International Journal of Automation and Computing

, Volume 2, Issue 2, pp 155–162

Formal verification of the Merchant Registration phase of the SET protocol

Authors

    • Department of Computer ScienceThe University of Reading
  • Xiao-Chun Cheng
    • Department of Computer ScienceThe University of Reading
Article

DOI: 10.1007/s11633-005-0155-5

Cite this article as:
Ma, X. & Cheng, X. Int J Automat Comput (2005) 2: 155. doi:10.1007/s11633-005-0155-5

Abstract

This paper describes the formal verification of the Merchant Registration phase of the Secure Electronic Transactions (SET) protocol, a realistic electronic transaction security protocol which is used to protect the secrecy of online purchases. A number of concepts, notations, functions, predicates, assumptions and rules are introduced. We describe the knowledge of all legal participants, and a malicious spy, to assess the security of the sub-protocol. Avoiding search in a large state space, the method converges very quickly. We implemented our method in the Isabelle/Isar automated reasoning environment, therefore the whole verification process can be executed mechanically and efficiently.

Keywords

Formal verification electronic transaction protocol knowledge-based system

Copyright information

© Institute of Automation, Chinese Academy of Sciences 2005