Abstract
SET (Secure Electronic Transaction) is a standard protocol for the credit card transaction in e-commerce. In order to improve the security and authentication efficiency of SET, a scheme was put forward. Adopting ECC (Elliptic Curve Cryptography) instead RSA performed authentication and verified the integrity of data, and the public key and private key of cardholder, merchant, payment gateway, and certificate authority were distributed based on ECC. Using dual signature, the payment information of cardholder was confidential to the merchant, the order information of cardholder kept secret to the payment gateway. Cardholder, merchant and payment gateway could authorize and verify message integrity each other in payment processing. Security analysis shows that this scheme has high security and efficient authentication.
This work is supported by the National Natural Science Foundation of China under Grant No. 60972078; the Gansu Provincial Natural Science Foundation of China under Grant No. 0916RJZA015.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Zhang, Y., Deng, X., Li, Y., et al.: E-commerce security assessment under group decision making. Journal of Information and Computational Science 8(1), 7–15 (2011)
Wu, Y.: E-commerce security based on a security engineering life cycle. Advanced Materials Research 171-172, 640–643 (2011)
Stallings, W.: Cryptography and Network Security Principles and Practices, 4th edn., pp. 549–559 (2007)
Wang, G.: An abuse-free fair contract-signing protocol based on the RSA signature. IEEE Transactions on Information Forensics and Security 5(1), 158–168 (2010)
Schäge, S., Schwenk, J.: A new RSA-based signature scheme. In: Bernstein, D.J., Lange, T. (eds.) AFRICACRYPT 2010. LNCS, vol. 6055, pp. 1–15. Springer, Heidelberg (2010)
Dennis, H., Eike, K.: Programmable Hash Functions and Their Applications (Article in Press). Journal of Cryptology, 1–44 (2011)
Jurisc, A., Menezes, A.: Elliptic Curve Cryptography. Dr. Dobb’s Journal, 135–140 (April 1997)
Hankerson, D., Hernandez, J., Menezes, A.: Software Implementation of Elliptic Curve Cryptography over Binary Fields. In: Paar, C., Koç, Ç.K. (eds.) CHES 2000. LNCS, vol. 1965, pp. 1–267. Springer, Heidelberg (2000)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Cao, LC. (2011). Improving Security of SET Protocol Based on ECC. In: Gong, Z., Luo, X., Chen, J., Lei, J., Wang, F.L. (eds) Web Information Systems and Mining. WISM 2011. Lecture Notes in Computer Science, vol 6987. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-23971-7_31
Download citation
DOI: https://doi.org/10.1007/978-3-642-23971-7_31
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-23970-0
Online ISBN: 978-3-642-23971-7
eBook Packages: Computer ScienceComputer Science (R0)