Design of ECSEPP: Elliptic Curve Based Secure E-cash Payment Protocol
01 Jan 2016-pp 337-345
TL;DR: The proposed system secures the transactions not only by the nature of the curve but also makes use of the hash function to enhance the desired security measure and ensures mutual authentication, anonymity, non-repudiation and traceability of the users.
Abstract: The present scenario in the area of e-commerce the most popular term is E-cash. E-cash is developed to allow fully anonymous secure electronic cash transfer to support online trading between buyers and sellers. E-cash transfer system has helped us to make transaction electronically. In this paper we propose an elliptic curve based secure e-cash payment protocol. The proposed system secures the transactions not only by the nature of the curve but also makes use of the hash function to enhance the desired security measure. It also ensures mutual authentication, anonymity, non-repudiation and traceability of the users.
Citations
More filters
TL;DR: DOT-M, a practical dual offline transaction scheme designed for the mobile device user as either a payer or a payee, and six security properties of the scheme are analyzed under realistic assumptions and the security analysis and experimental results indicate that the scheme could meet the practical requirement of CBDC o﷽ine transaction for mobile users from both aspects of security and efficiency.
Abstract: . In recent years, many major economies have paid close attention to central bank digital currency (CBDC). As an optional attribute of CBDC, dual offline transaction is considered to have great practical value under the circumstances for payment without network connection. However, there is no public report or paper on how to securely design or implement the dual offline transaction function specifically for CBDC. In this paper, we propose DOT-M, a practical dual offline transaction scheme designed for the mobile device user as either a payer or a payee. Precisely, adopting secure element (SE) and trusted execution environment (TEE), the architecture of trusted mobile device is constructed to protect security-sensitive keys and execution of the transaction protocol. According to the trusted architecture, the data structure for offline transaction is designed as well. On this basis, we describe the core procedures of DOT-M in detail, including registration, account synchronization, dual offline transaction, and online data updating. We also enumerate the exceptional situations that may occur during the dual offline transaction, and give specific handling methods for each situation. Moreover, six security properties of the scheme are analyzed under realistic assumptions. A prototype system is implemented and finally tested with possible parameters. The security analysis and experimental results indicate that our scheme could meet the practical requirement of CBDC offline transaction for mobile users from both aspects of security and efficiency.
References
More filters
TL;DR: The question of primitive points on an elliptic curve modulo p is discussed, and a theorem on nonsmoothness of the order of the cyclic subgroup generated by a global point is given.
Abstract: We discuss analogs based on elliptic curves over finite fields of public key cryptosystems which use the multiplicative group of a finite field. These elliptic curve cryptosystems may be more secure, because the analog of the discrete logarithm problem on elliptic curves is likely to be harder than the classical discrete logarithm problem, especially over GF(2'). We discuss the question of primitive points on an elliptic curve modulo p, and give a theorem on nonsmoothness of the order of the cyclic subgroup generated by a global point.
5,378 citations
01 Jan 1983
TL;DR: Automation of the way the authors pay for goods and services is already underway, as can be seen by the variety and growth of electronic banking services available to consumers.
Abstract: Automation of the way we pay for goods and services is already underway, as can be seen by the variety and growth of electronic banking services available to consumers. The ultimate structure of the new electronic payments system may have a substantial impact on personal privacy as well as on the nature and extent of criminal use of payments. Ideally a new payments system should address both of these seemingly conflicting sets of concerns.
3,308 citations
TL;DR: The design, implementation, and deployment of a secure and practical payment system for electronic commerce on the Internet based on the iKP family of protocols-(i=1,2,3)-developed at IBM Research is discussed.
Abstract: This paper discusses the design, implementation, and deployment of a secure and practical payment system for electronic commerce on the Internet. The system is based on the iKP family of protocols-(i=1,2,3)-developed at IBM Research. The protocols implement credit card-based transactions between buyers and merchants while the existing financial network is used for payment clearing and authorization. The protocols are extensible and can be readily applied to other account-based payment models, such as debit cards. They are based on careful and minimal use of public-key cryptography, and can be implemented in either software or hardware. Individual protocols differ in both complexity and degree of security. In addition to being both a precursor and a direct ancestor of the well-known SET standard, iKP-based payment systems have been in continuous operation on the Internet since mid-1996. This longevity-as well as the security and relative simplicity of the underlying mechanisms-makes the iKP experience unique. For this reason, this paper also reports on, and addresses, a number of practical issues arising in the course of implementation and real-world deployment of a secure payment system.
180 citations
IBM1
TL;DR: This work unify the different mechanisms in a common framework with application programming interfaces that allows applications to be developed independent of specific payment systems with the additional benefit of providing a central point of control for payment information and policies.
Abstract: The growing importance of electronic commerce has resulted in the introduction of a variety of different and incompatible payment systems. For business application developers, this variety implies the need to understand the details of different systems, to adapt the code as soon as new payment systems are introduced, and also to provide a way of picking a suitable payment instrument for every transaction. In our work, we unify the different mechanisms in a common framework with application programming interfaces. Our framework provides services for transparent negotiation and selection of payment instruments as well. This allows applications to be developed independent of specific payment systems with the additional benefit of providing a central point of control for payment information and policies.
99 citations
20 May 2007
TL;DR: This paper presents an off-line divisible e-cash scheme where a user can withdraw a divisible coin of monetary value 2L that he can parceled and spend anonymously and unlinkably.
Abstract: This paper presents an off-line divisible e-cash scheme where a user can withdraw a divisible coin of monetary value 2Lthat he can parceled and spend anonymously and unlinkably. We present the construction of a security tag that allows to protect the anonymity of honest users and to revoke anonymity only in case of cheat for protocols based on a binary tree structure without using a trusted third party. This is the first divisible e-cash scheme that provides both full unlinkability and anonymity without requiring a trusted third party.
83 citations