Abstract
Metered mail provides substantial opportunities for fraud. (Indeed, losses due to meter fraud in the United States are said to exceed $100 million annually.) We apply cryptographic techniques to prevent several types of improper use of metering indicia.
This paper describes a mail system that combines off-the-shelf barcode technology, tamper-proof devices, and cryptography in a fully-integrated secure franking system. This system provides protection against:
-
1.
Tampering with postage meters to fraudulently obtain extra postage;
-
2.
Forging and copying of postal indicia;
-
3.
Unauthorized use of postage meters; and
-
4.
Stolen postage meters.
We provide detailed justification for our design, and discuss important tradeoffs involving scanning strategies, encryption technology and 2-D barcode technology.
The US Postal Service recently announced an Information Based Indicia Program (IBIP) [20, 21, 22, 23, 24] which adopts principal design features of our model.
Beyond the intrinsic utility of this system, it also presents what is likely to be the first large scale use of public key infrastructure and microtransaction technology.
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
This is a preview of subscription content, log in via an institution.
Preview
Unable to display preview. Download preview PDF.
References
Ross Anderson and Markus Kuhn. Tamper resistance — a cautionary note. In Proceedings of The Second USENIX Workshop on Electronic Commerce, Oakland, CA, November 1996.
Dan Boneh, Richard DeMillo, and Richard Lipton. Cryptanalysis in the presence of hardware faults. Personal communications.
Cylink Corp. CY512i press release, February 1995.
Louis Claude Guillou, Michel Ugon, and Jean-Jacques Quisquater. The smart card: A standardized security device dedicated to public cryptology. In Gustavus J. Simmons, editor, Contemporary cryptology: The science of information integrity. IEEE Press, Piscataway, NJ, 1992.
Stuart Itkin and Josephine Martell. A PDF417 primer: A guide to understanding second generation bar codes and portable data files. Technical Report Monograph 8, Symbol Technologies, April 1992.
P. Kocher. Timing attacks on implementations of difiie-hellman, rsa, dss, and other systems. In Advances in Cryptology: Crypto '96 Proceedings, Lecture Notes in Computer Science. Springer-Verlag, 1996.
Bill McAllister. Postage meter fraud estimated at $100 million this year. Washington Post, September 1993.
National Semiconductor, Inc. iPower chip technology press release, February 1994.
National Institute of Science and Technology. A proposed federal information processing standard for digital signature standard. Technical Report Docket No. 910907-1207, RIN 0693-AA86, National Institute of Science and Technology, 1991.
U. S. National Institute of Standards and Technology. Federal information processing standards publication 140-1: Security requirements for cryptographic modules, January 1994.
José Pastor. CRYPTOPOST: A cryptographic application to mail processing. Journal of Cryptology, 3(2), 1991.
Theo Pavlidis, Jerome Swartz, and Ynjiun P. Wang. Fundamentals of bar code information theory. Computer, 23(4):74–86, April 1990.
Theo Pavlidis, Jerome Swartz, and Ynjiun P. Wang. Information encoding with two-dimensional bar codes. Computer, 24(6):18–28, June 1992.
Judy Rakowsky. 4 men accused of pocketing $4 million in postage fraud scheme. Boston Globe, February 1995.
R. Rivest, A. Shamir, and L. Adleman. A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM, 21(2):120–126, February 1978.
Telequip, Inc. Crypta Plus press release, January 1995.
J. D. Tygar. Atomicity in electronic commerce. In Proceedings of the Fifteenth Annual ACM Symposium on Principles of Distributed Computing, pages 8–26, May 1996.
J. D. Tygar and Bennet S. Yee. Cryptography: It's not just for electronic mail anymore. Technical Report CMU-CS-93-107, Carnegie Mellon University, March 1993.
J. D. Tygar, Bennet S. Yee, and Nevin Heintze. Cryptographic postage indicia. Technical Report CMU-CS-96-113, Carnegie Mellon University, January 1996.
U. S. Postal Service. Information Based Indicia Program (IBIP) New Technology Metering Devices, May 1995.
U. S. Postal Service. Information Based Indidia Program (IBIP) Indicia Specification, July 1996.
U. S. Postal Service. Information Based Indidia Program (IBIP) Postal Secure Device (PSD) Specification, July 1996.
U. S. Postal Service. Specification for Postal Security Devices and Indicia (Postmarks). Federal Register, 61(128):34460–34461, July 1996.
U. S. Postal Service. Specification for Postal Security Devices and Indicia (Postmarks); Correction. Federal Register, 61(136):36940, July 1996.
U. S. Postal Service and U. K. Royal Mail. Personal communications.
Steve H. Weingart. Physical security for the μABYSS system. In Proceedings of the IEEE Computer Society Conference on Security and Privacy, pages 52–58, 1987.
Steve R. White, Steve H. Weingart, William C. Arnold, and Elaine R. Palmer. Introduction to the Citadel architecture: Security in physically exposed environments. Technical Report RC16672, Distributed security systems group, IBM Thomas J. Watson Research Center, March 1991. Version 1.3.
Bennet Yee and Doug Tygar. Secure coprocessors in electronic commerce applications. In Proceedings of The First USENIX Workshop on Electronic Commerce, New York, New York, July 1995.
Bennet S. Yee. Using Secure Coprocessors. PhD thesis, Carnegie Mellon University, 1994.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1996 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Tygar, J.D., Yee, B.S., Heintze, N. (1996). Cryptographic postage indicia. In: Jaffar, J., Yap, R.H.C. (eds) Concurrency and Parallelism, Programming, Networking, and Security. ASIAN 1996. Lecture Notes in Computer Science, vol 1179. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0027822
Download citation
DOI: https://doi.org/10.1007/BFb0027822
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-62031-0
Online ISBN: 978-3-540-49626-7
eBook Packages: Springer Book Archive