An Efficient Electronic Checkbook Scheme with Mutual Authentication

Yıl 2019, Cilt: 23 Sayı: 2, 590 - 596, 25.08.2019

İsa Sertkaya , Öznur Kalkar

https://doi.org/10.19113/sdufenbed.514167

Cited By: 1

Öz

In 1988, Chaum et al. introduced the idea of electronic check. Then, Pasupathinathan et al. tried to come up with an electronic checkbook scheme. However, their scheme requires signature for each e-check and is not considered as an e-checkbook. Later, three e-checkbook propositions are made by T.H Chen et al., Chang et al., and C.L. Chen et al. based on the scheme of W.K. Chen et al. Recently, Sertkaya and Kalkar showed that these three e-checkbook schemes are susceptible to e-check forgery and/or e-check manipulation attacks. They also proposed fixes for these schemes. Nonetheless, fixed versions also carry out drawbacks of the original schemes, like heavy hashing computations, time-synchronization issues, and multiple communication rounds. This study offers an efficient and secure e-checkbook scheme with mutual authentication.

Anahtar Kelimeler

cryptography, security, e-commerce, electronic checkbook, electronic check, mutual authentication

Karşılıklı Kimlik Doğrulaması Sağlayan Etkin Elektronik Çek Defteri Şeması

Öz

1988'de Chaum vd. elektronik çek fikrini ortaya attılar. Ardından, Pasupathinathan vd. elektronik çek defteri çözümü üretmeye çalıştılar. Fakat sistemlerinde her bir çek için bir imza bulunduğu için, tam bir elektronik çek defteri çözümü sayılmaz. Daha sonra T.H. Chen vd., Chang vd. ve C.L. Chen vd., W.K Chen vd.'nin çözümünü geliştiren çek defteri sistemleri önerdiler. Yakın zamanda Sertkaya ve Kalkar önerilen bu sistemlerin, çek sahteciliğine ve manipulasyonlarına karşı dayanıklı olmadıklarını gösterdiler. Ayrıca, bu sistemlerin nasıl düzeltileceğine dair çözümler önerdiler. Bu sistemlerin güvenli versiyonları hala daha eski hallerinin temel problemlerini taşımaktadırlar; örneğin, fazla sayıda özet hesaplama, zaman senkronizasyon problemleri ve çok sayıda iletişim turu. Bu çalışma, karşılıklı kimlik doğrulaması sağlayan verimli ve güvenli bir elektronik çek defteri şeması önermektedir.

Anahtar Kelimeler

Kriptografi, Güvenlik, E-ticaret, Elektronik Çek Defteri, Elektronik Çek, Karşılıklı Kimlik Doğrulama

Kaynakça

• [1] Jee Hea An, Yevgeniy Dodis, and Tal Rabin. On the security of joint signature and encryption. In Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology, EUROCRYPT ’02, pages 83–107, London, UK, UK, 2002. Springer-Verlag.
• [2] Milton M. Anderson. The Electronic Check Architecture. Technical report, Financial Services Technology Consortium, 1998.
• [3] Bank for International Settlements. Statistics on payment, clearing and settlement systems in the CPMI countries, 2017.
• [4] Stefan Brands. An Efficient Off-line Electronic Cash System Based On The Representation Problem. Technical report, Centrum Wiskunde & Informatica (CWI), 1993.
• [5] Chin-Chen Chang, Shih-Chang Chang, and Jung-San Lee. An on-line electronic check system with mutual authentication. Computers & Electrical Engineering, 35(5):757 – 763, 2009.
• [6] David Chaum, Bertden Boer, Eugènevan Heyst, Stig Mjølsnes, and Adri Steenbeek. Efficient offline electronic checks. In Jean-Jacques Quisquater and Joos Vandewalle, editors, Advances in Cryptology — EU- ROCRYPT ’89, pages 294–301, Berlin, Heidelberg, 1990. Springer Berlin Heidelberg.
• [7] David Chaum, Amos Fiat, and Moni Naor. Untraceable electronic cash. In Shafi Goldwasser, editor, Advances in Cryptology — CRYPTO’ 88, pages 319– 327, New York, NY, 1990. Springer New York.
• [8] Chin-Ling Chen, Cheng-Hsiung Wu, and Wei-Chech Lin. Improving an on-line electronic check system with mutual authentication. In Proceedings of Inter- national Conference on Advanced Information Tech- nologies (AIT 2010), 2010.
• [9] Tzung-Her Chen, Shu-Chen Yeh, Kuan-Chieh Liao, and Wei-Bin Lee. A practical and efficient electronic checkbook. Journal of Organizational Computing and Electronic Commerce, 19(4):285–293, 2009.
• [10] Wei-Kuei Chen. Efficient on-line electronic checks. Applied Mathematics and Computation, 162(3):1259 – 1263, 2005.
• [11] Shafi Goldwasser, Silvio Micali, and Ronald L. Rivest. A digital signature scheme secure against adaptive chosen-message attacks. SIAM J. Comput., 17(2):281–308, April 1988.
• [12] M. F. Hinarejos, J. Ferrer-Gomila, G. Draper-Gil, and L. Huguet-Rotger. Anonymity and transferability for an electronic bank check scheme. In 2012 IEEE11th International Conference on Trust, Security and Privacy in Computing and Communications, pages 427–435, June 2012.
• [13] Jonathan Katz and Yehuda Lindell. Introduction to Modern Cryptography. Chapman & Hall/CRC, 2nd edition, 2014.
• [14] Kim S. and Oh. H. A new electronic check system with reusable refunds. International Journal of Information Security, 1(3):175–188, Nov 2002.
• [15] Security Requirements For Cryptographic Modules. Federal Information Processing Standards Publication (FIPS) 140-2, National Institute for Standards and Technology, Gaithersburg, MD 20899-8900, USA, 2001.
• [16] Guideline for Using Cryptographic Standards in the Federal Government: Cryptographic Mechanisms. NIST Special Publication (SP) 800-175B, National Institute for Standards and Technology, Gaithersburg, MD 20899-8900, USA, 2016.
• [17] Vijayakrishnan Pasupathinathan, Josef Pieprzyk, and Huaxiong Wang. Privacy enhanced electronic cheque system. In Seventh IEEE International Conference on E-Commerce Technology (CEC’05), pages 431–434, July 2005.
• [18] Aude Plateaux, Patrick Lacharme, Vincent Coquet, Sylvain Vernois, Kumar Murty, and Christophe Rosenberger. An e-payment architecture ensuring a high level of privacy protection. In Tanveer Zia, Al- bert Zomaya, Vijay Varadharajan, and Morley Mao, editors, Security and Privacy in Communication Networks, pages 305–322, Cham, 2013. Springer International Publishing.
• [19] Phillip Rogaway and Thomas Shrimpton. Cryptographic hash-function basics: Definitions, implications and separations for preimage resistance, second- preimage resistance, and collision resistance. Cryptology ePrint Archive, Report 2004/035, 2004.
• [20] C. P. Schnorr. Efficient signature generation by smart cards. Journal of Cryptology, 4(3):161–174, Jan 1991.
• [21] Isa Sertkaya and Oznur Kalkar. Forgery Attacks on Some Electronic Checkbook Schemes. submitted 2018.
• [22] Visa and MasterCard. SET Secure Electronic Transaction Specification Book 1, 1997.
• [23] Wikipedia. International Bank Account Number — Wikipedia, the free encyclopedia, 2019. [Online; accessed 09-January-2019].
• [24] Hsiao-Cheng Yu, Kuo-Hua Hsi, and Pei-Jen Kuo. Electronic payment systems: an analysis and comparison of types. Technology in Society, 24(3):331 – 347, 2002.