Skip to main content
SpringerLink
Log in

Cryptographic postage indicia

  • Invited Lecture
  • Conference paper
  • First Online:
Concurrency and Parallelism, Programming, Networking, and Security (ASIAN 1996)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 1179))

Included in the following conference series:

Abstract

Metered mail provides substantial opportunities for fraud. (Indeed, losses due to meter fraud in the United States are said to exceed $100 million annually.) We apply cryptographic techniques to prevent several types of improper use of metering indicia.

This paper describes a mail system that combines off-the-shelf barcode technology, tamper-proof devices, and cryptography in a fully-integrated secure franking system. This system provides protection against:

  1. 1.

    Tampering with postage meters to fraudulently obtain extra postage;

  2. 2.

    Forging and copying of postal indicia;

  3. 3.

    Unauthorized use of postage meters; and

  4. 4.

    Stolen postage meters.

We provide detailed justification for our design, and discuss important tradeoffs involving scanning strategies, encryption technology and 2-D barcode technology.

The US Postal Service recently announced an Information Based Indicia Program (IBIP) [20, 21, 22, 23, 24] which adopts principal design features of our model.

Beyond the intrinsic utility of this system, it also presents what is likely to be the first large scale use of public key infrastructure and microtransaction technology.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Ross Anderson and Markus Kuhn. Tamper resistance — a cautionary note. In Proceedings of The Second USENIX Workshop on Electronic Commerce, Oakland, CA, November 1996.

    Google Scholar 

  2. Dan Boneh, Richard DeMillo, and Richard Lipton. Cryptanalysis in the presence of hardware faults. Personal communications.

    Google Scholar 

  3. Cylink Corp. CY512i press release, February 1995.

    Google Scholar 

  4. Louis Claude Guillou, Michel Ugon, and Jean-Jacques Quisquater. The smart card: A standardized security device dedicated to public cryptology. In Gustavus J. Simmons, editor, Contemporary cryptology: The science of information integrity. IEEE Press, Piscataway, NJ, 1992.

    Google Scholar 

  5. Stuart Itkin and Josephine Martell. A PDF417 primer: A guide to understanding second generation bar codes and portable data files. Technical Report Monograph 8, Symbol Technologies, April 1992.

    Google Scholar 

  6. P. Kocher. Timing attacks on implementations of difiie-hellman, rsa, dss, and other systems. In Advances in Cryptology: Crypto '96 Proceedings, Lecture Notes in Computer Science. Springer-Verlag, 1996.

    Google Scholar 

  7. Bill McAllister. Postage meter fraud estimated at $100 million this year. Washington Post, September 1993.

    Google Scholar 

  8. National Semiconductor, Inc. iPower chip technology press release, February 1994.

    Google Scholar 

  9. National Institute of Science and Technology. A proposed federal information processing standard for digital signature standard. Technical Report Docket No. 910907-1207, RIN 0693-AA86, National Institute of Science and Technology, 1991.

    Google Scholar 

  10. U. S. National Institute of Standards and Technology. Federal information processing standards publication 140-1: Security requirements for cryptographic modules, January 1994.

    Google Scholar 

  11. José Pastor. CRYPTOPOST: A cryptographic application to mail processing. Journal of Cryptology, 3(2), 1991.

    Google Scholar 

  12. Theo Pavlidis, Jerome Swartz, and Ynjiun P. Wang. Fundamentals of bar code information theory. Computer, 23(4):74–86, April 1990.

    Article  Google Scholar 

  13. Theo Pavlidis, Jerome Swartz, and Ynjiun P. Wang. Information encoding with two-dimensional bar codes. Computer, 24(6):18–28, June 1992.

    Article  Google Scholar 

  14. Judy Rakowsky. 4 men accused of pocketing $4 million in postage fraud scheme. Boston Globe, February 1995.

    Google Scholar 

  15. R. Rivest, A. Shamir, and L. Adleman. A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM, 21(2):120–126, February 1978.

    Article  Google Scholar 

  16. Telequip, Inc. Crypta Plus press release, January 1995.

    Google Scholar 

  17. J. D. Tygar. Atomicity in electronic commerce. In Proceedings of the Fifteenth Annual ACM Symposium on Principles of Distributed Computing, pages 8–26, May 1996.

    Google Scholar 

  18. J. D. Tygar and Bennet S. Yee. Cryptography: It's not just for electronic mail anymore. Technical Report CMU-CS-93-107, Carnegie Mellon University, March 1993.

    Google Scholar 

  19. J. D. Tygar, Bennet S. Yee, and Nevin Heintze. Cryptographic postage indicia. Technical Report CMU-CS-96-113, Carnegie Mellon University, January 1996.

    Google Scholar 

  20. U. S. Postal Service. Information Based Indicia Program (IBIP) New Technology Metering Devices, May 1995.

    Google Scholar 

  21. U. S. Postal Service. Information Based Indidia Program (IBIP) Indicia Specification, July 1996.

    Google Scholar 

  22. U. S. Postal Service. Information Based Indidia Program (IBIP) Postal Secure Device (PSD) Specification, July 1996.

    Google Scholar 

  23. U. S. Postal Service. Specification for Postal Security Devices and Indicia (Postmarks). Federal Register, 61(128):34460–34461, July 1996.

    Google Scholar 

  24. U. S. Postal Service. Specification for Postal Security Devices and Indicia (Postmarks); Correction. Federal Register, 61(136):36940, July 1996.

    Google Scholar 

  25. U. S. Postal Service and U. K. Royal Mail. Personal communications.

    Google Scholar 

  26. Steve H. Weingart. Physical security for the μABYSS system. In Proceedings of the IEEE Computer Society Conference on Security and Privacy, pages 52–58, 1987.

    Google Scholar 

  27. Steve R. White, Steve H. Weingart, William C. Arnold, and Elaine R. Palmer. Introduction to the Citadel architecture: Security in physically exposed environments. Technical Report RC16672, Distributed security systems group, IBM Thomas J. Watson Research Center, March 1991. Version 1.3.

    Google Scholar 

  28. Bennet Yee and Doug Tygar. Secure coprocessors in electronic commerce applications. In Proceedings of The First USENIX Workshop on Electronic Commerce, New York, New York, July 1995.

    Google Scholar 

  29. Bennet S. Yee. Using Secure Coprocessors. PhD thesis, Carnegie Mellon University, 1994.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Carnegie Mellon Univ., 15213, Pittsburgh, PA

    J. D. Tygar

  2. UC San Diego, 92093, La Jolla, CA

    Bennet S. Yee

  3. Bell Laboratories, 07974, Murray Hill, NJ

    Nevin Heintze

Authors
  1. J. D. Tygar
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Bennet S. Yee
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Nevin Heintze
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Joxan Jaffar Roland H. C. Yap

Rights and permissions

Reprints and permissions

Copyright information

© 1996 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Tygar, J.D., Yee, B.S., Heintze, N. (1996). Cryptographic postage indicia. In: Jaffar, J., Yap, R.H.C. (eds) Concurrency and Parallelism, Programming, Networking, and Security. ASIAN 1996. Lecture Notes in Computer Science, vol 1179. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0027822

Download citation

  • DOI: https://doi.org/10.1007/BFb0027822

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-62031-0

  • Online ISBN: 978-3-540-49626-7

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation