Abstract
Recently, making Internet credit-card payment is widely accepted. Several payment protocols have been proposed to secure the credit-card payment on fixed networks. However, these protocols do not apply well to wireless networks due to the limitations of wireless devices and wireless networks themselves. In this paper, we propose a simple and powerful credit-card payment protocol for wireless networks. We implement a secure cryptographic technique that works well under this protocol. We show that our proposed protocol is more suitable for applying to wireless networks than SET and iKP in that client’s computation is reduced. The protocol also satisfies all security properties provided by both SET and iKP. Moreover, it offers the ability to resolve disputes and recover from failures which are normally occurred in wireless environment. Furthermore, client’s credit-card information is not required to be sent in the protocol. It results in the security enhancement of the system.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Abad-Peiro, J.L., Asokan, N., Steiner, M., Waidner, M.: Designing a generic payment service. IBM Systems Journal 37(1), 72–88 (1998)
Ahuja, V.: Secure Commerce on the Internet. Academic Press, London (1996)
Bellare, M., Garay, J.A., Hauser, R., Herzberg, A., Krawczyk, H., Steiner, M., Tsudik, G., Herreweghen, E.V., Waidner, M.: Design, Implementation, and Deployment of the iKP Secure Electronic Payment System. IEEE Journal of Selected Areas in Communications (2000)
Boyd, C., Park, D.G.: Public Key Protocols for Wireless Communications. In: Proceedings of the ICISC 1998, Seoul, Korea, pp. 47–57 (1998)
Boyd, C., Montague, P., Nguyen, K.: Elliptic Curve Based Password Authenticated Key Exchange Protocols. In: Varadharajan, V., Mu, Y. (eds.) ACISP 2001. LNCS, vol. 2119, pp. 487–501. Springer, Heidelberg (2001)
Cimato, S.: Design of an Authentication Protocol for GSM Javacards. In: Kim, K.-c. (ed.) ICISC 2001. LNCS, vol. 2288, pp. 355–368. Springer, Heidelberg (2002)
Herreweghen, E.V.: Non-Repudiation in SET: Open Issues. In: Frankel, Y. (ed.) FC 2000. LNCS, vol. 1962, pp. 140–156. Springer, Heidelberg (2001)
Horn, G., Preneel, B.: Authentication and Payment in Future Mobile Systems. In: Proceedings of 5th European Symposium on Research in Computer Security, Belgium, pp. 277–293 (1998)
Horn, G., Martin, K.M., Mitchell, C.J.: Authentication Protocols for Mobile Network Environment Value-Added Services. IEEE Transactions on Vehicular Technology 51(2), 383–392 (2002)
Kailar, R.: Accountability in Electronic Commerce Protocols. IEEE Transactions on Software Engineering 22(5) (1996)
Kungpisdan, S., Permpoontanalarp, Y.: Practical Reasoning about Accountability in Electronic Commerce Protocols. In: Kim, K.-c. (ed.) ICISC 2001. LNCS, vol. 2288, pp. 268–284. Springer, Heidelberg (2002)
Kungpisdan, S., Srinivasan, B., Le, P.D.: A Practical Framework for Mobile SET Payment. In: Proceedings of the IADIS International E-Society Conference, pp. 321–328 (2003)
Marvel, L.M.: Authentication for Low Power Systems. In: Proceedings of IEEE MILCOM (2001)
Mastercard and Visa. SET Protocol Specifications (1997), http://www.setco.org/set_specifications.html
Meadows, C., Syverson, P.: A Formal Specification of Requirements for Payment Transactions in the SET Protocol. In: Hirschfeld, R. (ed.) FC 1998. LNCS, vol. 1465, p. 15. Springer, Heidelberg (1998)
Romao, A., da Silva, M.: An Agent-Based Secure Internet Payment System for Mobile Computing. In: Lamersdorf, W., Merz, M. (eds.) TREC 1998. LNCS, vol. 1402, pp. 80–93. Springer, Heidelberg (1998)
Wong, D.S., Chan, A.H.: Efficient and Mutually Authentication Key Exchange for Low Power Computing Devices. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 272–289. Springer, Heidelberg (2001)
Yee, B.S.: Using Secure Coprocessor. PhD thesis. Carnegie Mellon University (1994)
Zhu, F., Wong, D.S., Chan, A.H., Ye, R.: Password Authenticated Key Exchange Based on RSA for Imbalanced Wireless Networks. In: Chan, A.H., Gligor, V.D. (eds.) ISC 2002. LNCS, vol. 2433, pp. 150–161. Springer, Heidelberg (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kungpisdan, S., Srinivasan, B., Le, P.D. (2003). Lightweight Mobile Credit-Card Payment Protocol. In: Johansson, T., Maitra, S. (eds) Progress in Cryptology - INDOCRYPT 2003. INDOCRYPT 2003. Lecture Notes in Computer Science, vol 2904. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-24582-7_22
Download citation
DOI: https://doi.org/10.1007/978-3-540-24582-7_22
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-20609-5
Online ISBN: 978-3-540-24582-7
eBook Packages: Springer Book Archive