Presentation is loading. Please wait.

Presentation is loading. Please wait.

Authors:Weimin Lang, Zongkai Yang, Gan Liu, Wenqing Cheng and Yunmeng Tan Source:Ninth International Symposium on Computers and Communications 2004, Proceedings.

Similar presentations


Presentation on theme: "Authors:Weimin Lang, Zongkai Yang, Gan Liu, Wenqing Cheng and Yunmeng Tan Source:Ninth International Symposium on Computers and Communications 2004, Proceedings."— Presentation transcript:

1 Authors:Weimin Lang, Zongkai Yang, Gan Liu, Wenqing Cheng and Yunmeng Tan Source:Ninth International Symposium on Computers and Communications 2004, Proceedings on ISCC 2004, Volume 1, 28 June - 1 July 2004, Pages 50–55 Date:2005/05/05 Presenter: Jung-wen Lo( 駱榮問 ) A New Efficient Micropayment Scheme Against Overspanding

2 2 Outline Introduction PayWord Scheme New Scheme Example Performance Analysis Comments

3 3 Introduction Types On-line system Protect customers from Double Spending & Overspending Ex. Millicent. Off-line system More efficient Ex. PayWord Adachi et al.(2003) Customer certificate abuse attack => Cannot prevent double spending & Overspending New scheme Based on probabilistic polling Loss shared by bank and merchant

4 4 Adachi et al. scheme Title: The Security Problems of Rivest and Shamir's PayWord Scheme Authors: Adachi, N., Aoki, S., Komano, Y. and Ohta, K. Source: IEEE International Conference on E- Commerce, 2003(CEC 2003), 24-27 June 2003, Pages: 20 – 23 When a customer exceeds his credit –Bank take full charge –Bank and shop share the damage Attacks: –Customer certificate abuse attack Use the same cetificate at another shop and exceed the credit –Bank falsification attack Bank damage the shops

5 5 PayWord Scheme Customer(C)Bank(B)Store(S) 1.Request 6.Verify M,C C 2.C C ={I B,I C,Addr C,PK C,E,Info} SK B E: Expired date Info: Information 3.Verify C C 4. Random w n w 0 =h n (w n ) w i-1 =h(w i ) 5.M={I S,C C,w 0,D,n} SK C 7.Order, (i,w i )8. h i (w i )?=w 0 9.Goods/Service 10. (i,w i ),M 11.Verify M,C C 12.Update DB ※ Payword n: {w 0,w 1, w 2, …, w n }

6 6 New Scheme(1/3) Bank(B) Customer(C) Cert C ={ID B,ID C,A C,PK C,Expiry,Add} SK B P C ={M C,X C,L C } ={10,0,{.}} Stage Bank Initialization Registration Withdraw M C =10 : Credit limit X C =0 : Counter of polling message L C ={.} : Merchants records Order Request f C =K/M C =5/10 =0.2 Cert C ={ID B,ID C,A C,PK C,Expiry,f C } SK B Random w n w 0 =H n (w n ) w i-1 =H(w i ) K=2 : Expect # of polling (eg.2-10) T=5: Threshold value for suspecting (eg.5-30)

7 7 New Scheme(2/3) Bank(B)Customer(C) Commit={ID M,Cert C,w 0,V C,Expiry,Add} SK C Merchant(M) Stage Payment ID C,V C X C =X C +1 IF X C <T=5 Otherwise Verify L C ← M (i,w i ) w 0 =h i (w i ) V C ×f C ≦ 1 Commit Acknowledgement Broadcast to L C Halt Accept V C =4: Dollar value of the payment IF X C <T Otherwise Acknowledgement Broadcast to L C Halt Accept Goods/Service Based on p=V C ×f C =V C ×K/M C =4×0.2 ≦ 1 V C ×f C >1 Halt

8 8 New Scheme(3/3) Bank(B)Customer(C)Merchant(M) Stage Deposit Loss shared by B and M all L C : M C ×X M /X C Compute Z C per day IF Z C >M C THEN Freeze C’s account (i,w i ),Commit Z C : Total value of the payments of C on a day X M : The number of M report

9 9 Performance Analysis Security No Forgery & Invalid spending => RSA cryptography & H() Overspending => Probabilistic polling Fairness Bank shares loss with merchant More fair than PayWord Efficiency Modest increase communication overhead Computational cost almost the same as PayWord Restricted Anonymity ID C is not the real identity => M cannot determine

10 10 Comments 結合 On-line & Off-line system 的優點 利用機率來進行 on-line check Performance 問題 Polling Broadcast to L C Bank 須紀錄 L C (Store List)


Download ppt "Authors:Weimin Lang, Zongkai Yang, Gan Liu, Wenqing Cheng and Yunmeng Tan Source:Ninth International Symposium on Computers and Communications 2004, Proceedings."

Similar presentations


Ads by Google