to consider: – How to set up your.
E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: 102088 March 10, 2001.

E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.

Similar presentations

Ads by Google