Skip to main content
SpringerLink
Log in

A secure and efficient authenticated encryption for electronic payment systems using elliptic curve cryptography

  • Published:
Electronic Commerce Research Aims and scope Submit manuscript

Abstract

The use of e-payment system for electronic trade is on its way to make daily life more easy and convenient. Contrarily, there are a number of security issues to be addressed, user anonymity and fair exchange have become important concerns along with authentication, confidentiality, integrity and non-repudiation. In a number of existing e-payment schemes, the customer pays for the product before acquiring it. Furthermore, many such schemes require very high computation and communication costs. To address such issues recently Yang et al. proposed an authenticated encryption scheme and an e-payment scheme based on their authenticated encryption. They excluded the need of digital signatures for authentication. Further they claimed their schemes to resist replay, man-in-middle, impersonation and identity theft attack while providing confidentiality, authenticity, integrity and privacy protection. However our analysis exposed that Yang et al.’s both authenticated encryption scheme and e-payment system are vulnerable to impersonation attack. An adversary just having knowledge of public parameters can easily masquerade as a legal user. Furthermore, we proposed improved authenticated encryption and e-payment schemes to overcome weaknesses of Yang et al.’s schemes. We prove the security of our schemes using automated tool ProVerif. The improved schemes are more robust and more lightweight than Yang et al.’s schemes which is evident from security and performance analysis.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7

Similar content being viewed by others

References

  1. Chen, S., & Ning, J. (2002). Constraints on e-commerce in less developed countries: The case of china. Electronic Commerce Research, 2(1–2), 31–42. doi:10.1023/A:1013331817147.

    Article  Google Scholar 

  2. Kshetri, N. (2013). Cybercrime and cyber-security issues associated with china: some economic and institutional considerations. Electronic Commerce Research, 13(1), 41–69. doi:10.1007/s10660-013-9105-4.

    Article  Google Scholar 

  3. Huang, X., Dai, X., & Liang, W. (2014). Bulapay: A novel web service based third-party payment system for e-commerce. Electronic Commerce Research, 14(4), 611–633. doi:10.1007/s10660-014-9172-1.

    Article  Google Scholar 

  4. Chaum, D. (2013). Blind signatures for untraceable payments. In Advances in cryptology—CRYPTO ’86 Proceedings (pp. 199–203). Berlin: Springer.

  5. Lysyanskaya, A., & Ramzan, Z. (1998). Group blind digital signatures: A scalable solution to electronic cash. In D. M. Goldschlag & S. G. Stubblebine (Eds.), Financial cryptography (pp. 184–197). Berlin: Springer.

    Chapter  Google Scholar 

  6. Zhang, L., Zhang, F., Qin, B., & Liu, S. (2011). Provably-secure electronic cash based on certificateless partially-blind signatures. Electronic Commerce Research and Applications, 10(5), 545–552.

    Article  Google Scholar 

  7. Xiaojun, W. (2010). An e-payment system based on quantum group signature. Physica Scripta, 82(6), 65403.

    Article  Google Scholar 

  8. Eslami, Z., & Talebi, M. (2011). A new untraceable off-line electronic cash system. Electronic Commerce Research and Applications, 10(1), 59–66.

    Article  Google Scholar 

  9. Yen, Y.-C., Wu, T.-C., Lo, N.-W., & Tsai, K.-Y. (2012). A fair-exchange e-payment protocol for digital products with customer unlinkability. KSII Transactions on Internet and Information Systems, 6(11), 2956–2979.

    Google Scholar 

  10. Chen, X., Li, J., Ma, J., Lou, W., & Wong, D. S. (2014). New and efficient conditional e-payment systems with transferability. Future Generation Computer Systems, 37, 252–258.

    Article  Google Scholar 

  11. Yang, J.-H., Chang, Y.-F., & Chen, Y.-H. (2013). An efficient authenticated encryption scheme based on ecc and its application for electronic payment. Information Technology And Control, 42(4), 315–324.

    Article  Google Scholar 

  12. Farash, M. S., & Attari, M. A. (2014). A secure and efficient identity-based authenticated key exchange protocol for mobile client-server networks. The Journal of Supercomputing, 69(1), 395–411.

    Article  Google Scholar 

  13. Irshad, A., Sher, M., Faisal, M. S., Ghani, A., Ul Hassan, M., & Ch, S. A. (2014). A secure authentication scheme for session initiation protocol by using ecc on the basis of the tang and liu scheme. Security and Communication Networks, 7(8), 1210–1218.

    Article  Google Scholar 

  14. Irshad, A., Sher, M., Rehman, E., Ch, S. A., Ul Hassan, M., & Ghani, A. (2013). A single round-trip sip authentication scheme for voice over internet protocol using smart card. Multimedia Tools and Applications. doi:10.1007/s11042-013-1807-z.

  15. Farash, M. S., & Attari, M. A. (2013). An enhanced authenticated key agreement for session initiation protocol. Information Technology and Control, 42(4), 333–342.

    Article  Google Scholar 

  16. Farash, M. S. (2014). Cryptanalysis and improvement of an efficient mutual authentication rfid scheme based on elliptic curve cryptography. The Journal of Supercomputing, 70(1), 987–1001.

    Article  Google Scholar 

  17. Farash, M. S., & Attari, M. A. (2014). An anonymous and untraceable password-based authentication scheme for session initiation protocol using smart cards. International Journal of Communication Systems. doi:10.1002/dac.2848.

  18. Farash, M. S. (2014). Security analysis and enhancements of an improved authentication for session initiation protocol with provable security. Peer-to-Peer Networking and Applications. doi:10.1007/s12083-014-0315-x.

  19. Farash, M. S. (2015). Cryptanalysis and improvement of an improved authentication with key agreement scheme on elliptic curve cryptosystem for global mobility networks. International Journal of Network Management, 25(1), 31–51.

    Article  Google Scholar 

  20. Farash, M. S., Kumari, S., & Bakhtiari, M. (2015). Cryptanalysis and improvement of a robust smart card secured authentication scheme on sip using elliptic curve cryptography. Multimedia Tools and Applications. doi:10.1007/s11042-015-2487-7.

  21. Farash, M. S., Islam, S. H., & Mohammad, S. O. (2015). A provably secure and efficient two-party password-based explicit uthenticated key exchange protocol resistance to password guessing attacks. Concurrency and Computation: Practice and Experience. doi:10.1002/cpe.3477.

  22. Zheng, Y. (1997). Digital signcryption or how to achieve cost (signature & encryption)〈〈 cost (signature) + cost (encryption). In Advances in Cryptology-CRYPTO’97 (pp. 165–179). Berlin: Springer.

  23. He, D., Kumar, N., & Chilamkurti, N. (2015). A secure temporal-credential-based mutual authentication and key agreement scheme with pseudo identity for wireless sensor networks, Information Sciences. doi:10.1016/j.ins.2015.02.010

  24. He, D., & Zeadally, S. (2015). Authentication protocol for an ambient assisted living system. Communications Magazine, IEEE, 53(1), 71–77.

    Article  Google Scholar 

  25. Chaudhry, S., Naqvi, H., Shon, T., Sher, M., & Farash, M. (2015). Cryptanalysis and improvement of an improved two factor authentication protocol for telecare medical information systems. Journal of Medical Systems, 39(6), 1–11. doi:10.1007/s10916-015-0244-0.

    Article  Google Scholar 

  26. Abdalla, M., Benhamouda, F., & Pointcheval, D. (2015). Public-key encryption indistinguishable under plaintext-checkable attacks. In Public-Key Cryptography—PKC 2015 (pp. 332–352). Berlin: Springer.

  27. Ch, S. A., Nizamuddin, N., Sher, M., Ghani, A., Naqvi, H., & Irshad, A. (2014). An efficient signcryption scheme with forward secrecy and public verifiability based on hyper elliptic curve cryptography. Multimedia Tools and Applications. doi:10.1007/s11042-014-2283-9.

  28. Ch, S. A., Nizamuddin, N., & Sher, M. (2012). Public verifiable signcryption schemes with forward secrecy based on hyperelliptic curve cryptosystem. In Information systems, technology and management (pp. 135–142). Springer.

  29. Nizamuddin, N., Ch, S. A., Nasar, W., & Javaid, Q. (2011. )Efficient signcryption schemes based on hyperelliptic curve cryptosystem. In 2011 7th IEEE international conference on emerging technologies (ICET) (pp. 1–4).

  30. Nizamuddin, N., Ch, S. A., & Amin, N. (2011). Signcryption schemes with forward secrecy based on hyperelliptic curve cryptosystem. In IEEE high capacity optical networks and enabling technologies (HONET), 2011 (pp. 244–247).

  31. Zheng, Y. (1997). Digital signcryption or how to achieve cost (signature & encryption) cost (signature) + cost (encryption). In Advances in cryptology-CRYPTO’97 (pp. 165–179). Santa Barbara: Springer.

  32. Li, C.-T. (2011). Secure smart card based password authentication scheme with user anonymity. Information Technology and Control, 40(2), 157–162.

    Article  Google Scholar 

  33. Hong, J.-W., Yoon, S.-Y., Park, D.-I., Choi, M.-J., Yoon, E.-J., & Yoo, K.-Y. (2011). A new efficient key agreement scheme for vsat satellite communications based on elliptic curve cryptosystem. Information Technology and Control, 40(3), 252–259.

    Google Scholar 

  34. Farash, M. S., & Attari, M. A. (2014). A provably secure and efficient authentication scheme for access control in mobile pay-tv systems. Multimedia Tools and Applications. doi:10.1007/s11042-014-2296-4.

  35. Johnson, D., Menezes, A., & Vanstone, S. (2001). The elliptic curve digital signature algorithm (ecdsa). International Journal of Information Security, 1(1), 36–63.

    Article  Google Scholar 

  36. Xie, Q., Dong, N., Tan, X., Wong, D. S., & Wang, G. (2013). Improvement of a three-party password-based key exchange protocol with formal verification. Information Technology And Control, 42(3), 231–237.

    Article  Google Scholar 

  37. Xie, Q., Dong, N., Wong, D. S., & Hu, B. Cryptanalysis and security enhancement of a robust two-factor authentication and key agreement protocol. International Journal of Communication Systems. doi:10.1002/dac.2858

  38. Hu, B., Xie, Q., & Li, Y. (2011). Automatic verification of password-based authentication protocols using smart card. In 2011 IEEE international conference on information technology, computer engineering and management sciences (ICM) (Vol. 1, pp. 34–39).

  39. Cheval, V., & Blanchet, B. (2013). Proving more observational equivalences with proverif. In D. Basin & J. C. Mitchell (Eds.), Principles of security and trust (pp. 226–246). Berlin: Springer.

    Chapter  Google Scholar 

Download references

Acknowledgments

Authors would like to thank the anonymous reviewers and Prof. John Gerdes for their valuable suggestions to improve the quality, correctness, presentation and readability of the manuscript.

Author information

Authors and Affiliations

  1. Department of Computer Science & Software Engineering, International Islamic University, Islamabad, Pakistan

    Shehzad Ashraf Chaudhry, Husnain Naqvi & Muhammad Sher

  2. Faculty of Mathematics and Computer Sciences, Kharazmi University, Tehran, Iran

    Mohammad Sabzinejad Farash

Authors
  1. Shehzad Ashraf Chaudhry
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mohammad Sabzinejad Farash
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Husnain Naqvi
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Muhammad Sher
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Mohammad Sabzinejad Farash.

Appendix

Appendix

In this appendix, we provided the ProVerif verification code for the proposed e-payment system. The protocol model of ProVerif is consisting of three parts. In declaration cryptographic primitives are defined as constructors, destructors and equations. Names are also defined in declaration part. Processes and sub processes are defined in process part, while the protocol is modeled in main process part. In ProVerif, cryptographic primitives are represented as set of functions (termed as constructors and destructors), further ProVerif make use of equations to represent algebraic relations like Diffie-Hellman key agreement. We modeled the proposed scheme as parallel execution of three distinct processes namely user U, Merchant M and the Bank B as defined below:

figure f

The attacker is modeled by the predicate attacker(X), where X is not known to attacker, if the predicate not attacker(X) results into false, then protocol secrecy and authentication is not maintained, otherwise protocol is secure. The attacker knows all public parameters like participants public keys and other related terms. The proposed protocol is modeled as set of steps mentioned in Sect. 5.2, and shown in Fig. 7, in beginning two public channels are defined: ch1 for communication between the user and bank, while ch2 for communication between user and merchant.

figure g

The constants and variables are defined as:

figure h

where Du, Db and Dm are private keys of respective participants, while IDu,IDb and IDm are public identities of user, bank and merchant respectively. P is the base point selected over elliptic curve \(E_p(a,b)\) and p is the price of goods while GI is the goods informations. The constructors, destructors and equations are defined as follows:

figure i

Events for user, bank and merchant are defined as follows:

figure j

There are three distinct processes in proposed protocol: user, bank and merchant. The user process computes RKpm and C1 and sends \(\{C1,R,T1\}\) to bank using channel ch1. After then user receives C2 and T2 from bank and verifies T2 and kx finally user computes RK1 and C3 and sends \(\{C3,R1,T3\}\) to merchant on channel ch2. The user process is modeled as follows:

figure k

The bank process after receiving \(\{C1,R,T1\}\), first computes K and decrypts C1 using x coordinates of K, then bank verifies validity of Kx and T1. Finally bank computes MEDS and C2 and sends \(\{C2,T2\}\) to user via channel ch1. The bank process is described as follows:

figure l

The merchant process receives \(\{C3,R1,T3\}\) from user. Merchant process further computes K1 and then perform symmetric decryption on C1 using K1x, which is x coordinate of K1. Further merchant verifies validity of T3 and K1x and computes p,m,M and checks the signatures DS with M. Finally merchant process sends encrypted good C4 to user. The merchant process is as follows:

figure m

The parallel execution of three processes are modeled as:

figure n

The attacker query is applied on two secret keys K and K1 as follows:

figure o

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Chaudhry, S.A., Farash, M.S., Naqvi, H. et al. A secure and efficient authenticated encryption for electronic payment systems using elliptic curve cryptography. Electron Commer Res 16, 113–139 (2016). https://doi.org/10.1007/s10660-015-9192-5

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10660-015-9192-5

Keywords

Search

Navigation