Abstract
We introduce a new micropayment scheme, suitable for certain kinds of transactions, that requires neither online transactions nor trusted hardware for either the payer or payee. Each payer is periodically issued certified credentials that encode the type of transactions and circumstances under which payment can be guaranteed. A risk management strategy, taking into account the payers’ history, and other factors, can be used to generate these credentials in a way that limits the aggregated risk of uncollectable or fraudulent transactions to an acceptable level. These credentials can also permit or restrict types of purchases. We show a practical architecture for such a system that uses a Trust Management System to encode the credentials and policies. We describe a prototype implementation of the system in which vending machine purchases are made using consumer PDAs.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
M. Blaze, J. Feigenbaum, J. Ioannidis, and A.D. Keromytis. The KeyNote Trust Management System Version 2. Internet RFC 2704, September 1999.
M. Blaze, J. Feigenbaum, and J. Lacy. Decentralized Trust Management. In Proc. of the 17th Symposium on Security and Privacy, pages 164–173. IEEE Computer Society Press, Los Alamitos, 1996.
M. Bellare, J. Garay, A. Herzberg, H. Krawczyk, M. Steiner, G. Tsudik, and M. Waidner. iKP-A Family of Secure Electronic Payment Protocols. In Proceedings of the First USENIX Workshop on Electronic Commerce. USENIX, July 1995.
M. Bellare, J. Garay, C. Jutla, and M. Yung. VarietyCash: a Multi-Purpose Electronic Payment System. In Proceedings of the Third USENIX Workshop on Electronic Commerce. USENIX, September 1998.
D. Chaum. Blind signatures for untraceable payments. In Advances in Cryptology: Crypto’ 82 Proceedings. Plenum Press, 1982.
D. Chaum. Achieving Electronic Privacy. Scientific American, pages 96–101, August 1992.
B. Cox, D. Tygar, and M. Sirbu. NetBill security and transaction protocol. In Proceedings of the First USENIX Workshop on Electronic commerce. USENIX, July 1995.
N. Daswani and D. Boneh. Experimenting with Electronic Commerce on the PalmPilot. In Proceedings of the Third International Conference on Financial Cryptography, Volume 1648 in Lecture Notes in Computer Science, pages 1–16. Springer-Verlag, 1999.
N. Daswani, D. Boneh, H. Garcia-Molina, S. Ketchpel, and A. Paepcke. SWAPEROO: A Simple Wallet Architecture for Payments, Exchanges, Refunds, and Other Operations. In Proceedings of the Third USENIX Workshop on Electronic Commerce. USENIX, September 1998.
A. de Solages and J. Traore. An Efficient Fair Off-Line Electronic Cash System with Extensions to Checks and Wallets with Observers. In Proceedings of the Second International Conference on Financial Cryptography, Volume 1465 in Lecture Notes in Computer Science, pages 275–295. Springer-Verlag, 1998.
D. Eastlake, B. Boesch, S. Crocker, and M. Yesil. CyberCash Credit Card Protocol Version 0.8. Internet RFC 1898, February 1996.
E. Foo and C. Boyd. A Payment Scheme Using Vouchers. In Proceedings of the Second International Conference on Financial Cryptography, Volume 1465 in Lecture Notes in Computer Science, pages 103–121. Springer-Verlag, 1998.
A. Herzberg. Safeguarding Digital Library Contents. D-Lib Magazine, January 1998.
K. Hickman. Secure Socket Library, February 1995. http://home.netscape.com/security/techbriefs/ssl.html.
R. Hauser, M. Steiner, and M. Waidner. Micro-payments based on ikp. In Proceedings of the 14th Worldwide Congress on Computer and Communication Security Protection, June 1996.
A. Herzberg and H. Yochai. Mini-Pay: Charging per Click on the Web. http://www.hrl.il.ibm.com/mpay/, 1996.
C. Jutla and M Yung. Paytree: amortized signature for flexible micro-payments. In Proceedings of the Second USENIX Workshop on Electronic Commerce. USENIX, 1996.
M. S. Manasse. The Millicent protocols for electronic commerce. In Proceedings of the First USENIX Workshop on Electronic Commerce. USENIX, July 1995.
G. Medvinsky and C. Neuman. NetCash: A design for practical electronic currency on the internet. In Proceedings of the Second ACM Conference on Computer and Communication Security, November 1994.
C. Neuman and G. Medvinsky. Requirements for network payment: The Netcheque prospective. In Proceedings of IEEE COMCON, March 1995.
T. Poutanen, H. Hinton, and M. Stumm. NetCents: A Lightweight Protocol for Secure Micropayments. In Proceedings of the Third USENIX Workshop on Electronic Commerce. USENIX, September 1998.
R. Rivest and A. Shamir. PayWord and MicroMint. CryptoBytes, 2(1):7–11.
Secure Electronic Transactions (SET). http://www.setco.org/.
Lei Tang. A Set of Protocols for MicroPayments in Distributed Systems. In Proceedings of the First USENIX Workshop on Electronic Commerce. USENIX, July 1995.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Blaze, M., Ioannidis, J., Keromytis, A.D. (2002). Offline Micropayments without Trusted Hardware. In: Syverson, P. (eds) Financial Cryptography. FC 2001. Lecture Notes in Computer Science, vol 2339. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-46088-8_2
Download citation
DOI: https://doi.org/10.1007/3-540-46088-8_2
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-44079-6
Online ISBN: 978-3-540-46088-6
eBook Packages: Springer Book Archive