Presentation is loading. Please wait.

Presentation is loading. Please wait.

Computer Science Dr. Peng NingCSC 774 Advanced Network Security1 Topic 3.2: Micro Payments.

Published byHailee Hartley Modified over 9 years ago

Similar presentations

Presentation on theme: "Computer Science Dr. Peng NingCSC 774 Advanced Network Security1 Topic 3.2: Micro Payments."— Presentation transcript:

1 Computer Science Dr. Peng NingCSC 774 Advanced Network Security1 Topic 3.2: Micro Payments

2 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security2 Outline Micropayment systems –Make small purchase over the Internet Two simple micropayment schemes –PayWord –MicroMint

3 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security3 PayWord and MicroMint Main goal –Minimize the number of public key operations –Use hash operations instead whenever possible Hash functions are –100 times faster than RSA signature verification –10,000 times faster than RSA signature generation BrokerUser Vendor authorize pay redeem

4 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security4 PayWord Overview –Credit based scheme –Based on chains of paywords (hash values) –Broker gives a certificate to user to allow him/her to make paywords –User authenticates a complete chain to the vendor with a single public-key signature –User successively reveals each payword in the chain to make micropayment –Vendor gets money through broker.

5 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security5 PayWord (Cont’d) User-Broker relationship –User U establishes an account with broker B Credit card number, expiration date, etc. –Broker B gives user U a certificate Expiration date Credit limit per vendor Contact information of broker B … –The certificate: B will redeem authentic paywords produced by U turned in before the given expiration date. Essentially allows U to produce paywords.

6 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security6 PayWord (Cont’d) User-Vendor relationships –Randomly choose w n, and compute the paywords –User U sends Vender V her commitment M={V, C U, w 0, D, I M } SK U –Commitment is vendor-specific and user-specific w0w0 w2w2 wnwn w1w1 … h hhh h: one-way hash function

7 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security7 PayWord (Cont’d) Payment –A payment P from U to V –P = (w i, i) –U spends her paywords in order –Variable-size payment Example: U has just paid (w 3, 3). What should U send to V if she wants to pay 3 more cents? (_____, _____)

8 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security8 PayWord (Cont’d) Vendor-Broker relationship –For each User U, Vender V needs to send Broker B The commitment C U The last payment P=(w l, l) received from U –Broker verifies C U and each payment P=(w l, l) –Questions: What’s the cost of verifying P=(w l, l) ? –__________________ What property(ies) of the hash function is used in PayWord? –___________________

9 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security9 MicroMint Overview –No public key operations –For unrelated low-value payments –Broker produces MicroMint coins A coin is a bit string whose validity can be checked by anyone –Users purchase the coins –Users give the coins to vendors as payments –Vendors return coins to broker in turn for payments by other means.

10 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security10 MicroMint (Cont’d) Coins –Each coin is represented by a k-way collision that has distinct x i ’s. –The number of x-values that must be examined before one expects to see the first k-way collision is approximately 2 n(k-1)/k, where n is the number of bits in y. x1x1 x2x2 y xkxk … h h h h(x 1 )=h(x 2 )=…=h(x k )=y (x 1, x 2, …, x k ): k-way collision

11 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security11 MicroMint (Cont’d) Minting coins –Equivalent to throwing balls into 2 n bins Randomly select x, and compute y=h(x). –Throw approximately k*2 n balls Roughly 1/2 of the bins have at least k balls. x h y=h(x)

12 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security12 MicroMint (Cont’d) Minting coins –Question: If there are more than k x’s in the same bin, can we make more than one coin out of it? ________________ –Balance computational and storage requirements Good coins: a coin is good only when the high-order t bits are equal to a given value. Reduce the storage requirements Slow down the generation process –Tosses k*2 n balls, but get (1/2)*2 (n-t) coins.

13 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security13 MicroMint (Cont’d) Selling coins –Broker B remembers what coins User U gets Making payments –Vendor V can verify each coin Redemption –Vendor returns the coins to the broker –Broker checks coins and pays the vendor Only pay for coins that have not been previously returned.

14 Computer Science Dr. Peng NingCSC 774 Adv. Net. Security14 MicroMint (Cont’d) Double spending –Broker can detect doubly-spent coin –Broker can identify from which vendors he received such coins –Broker can link the doubly-spent coins with each user

Download ppt "Computer Science Dr. Peng NingCSC 774 Advanced Network Security1 Topic 3.2: Micro Payments."

Similar presentations

Ari Juels RSA Laboratories Executable Financial Instruments and MicroMint on the Cheap with Markus Jakobsson Bell Laboratories.

Ari Juels RSA Laboratories Executable Financial Instruments and MicroMint on the Cheap with Markus Jakobsson Bell Laboratories.
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 6. Security in Mobile Ad-Hoc Networks.

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 6. Security in Mobile Ad-Hoc Networks.
Computer Science Dr. Peng NingCSC 774 Advanced Network Security1 Topic 3.1: NetBill.

Computer Science Dr. Peng NingCSC 774 Advanced Network Security1 Topic 3.1: NetBill.
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 4.2 BiBa.

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 4.2 BiBa.
Secure Multiparty Computations on Bitcoin

Secure Multiparty Computations on Bitcoin
CSC 774 Advanced Network Security

CSC 774 Advanced Network Security
CSC 774 Advanced Network Security

CSC 774 Advanced Network Security
_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.

_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.
_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.

_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 3.3: Fair Exchange.

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 3.3: Fair Exchange.
Digital Signatures and Hash Functions. Digital Signatures.

Digital Signatures and Hash Functions. Digital Signatures.
PAYWORD, MICROMINT -TWO MICROPAYMENT SCHEMES PROJECT OF CS 265 SPRING, 2004 WRITTEN BY JIAN DAI.

PAYWORD, MICROMINT -TWO MICROPAYMENT SCHEMES PROJECT OF CS 265 SPRING, 2004 WRITTEN BY JIAN DAI.
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 5 Group Key Management.

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 5 Group Key Management.
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Preparation for In-class Presentations.

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Preparation for In-class Presentations.
Copyright 1996 RSA Data Security, Inc. All rights reserved.Revised 1/1/96 PayWord and MicroMint: Two Simple MicroPayment Schemes Ronald L. Rivest (MIT)

Copyright 1996 RSA Data Security, Inc. All rights reserved.Revised 1/1/96 PayWord and MicroMint: Two Simple MicroPayment Schemes Ronald L. Rivest (MIT)
Slide 1 Vitaly Shmatikov CS 378 Digital Cash. slide 2 Digital Cash: Properties uDigital “payment message” with properties of cash uUnforgeable Users cannot.

Slide 1 Vitaly Shmatikov CS 378 Digital Cash. slide 2 Digital Cash: Properties uDigital “payment message” with properties of cash uUnforgeable Users cannot.
Payment Systems 1. Electronic Payment Schemes Schemes for electronic payment are multi-party protocols Payment instrument modeled by electronic coin that.

Payment Systems 1. Electronic Payment Schemes Schemes for electronic payment are multi-party protocols Payment instrument modeled by electronic coin that.
Introduction to Modern Cryptography, Lecture 13 Money Related Issues ($$$) and Odds and Ends.

Introduction to Modern Cryptography, Lecture 13 Money Related Issues ($$$) and Odds and Ends.
IHP Im Technologiepark 25 15236 Frankfurt (Oder) Germany IHP Im Technologiepark 25 15236 Frankfurt (Oder) Germany www.ihp-microelectronics.com © 2004 -

IHP Im Technologiepark Frankfurt (Oder) Germany IHP Im Technologiepark Frankfurt (Oder) Germany ©
ELECTRONIC PAYMENT SYSTEMS 20-763 SPRING 2004 COPYRIGHT © 2004 MICHAEL I. SHAMOS Electronic Payment Systems 20-763 Lecture 9: Micropayments I.

ELECTRONIC PAYMENT SYSTEMS SPRING 2004 COPYRIGHT © 2004 MICHAEL I. SHAMOS Electronic Payment Systems Lecture 9: Micropayments I.

Similar presentations

Ads by Google