Advertisement

Payment Approval for PayWord

  • László Aszalós
  • Andrea Huszti
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7690)

Abstract

In case of micropayment schemes, all costs that appear during functioning should be minimized. This includes cost of disputes and charge backs that result in penalties for the vendor. We extend the PayWord micropayment scheme with payment approval to minimize disputes, charge backs or to avoid attacks that ruin the reputation of the vendor. Payment approval is achieved by employing a MAC function per a purchase, that does not increase time complexity significantly. A formal evaluation in applied π and a proof that our scheme fulfills secure payment authorization, payment approval and secrecy of payment information are also given.

Keywords

Message Authentication Code Hash Chain Asymmetric Encryption Strand Space Payment Information 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Abadi, M., Fournet, C.: Mobile Values, New Names, and Secure Communication. In: 28th ACM Symposium on Principles of Programming Languages (POPL 2001), pp. 104–115 (2001)Google Scholar
  2. 2.
    Aszalós, L., Huszti, A.: Applying Spi-calculus for Payword. In: Proceedings of ICAI 2010 8th International Conference on Applied Informatics, pp. 295–302 (2010)Google Scholar
  3. 3.
    Azbel, I.: PayWord Micro-Payment Scheme. Strengths, Weaknesses and Proposed Improvements, http://citeseerx.ist.psu.edu/
  4. 4.
    Bella, G., Massacci, F., Paulson, L.C.: Verifying the set purchase protocols. J. Autom. Reasoning 36(1-2), 5–37 (2006)zbMATHCrossRefGoogle Scholar
  5. 5.
    Bellare, M., Garay, J., Hauser, R., Herzberg, A., Krawczyk, H., Steiner, M., Van Herrenweghen, E., Waidner, M.: Design, Implementation and Deployment of the iKP Secure Electronic Payment System. IEEE Journal of Selected Areas in Communications 18(4), 611–627 (2000)CrossRefGoogle Scholar
  6. 6.
    Blanchet, B.: Automatic verification of correspondences for security protocols. Journal of Computer SecurityGoogle Scholar
  7. 7.
    Blanchet, B., Smyth, B.: ProVerif 1.85:Automatic Cryptographic Protocol Verifier, User Manual and Tutorial (2011), http://www.proverif.ens.fr/manual.pdf
  8. 8.
    Kusters, R., Truderung, T.: Using proverif to analyze protocols with diffie-hellman exponentiation. In: Computer Security Foundations Symposium, pp. 157–171. IEEE (2009)Google Scholar
  9. 9.
    Lowe, G.: Casper: A compiler for the analysis of security protocols. In: CSFW, pp. 18–30. IEEE Computer Society (1997)Google Scholar
  10. 10.
    Meadows, C.: Language generation and verification in the nrl protocol analyzer. In: CSFW, pp. 48–61. IEEE Computer Society (1996)Google Scholar
  11. 11.
    Mitchell, J.C., Mitchell, M., Stern, U.: Automated analysis of cryptographic protocols using mur-phi. In: IEEE Symposium on Security and Privacy, pp. 141–151. IEEE Computer Society (1997)Google Scholar
  12. 12.
    Rivest, R., Shamir, A.: PayWord and MicroMint: Two simple Micropayment Schemes. In: Lomas, M. (ed.) Security Protocols 1996. LNCS, vol. 1189, pp. 69–87. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  13. 13.
    Javier Thayer, F., Herzog, J.C., Guttman, J.D.: Strand spaces: Why is a security protocol correct? In: IEEE Symposium on Security and Privacy, pp. 160–171. IEEE Computer Society (1998)Google Scholar
  14. 14.
    Kou, W.: Payment Technologies for E-Commerce. Springer (1998)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • László Aszalós
    • 1
  • Andrea Huszti
    • 1
  1. 1.Faculty of InformaticsUniversity of DebrecenDebrecenHungary

Personalised recommendations