what is i i kp kp i kp i kp i i key key protocol protocol
play

What is i i KP KP? ? i KP i KP: : i i - -Key Key- -Protocol - PDF document

Feb 11, 2023 •360 likes •407 views

What is i i KP KP? ? i KP i KP: : i i - -Key Key- -Protocol Protocol What is i -Key-Protocol, i = 1, 2, 3, Family of protocols Secure electronic payment Based on credit card payments Christopher Hsu Can be extended

  1. What is i i KP KP? ? i KP i KP: : i i - -Key Key- -Protocol Protocol What is � i -Key-Protocol, i = 1, 2, 3, … � Family of protocols � Secure electronic payment � Based on credit card payments Christopher Hsu � Can be extended to debit card and check payments 3/12/2004 1 3/12/2004 2 History of i i KP KP Initial Assumptions History of Initial Assumptions � 1995, IBM Research Labs Zurich and � Only partial privacy is emphasized Watson Research Centre � Encryption not used in protocol � Open industry standard � Can be implemented by other means � Incorporated into SEPP, SET � Or protocol can be extended � Z i P: fully operational prototype � i KP emphasizes the payment � Did not become commercial product � Assumes purchase order is already � But has been deployed in some known businesses 3/12/2004 3 3/12/2004 4 Parties and Attackers Acquirer Requirements Parties and Attackers Acquirer Requirements � Three parties: Acquirer (A), Merchant � A1. Proof of transaction (M), Customer (C) authorization of customer � Three attackers: eavesdropper, � A2. Proof of transaction active attacker, insider authorization by merchant 3/12/2004 5 3/12/2004 6 iKP 1

  2. Merchant Requirements Customer Requirements Merchant Requirements Customer Requirements � M1. Proof of transaction � C1. Unauthorized payment is authorization by acquirer impossible � M2. Proof of transaction � C2. Proof of transaction authorization by customer authorization by acquirer � C3. Certification and authentication of merchant � C4. Receipt from merchant 3/12/2004 7 3/12/2004 8 Extra Customer Requirements Components of the Protocol Extra Customer Requirements Components of the Protocol � C5. Privacy � Keys: PK X , SK X , CERT X � C6. Anonymity � Cryptography: H(.), E X (.), S X (.) � Quantities: SALT C , PRICE, DATE, NONCE M , ID M , TID M , DESC, CAN, R C , CID, Y/N, PIN, V � Discuss 1KP in detail, comparison with 2KP and 3KP 3/12/2004 9 3/12/2004 10 1KP Protocol Flow Removing Nonce and Date 1KP Protocol Flow Removing Nonce and Date Initiate: C � M SALT C , CID Initiate: C � M SALT C , CID Invoice: C � M Clear Invoice: C � M Clear Payment: C � M EncSlip Payment: C � M EncSlip* Auth-Request: M � A Clear, H(DESC,SALT C ), EncSlip Auth-Request: M � A Clear, H(DESC,SALT C ), EncSlip* Auth-Response: M � A Y/N, Sig A Auth-Response: M � A Y/N, Sig A Confirm: C � M Y/N, Sig A Confirm: C � M Y/N, Sig A Common: PRICE, ID M , TID M , DATE, NONCE M , CID, H(DESC,SALT C ) Common: PRICE, ID M , TID M , DATE, NONCE M , CID, H(DESC,SALT C ) Clear: ID M , TID M , DATE, NONCE M , H(Common) Clear: ID M , TID M , DATE, NONCE M , H(Common) SLIP: PRICE, H(Common), CAN, R C , [PIN] SLIP: PRICE, H(Common), CAN, R C , [PIN] EncSlip: E A (SLIP) EncSlip: E A (SLIP) Sig A : S A (Y/N, H(Common)) Sig A : S A (Y/N, H(Common)) 3/12/2004 11 3/12/2004 12 iKP 2

  3. Removing SALT C Removing SALT C : Invariant Removing SALT Removing SALT C : Invariant C Initiate: C � M SALT C , CID -- Intruder never knows desc and salt Invoice: C � M Clear from same customer Payment: C � M EncSlip invariant "Intruder does not know DESC" Auth-Request: M � A Clear, H(DESC,SALT C ), EncSlip forall i: IntruderId do Auth-Response: M � A Y/N, Sig A forall j: CustomerId do Confirm: C � M Y/N, Sig A !int[i].descs[j] | !int[i].salts[j] Common: PRICE, ID M , TID M , DATE, NONCE M , CID, H(DESC,SALT C ) Clear: ID M , TID M , DATE, NONCE M , H(Common) end SLIP: PRICE, H(Common), CAN, R C , [PIN] end; EncSlip: E A (SLIP) Sig A : S A (Y/N, H(Common)) 3/12/2004 13 3/12/2004 14 What is not fulfilled? 2KP and 3KP What is not fulfilled? 2KP and 3KP � Acquirer’s proof of transaction � Satisfies deficiencies of 1KP authorization by merchant � Differs in the number of public keys � Merchant’s proof of transaction available authorization by customer � Guarantees more undeniable � Customer’s certification and receipts for the transaction authentication of merchant � Customer’s receipt from merchant 3/12/2004 15 3/12/2004 16 2KP Protocol Flow 2KP Additions 2KP Protocol Flow 2KP Additions Initiate: C � M SALT C , CID � Merchant has public/private key and Invoice: C � M Clear, Sig M , CERT M certificate Payment: C � M EncSlip � Acquirer has certification and Auth-Request: M � A Clear, H(DESC,SALT C ), EncSlip, Sig M , CERT M Auth-Response: M � A Y/N, Sig A authentication of merchant Confirm: C � M Y/N, V, Sig A � Customer has certification and Common: PRICE, ID M , TID M , DATE, NONCE M , CID, H(DESC,SALT C ), H(V) Clear: ID M , TID M , DATE, NONCE M , H(V), H(Common) authentication of merchant SLIP: PRICE, H(Common), CAN, R C � Customer has receipt from merchant EncSlip: E A (SLIP) Sig A : S A (Y/N, H(Common)) Sig M : S M (H(Common), H(V)) 3/12/2004 17 3/12/2004 18 iKP 3

  4. 3KP Protocol Flow 3KP Additions 3KP Protocol Flow 3KP Additions Initiate: C � M SALT C , CID, CERT C � Customer has public/private key and Invoice: C � M Clear, Sig M certificate Payment: C � M EncSlip, Sig C Auth-Request: M � A Clear, H(DESC,SALT C ), EncSlip, Sig M , Sig C � Merchant has proof of transaction Auth-Response: M � A Y/N, Sig A authorization by customer Confirm: C � M Y/N, V, Sig A Common: PRICE, ID M , TID M , DATE, NONCE M , CID, H(DESC,SALT C ), H(V) Clear: ID M , TID M , DATE, NONCE M , H(V), H(Common) SLIP: PRICE, H(Common), CAN, R C EncSlip: E A (SLIP) Sig A : S A (Y/N, H(Common)) Sig M : S M (H(Common), H(V)) Sig C : S C (EncSlip, H(Common)) 3/12/2004 19 3/12/2004 20 i KP KP Comparison Overview Comparison Overview i KP KP Summary Summary i i Requirements / Protocols 1KP 2KP 3KP � 1KP: simple, merchant is not A1. Proof of Transaction Authorization by Customer * * ** authenticated, order and receipt are A2. Proof of Transaction Authorization by Merchant ** ** deniable M1. Proof of Transaction Authorization by Acquirer ** ** ** � 2KP: merchant is authenticated M2. Proof of Transaction Authorization by Customer ** � 3KP: non-repudiation for all C1. Unauthorized Payment is Impossible * * ** messages C2. Proof of transaction Authorization by Acquirer * * ** C3. Certification and Authentication of Merchant ** ** � Intended for gradual deployment C4. Receipt from Merchant ** ** 3/12/2004 21 3/12/2004 22 Bibliography Bibliography Bellare, Mihir et al . Design, Implementation and Deployment 1. of the i KP Secure Electronic Payment System. IEEE Journal of Selected Areas in Communications, VOL 18, NO. 4, April 2000. Bellare, Mihir et al . i KP – A Family of Secure Electronic 2. Payment Protocols. 1995. 3/12/2004 23 iKP 4

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Attacks on TCP 1 Outline What is TCP protocol? How the TCP Protocol Works SYN

Attacks on TCP 1 Outline What is TCP protocol? How the TCP Protocol Works SYN

Attacks on TCP 1 Outline What is TCP protocol? How the TCP Protocol Works SYN Flooding Attack TCP Reset Attack TCP Session Hijacking Attack 2 TCP Protocol Transmission Control Protocol (TCP) is a core protocol

598 views • 47 slides
Forest Protocol Forest Protocol Protocol Update Effort Protocol Update Effort Goals and

Forest Protocol Forest Protocol Protocol Update Effort Protocol Update Effort Goals and

Forest Protocol Forest Protocol Protocol Update Effort Protocol Update Effort Goals and Objectives Goals and Objectives CAR adopted the Forest Protocols in 2005 CAR Board directed staff in 2007 to: Initiate a stakeholder process

532 views • 25 slides
TCP/IP CIS 218/238 Internet Protocol (IP) The Internet Protocol (IP) is responsible for

TCP/IP CIS 218/238 Internet Protocol (IP) The Internet Protocol (IP) is responsible for

TCP/IP CIS 218/238 Internet Protocol (IP) The Internet Protocol (IP) is responsible for ensuring that data is transferred between two Intenret hosts based on a 32 bit address. To be ROUTABLE, a protocol must specify a NETWORK ADDRESS

899 views • 22 slides
The HTTP Protocol The HTTP Protocol How to write servers and clients in Java Anders Mller

The HTTP Protocol The HTTP Protocol How to write servers and clients in Java Anders Mller

Objectives Objectives How the HTTP protocol works An Introduction An Introduction to XML and Web Technologies to XML and Web Technologies The SSL security extension from a programmer's point of view The HTTP Protocol The HTTP Protocol

433 views • 10 slides
Internetworking Internetworking Address Resolution Protocol Address Resolution Protocol z

Internetworking Internetworking Address Resolution Protocol Address Resolution Protocol z

Internet Protocol Suite: Transport Internet Protocol Suite: Transport TCP: Transmission Control Protocol Byte stream transfer Internet Protocol Suite Internet Protocol Suite Reliable, connection-oriented service Point-to-point

374 views • 3 slides
FIX Protocol 101 An Introduction To the FIX Protocol Martin Koopman, Former Chair FIX Protocol

FIX Protocol 101 An Introduction To the FIX Protocol Martin Koopman, Former Chair FIX Protocol

FIX Protocol 101 An Introduction To the FIX Protocol Martin Koopman, Former Chair FIX Protocol Ltd Americas Committee martinkoopman@gmail.com Australia Was Early to Electronic Trading But Late to FIX Very early use of electronic trading

809 views • 12 slides
EFFICIENCY OF THE BASIC EMDR PROTOCOL COMPARED TO A RESOURCE PROTOCOL ROLE OF EYE MOVEMENTS IN A

EFFICIENCY OF THE BASIC EMDR PROTOCOL COMPARED TO A RESOURCE PROTOCOL ROLE OF EYE MOVEMENTS IN A

EFFICIENCY OF THE BASIC EMDR PROTOCOL COMPARED TO A RESOURCE PROTOCOL ROLE OF EYE MOVEMENTS IN A RESOURCE PROTOCOL A comparison between one session of the standard protocol versus the reinforced resource protocol The basic EMDR protocol

368 views • 15 slides
The Luxembourg Protocol in the UK Moving Britain Ahead March 16 Luxembourg Protocol 1 As of 26

The Luxembourg Protocol in the UK Moving Britain Ahead March 16 Luxembourg Protocol 1 As of 26

The Luxembourg Protocol in the UK Moving Britain Ahead March 16 Luxembourg Protocol 1 As of 26 th February 2016 the UK is now a Signatory to the Luxembourg Protocol to the Convention on International Interests in Mobile Equipment on Matters

358 views • 6 slides
Dont Hold My Data Hostage A Case For Client Protocol Redesign What is a Client Protocol

Dont Hold My Data Hostage A Case For Client Protocol Redesign What is a Client Protocol

Mark Raasveldt, Hannes Mhleisen Dont Hold My Data Hostage A Case For Client Protocol Redesign What is a Client Protocol anyway? Every database that supports remote clients has a client protocol Using this protocol, clients can query

152 views • 14 slides
Protocol Attacks What is a protocol attack? How does it work? Different types of

Protocol Attacks What is a protocol attack? How does it work? Different types of

Outline : Part 1 Introduction Protocol Attacks What is a protocol attack? How does it work? Different types of protocol attack By Sushant Rewaskar Introduction: Types of attacks What is a protocol attack? Buffer overflow

518 views • 13 slides
1 The http protocol: more WWW: the http protocol http is stateless http: hypertext

1 The http protocol: more WWW: the http protocol http is stateless http: hypertext

Internet apps: their protocols and transport protocols Application Underlying layer protocol Application transport protocol e-mail smtp [RFC 821] World Wide Web TCP remote terminal access telnet [RFC 854] TCP Web http [RFC 2068] TCP

438 views • 5 slides
Protocol on SEA Chapter B2: Example structure of practical exercises for use in training course

Protocol on SEA Chapter B2: Example structure of practical exercises for use in training course

Protocol on SEA Chapter B2: Example structure of practical exercises for use in training course on the Protocol Resource Manual to Support Application of the UNECE Protocol on Strategic Environmental Assessment draft 17-Apr-07 B2.1 Contents

894 views • 17 slides
Protocol on SEA Chapter A3: Determining whether plans & programmes require SEA under the

Protocol on SEA Chapter A3: Determining whether plans & programmes require SEA under the

Protocol on SEA Chapter A3: Determining whether plans & programmes require SEA under the Protocol Resource Manual to Support Application of the UNECE Protocol on Strategic Environmental Assessment draft 26-Apr-07 A3.1 Contents of the

563 views • 28 slides
PPSP Peer Protocol draft-gu-ppsp-peer-protocol PPSP WG IETF 82 Taipei Rui Cruz (presenter)

PPSP Peer Protocol draft-gu-ppsp-peer-protocol PPSP WG IETF 82 Taipei Rui Cruz (presenter)

PPSP Peer Protocol draft-gu-ppsp-peer-protocol PPSP WG IETF 82 Taipei Rui Cruz (presenter) Yingjie Gu, Jinwei Xia, Mrio Nunes, David Bryan, Joo Taveira Background The PPSP Peer Protocol (as well as the PPSP Tracker protocol) are bound

199 views • 16 slides
User Datagram Protocol (UDP) Standard connectionless protocol for the transport layer of the

User Datagram Protocol (UDP) Standard connectionless protocol for the transport layer of the

User Datagram Protocol (UDP) Standard connectionless protocol for the transport layer of the Internet architecture Only adds demultiplexing capability to basic best-effort delivery provided by IP Needs to identify target process

834 views • 36 slides
Multicast Protocols IGMP IP Group Membership Protocol DVMRP DV Multicast Routing Protocol

Multicast Protocols IGMP IP Group Membership Protocol DVMRP DV Multicast Routing Protocol

Multicast Protocols IGMP IP Group Membership Protocol DVMRP DV Multicast Routing Protocol MOSPF Multicast OSPF PIM Protocol Independent Multicast S-38.2121 / Fall-2007 / RKa, NB Multicast2-1 Multicast in local area networks

489 views • 25 slides
Small time global exact null controllability of the incompressible Navier-Stokes equation with

Small time global exact null controllability of the incompressible Navier-Stokes equation with

Small time global exact null controllability of the incompressible Navier-Stokes equation with Navier slip-with-friction boundary condition Joint work with Jean-Michel Coron and Franck Sueur Fr ed eric Marbach Laboratoire Jacques-Louis

257 views • 25 slides
Routing on rails with OpenStreetMap Michael Reichert (Nakaner) photo: Andre de, Wikimedia

Routing on rails with OpenStreetMap Michael Reichert (Nakaner) photo: Andre de, Wikimedia

Routing on rails with OpenStreetMap Michael Reichert (Nakaner) photo: Andre de, Wikimedia Commons, CC-BY-SA 4.0 Michael Reichert (Nakaner) Current solutions OSM data Features Demo Performance Implemen- tation Future Current solutions

741 views • 33 slides
GeoClaw dtopo file In GeoClaw, the tsunami source is typically given as a seafloor displacement

GeoClaw dtopo file In GeoClaw, the tsunami source is typically given as a seafloor displacement

GeoClaw dtopo file In GeoClaw, the tsunami source is typically given as a seafloor displacement in a dtopo file. This file has columns t, x, y, dz giving the vertical displacement dz at time t at point ( x, y ) . For each t , sweeping from NW

664 views • 34 slides
12. ARROW-DEBREU MODEL OF GENERAL EQUILIBRIUM UNDER UNCERTAINTY Usual insurance contract: Insured

12. ARROW-DEBREU MODEL OF GENERAL EQUILIBRIUM UNDER UNCERTAINTY Usual insurance contract: Insured

ECO 317 Economics of Uncertainty - Fall Term 200 9 Slides for lecture s 12. ARROW-DEBREU MODEL OF GENERAL EQUILIBRIUM UNDER UNCERTAINTY Usual insurance contract: Insured person pays premium p X in advance; company pays indemnity X if loss

790 views • 9 slides
robot 1 Constructing a decision network for the mail delivery 2 What should the robot do? mail

robot 1 Constructing a decision network for the mail delivery 2 What should the robot do? mail

CS 486/686 Lecture 13 Evaluating a Decision Network What are the random variables? If the robot goes on the long route, no accident occurs. Based on the problem description, lets assume that A is only afgected by S and not afgected by

179 views • 7 slides
Column-Stores vs. Row-Stores: How Different Are They Really? Daniel Abadi (Yale), Samuel Madden

Column-Stores vs. Row-Stores: How Different Are They Really? Daniel Abadi (Yale), Samuel Madden

Column-Stores vs. Row-Stores: How Different Are They Really? Daniel Abadi (Yale), Samuel Madden (MIT), Nabil Hachem (AvantGarde Consulting) June 12 th , 2008 Daniel Abadi -- Yale University Row vs. Column-Stores Row-Store Column-Store Last

495 views • 26 slides
Spam Is Bad John R. Levine Chair, IRTF ASRG Chair@asrg.sp.am http://asrg.sp.am Why is spam

Spam Is Bad John R. Levine Chair, IRTF ASRG Chair@asrg.sp.am http://asrg.sp.am Why is spam

Spam Is Bad John R. Levine Chair, IRTF ASRG Chair@asrg.sp.am http://asrg.sp.am Why is spam bad? Theres too much of it Its offensive Its fraudulent 2 Why is spam bad? Theres too much of it 98% More spam

655 views • 31 slides
Getting AAI WPs funded Who, how, why? Ann Harding, Jens

Getting AAI WPs funded Who, how, why? Ann Harding, Jens

Getting AAI WPs funded Who, how, why? Ann Harding, Jens Jensen Why is it a problem? Lots of par3es involved in end to end service delivery

292 views • 8 slides

More recommend