Advertisement

Low Cost and Trusted Electronic Purse System Design

  • Mehmet Ercan Kuruoglu
  • Ibrahim Sogukpinar
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2869)

Abstract

Electronic purse systems are more trusted than magnetic credit card payment systems. However, electronic purse technology is difficult and expensive to realize. Security is a major problem in payment systems, but off-line electronic payments have security gaps. Public Key Infrastructure (PKI) solutions, which are applicable with third parties included to the system, have some risks. Smart cards are not fully trusted. In this study, a low cost and easily applicable electronic purse system is proposed. The proposed solution is as trusted as its global world samples. Applying a simple user authentication method, memory protected smart cards is used without requiring microprocessor smart card security.

Keywords

Smart Card Authentication Scheme Mutual Authentication Certification Authority Authentication Phase 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Truman, G.E., Sandoe, K., Rifkin, T.: An empirical study of smart card technology. In: Elsevier Science B.V. Information & Management 2004, pp. 1–15 (2002)Google Scholar
  2. 2.
    Hwang, M.-S., Lee, C.-C., Tang, Y.-L.: A Simple Remote User Authentication Scheme. Mathematical and Computer Modeling 36, 103–107 (2002)zbMATHCrossRefMathSciNetGoogle Scholar
  3. 3.
    Chien, H.-Y., Jan, J.-K., Tseng, Y.-M.: An Efficient and Practical Solution to Remote Authentication: Smart Card. Computers & Security 21(4), 372–375 (2002)CrossRefGoogle Scholar
  4. 4.
    Rankl, W., Effing, W.: Smart Card Handbook. John Wiley & Sons, Chichester (1997)Google Scholar
  5. 5.
    U.S. NIST, Computer Systems Lab, Secure Hash Standard, FIBS PUB 180 (May 1993)Google Scholar
  6. 6.
    Anderson, R.: Security Engineering. John Wiley, Chichester (2001)Google Scholar
  7. 7.
    Kocher, P.: Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)Google Scholar
  8. 8.
    Kocher, P., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)Google Scholar
  9. 9.
    Boneh, D., DeMillo, R., Lipton, R.: The Importance of Checking Cryptographic Protocols for Faults. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 37–51. Springer, Heidelberg (1997)Google Scholar
  10. 10.
    Corcoran, D., Sims, D., Hillhouse, B.: Smart Cards and Biometrics: Your Key to PKI. Issue 59: March 01 (1999), http://www.linuxjournal.com/article.php?sid=3013
  11. 11.
    Diffle, W., Hellman, M.E.: New Directions in Cryptography. IEEE Trans. Inform. Theory, IT 22(6), 644–654 (1976)CrossRefGoogle Scholar
  12. 12.
    Rivest, R.L., Shamir, A., Adleman, L.: A Method for Obtaining Digital Signatures and Public Key Cryptosystem. Communication of the ACM 21(2), 120–126 (1978)zbMATHCrossRefMathSciNetGoogle Scholar
  13. 13.
    Kiliçh, T.: Smarts Cards in PKI (2002), http://deepnight.org/publications/smartcard-howto/smartpki.html
  14. 14.
    Ellison, C., Schneier, B.: Ten Risks of PKI: What You’re not Being Told about Public Key Infrastructure. Computer Security Journal XVI(1) (2001)Google Scholar
  15. 15.
    Chien, H.-Y., Jan, J.-K., Tseng, Y.-M.: A modified remote login authentication scheme based on geometric approach. The Journal of Sys. and Software 55, 287–290 (2001)CrossRefGoogle Scholar
  16. 16.
    Fan, L., Li, J.-H., Zhu, H.-W.: An Enhancement of TimeStamp-based Authentication Scheme. Computers & Security 21(7), 665–667 (2002)CrossRefGoogle Scholar
  17. 17.
    Tan, K., Zhu, H.: Remote password authentication scheme based on cross-product. Computer Communications 22, 390–393 (1999)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2003

Authors and Affiliations

  • Mehmet Ercan Kuruoglu
    • 1
  • Ibrahim Sogukpinar
    • 2
  1. 1.National Research Institute of Electronic & CryptologyGebze, KocaeliTURKEY
  2. 2.Gebze Institute of TechnologyGebze KOCAELITURKEY

Personalised recommendations