Skip to main content
SpringerLink
Log in
Book cover

European Public Key Infrastructure Workshop

EuroPKI 2007: Public Key Infrastructure pp 280–296Cite as

Reducing the Computational Cost of Certification Path Validation in Mobile Payment

  • Conference paper

Part of the Lecture Notes in Computer Science book series (LNSC,volume 4582)

Abstract

PKI can improve security of mobile payments but its complexity has made difficult its use in such environment. Certificate path validation is complex in PKI. This demands some storage and processing capacities to the verifier that can exceed the capabilities of mobile devices. In this paper, we propose TRUTHC to reduce computational cost of mobile payment authentication. TRUTHC replaces verification operations with hash operations. Results show a better reduction of the cost with ECDSA than with RSA.

Keywords

  • Public Key Infrastructure (PKI)
  • mobile payment
  • certification path validation
  • hash chains

This is a preview of subscription content, access via your institution.

Chapter
USD   29.95
Price excludes VAT (Canada)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (Canada)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (Canada)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Nambiar, S., Lu, C.-T., Liang, L.R.: Analysis of Payment Transaction Security in Mobile Commerce. In: IEEE International Conference on Information Reuse and Integration (IRI 2004), pp. 475–480 (2004)

    Google Scholar 

  2. Wrona, K., Schuba, M., Zavagli, G.: Mobile Payments – State of the Art and Open Problems. In: Fiege, L., Mühl, G., Wilhelm, U.G. (eds.) WELCOM 2001. LNCS, vol. 2232, pp. 88–100. Springer, Heidelberg (2001)

    CrossRef  Google Scholar 

  3. Hassinen, M., Hyppönen, K., Haataja, K.: An Open, PKI-Based Mobile Payment System. In: Müller, G. (ed.) ETRICS 2006. LNCS, vol. 3995, pp. 86–100. Springer, Heidelberg (2006)

    CrossRef  Google Scholar 

  4. Gao, J., Edunuru, K., Cai, J., Shim, S.: P2P-Paid: A Peer-to-Peer Wireless Payment System. In: Second IEEE International Workshop on Mobile Commerce and Services (WMCS 2005), pp. 102–111 (2005)

    Google Scholar 

  5. Housley, R., Polk, W., Ford, W., Solo, D.: RFC3280 - Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. IETF Network Working Group (2002)

    Google Scholar 

  6. Lamport, L.: Password Authentication with Insecure Communication. Communications of the ACM 24, 770–772 (1981)

    CrossRef  Google Scholar 

  7. Lee, B.k., Lee, T.-C., Yang, S.H.: A MEP (Mobile Electronic Payment) and IntCA Protocol Design. In: Yang, L.T., Rana, O.F., Di Martino, B., Dongarra, J.J. (eds.) HPCC 2005. LNCS, vol. 3726, pp. 331–339. Springer, Heidelberg (2005)

    CrossRef  Google Scholar 

  8. Karjoth, G., Asokan, N., Gülcü, C.: Protecting the Computation Results of Free-Roaming Agents. In: Second International Workshop on Mobile Agents (MA 1998), pp. 195–207. Springer, London(UK) (1998)

    Google Scholar 

  9. ITU -T. Recommendation X.509: Information Processing Systems - Open Systems Interconnection - The Directory: Authentication Framework (Technical Corrigendum), International Telecommunication Union (2000)

    Google Scholar 

  10. Daswani, N.: Cryptographic Execution Time for WTLS Handshakes on Palm OS Devices, Certicom Public Key Solutions (2000)

    Google Scholar 

  11. Gupta, V., Gupta, S., Chang, S., Stebila, D.: Performance Analysis of Elliptic Curve Cryptography for SSL. In: 3rd ACM Workshop on Wireless Security, pp. 87–94 (2002)

    Google Scholar 

  12. Tillich, S., Grobschädl, J.: A Survey of Public-Key Cryptography on J2ME-Enabled Mobile Devices. In: Aykanat, C., Dayar, T., Körpeoğlu, İ. (eds.) ISCIS 2004. LNCS, vol. 3280, pp. 935–944. Springer, Heidelberg (2004)

    Google Scholar 

  13. Lenstra, A.K., Verheul, E.R.: Selecting Cryptographic Key Sizes. In: Imai, H., Zheng, Y. (eds.) PKC 2000. LNCS, vol. 1751, Springer, Heidelberg (2000)

    Google Scholar 

  14. Long, M., Wu, C.H.: An Intrusion-Resilient and Lightweight Authentication Method Based on Optimum Hash Chain for Wireless Networks (Accessed at: 23/02/2007), http://www.eng.auburn.edu/users/longmen/paper.html

  15. Argyroudis, P.G., Verma, R., Tewari, H., O’Mahony, D.: Performance Analysis of Cryptographic Protocols on Handheld Devices. In: Third IEEE International Symposium on Network Computing and Applications (NCA 2004), pp. 169–174 (2004)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Telematics Engineering Department. Technical University of Catalonia, C/Jordi Girona 1-3, C3, 08034 - Barcelona, Spain)

    Cristina Satizábal, Rafael Martínez-Peláez, Jordi Forné & Francisco Rico-Novella

  2. Engineering and Architecture Department. Pamplona University, Km 1 via a Bucaramanga, Pamplona (Colombia),  

    Cristina Satizábal

Authors
  1. Cristina Satizábal
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Rafael Martínez-Peláez
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jordi Forné
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Francisco Rico-Novella
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Javier Lopez Pierangela Samarati Josep L. Ferrer

Rights and permissions

Reprints and Permissions

Copyright information

© 2007 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Satizábal, C., Martínez-Peláez, R., Forné, J., Rico-Novella, F. (2007). Reducing the Computational Cost of Certification Path Validation in Mobile Payment. In: Lopez, J., Samarati, P., Ferrer, J.L. (eds) Public Key Infrastructure. EuroPKI 2007. Lecture Notes in Computer Science, vol 4582. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-73408-6_20

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-73408-6_20

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-73407-9

  • Online ISBN: 978-3-540-73408-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

search

Navigation