7/27/2019 cryptographyande-commerceupdated-120215201600-phpapp01
1/40
University of Glamorgan 1
SLIDE
Cryptography & E-Commerce
Keeping your Secrets secret!Some simple yet secure cipher, easily acquired and easilyread, should be introduced by which messages might to
all intents and purposes be sealed to any person but therecipient
Quarterly Review1853,
[The Victorian Internet, Tom Standage]
7/27/2019 cryptographyande-commerceupdated-120215201600-phpapp01
2/40
University of Glamorgan 2
SLIDE WEB
Cryptography & E-Commerce
Keeping your secrets secret!
In this lecture we shall
Examine the history of encryption and the role that encryptionplays in a modern society.
Examine the following concepts relate to e-commerce.
Symmetric and asymmetric encryption
Public-Key and Private-Key encryption system
7/27/2019 cryptographyande-commerceupdated-120215201600-phpapp01
3/40
University of Glamorgan 3
Why use Cryptography?Three possible worries facing an e-commerce customer are;
If I transmit a credit card number over the internet can people other then the recipient read it?
If I agree to pay 400 for goods can this information be captured and changed?
I am buying something from company X is it really company X?
This raise three important Information Security issues :
Confidentiality: protecting information from unauthorised disclosure;
Integrity: protecting information from unauthorised modification, and ensuring that informationis accurate and complete;
Authentication Ensuring the person you are making the transaction with who they say they
are?
We need to look at these in more depth
SLIDE
[Chan et al]
7/27/2019 cryptographyande-commerceupdated-120215201600-phpapp01
4/40
University of Glamorgan 4
Cryptography in e-commerce Cryptography is used to fulfill the following functions.
Confidentiality (secrecy)
The information contained in a message is only accessible by thosepeople authorized to access it. Cryptography can be used to keep
messages secret. E.g. If fields are encrypted on your computer, andthe computer is stolen it would be very difficult to figure what's in thefile.
Authentication
It should be possible for the receiver of a message to ascertain itsorigins; a malicious user should not be able to masquerade as amerchant or customer. Cryptography can prove absolutely someonesidentity by sharing a secret piece of information. This can beaccomplished using Digital signatures which we look at later.
SLIDE WEB
7/27/2019 cryptographyande-commerceupdated-120215201600-phpapp01
5/40 University of Glamorgan 5
Cryptography in e-commerce Cryptography is used to fulfill the following functions.
Integrity
It should be possible for the receiver of a message to verify that it hasnot been modified in transit; a malicious user should not be able to
substitute a false message for a legitimate one. Cryptographic protocolscan support this by using algorithms which can detect the slightestchange.
Non-repudiation
A sender should not be able to falsely deny later that he/she sent amessage. Cryptographic systems can support this using Digitalsignatures.
SLIDE WEB
7/27/2019 cryptographyande-commerceupdated-120215201600-phpapp01
6/40 University of Glamorgan 6
History of CryptographyCryptography (from the GreekKryptoshidden, graphiawriting) has been around for a long
time and can be traced back to ancient Egypt, Babylon , Greece.
First documented case Julius Cesars military code
Mary Queen of Scots lost her life due to a coded message which was being smuggled
out of prison being intercepted and decoded. World War II stimulated development of the development of secure communication and
the task of breaking it (Station X, Bletchley Park)
After World War II Cryptography viewed a military issues relating to securecommunications. Until the last 15 years computing security was viewed as TrustedComputing Base and assurance levels* Cryptography is now thought as the key to anumber of activities on the internet.
Cryptography is a dual use technology civilian or military civilian use has probablyeclipsed military use smart cards are encrypted to protect the contents, cryptographyis used to scramble satellite signals etc.
An interesting point: Some of the best ciphers have been civilian efforts!
*US DOD orange book standard
SLIDE WEB
7/27/2019 cryptographyande-commerceupdated-120215201600-phpapp01
7/40 University of Glamorgan 7
Cryptography does for electronic information what locks and keysdo for printed information. The information is scrambled so it canonly be accessed using a key. A particular secret, a value orpiece of text which is used with the chosen algorithm.
Encryption (Encipherment) - scrambles the message.
Decryption (Decipherment) - restores the plaintext message.
SLIDE WEB
Cryptographic basics
7/27/2019 cryptographyande-commerceupdated-120215201600-phpapp01
8/40
University of Glamorgan 8
Basic Encryption Systems
Most simple encryption systems use one of two methods;
Transposition - this involves rearranging bits characters or blocks,the values are preserved, only the positions change.
Spartans in 5th century B.C.
Substitution This involves replacing a character with another andcan have different levels of complexity sometime an alphabet mayhave multiple substitutions for a single letter etc., Examples ofsubstitution systems are
Caesar Cipher Enigma Machine
SLIDE WEB
7/27/2019 cryptographyande-commerceupdated-120215201600-phpapp01
9/40
University of Glamorgan 9
The Caesar Substitution CipherThe Caesar cipher is named after Julius Caesar, said to be the first to use it. In the
Caesar cipher each character is substituted by another. This technique is called a
monoalphabetic cipher.
Plaintext: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
Ciphertext: O P Q R S T U V W X Y Z A B C D E F G H I J K L M N
Thus using a Caesar cipher, the message MissionImpossible would be encoded as
AWGGWNWADCGGWPZS
So what do the following ciphertexts mean ?1) sbwuao
2) gpkioc
3) kohqv cih tcf pfihig
SLIDE WEB
7/27/2019 cryptographyande-commerceupdated-120215201600-phpapp01
10/40
University of Glamorgan 10
A Simple Transposition Cipher
In this simple transpositioncipher the text is rearranged toencrypt the message.
The text encrypted by enteringit as two columns and thenreading the columnsdownwards
SLIDE WEB
you live you learn
youliveyoulear
n
EncryptionSystem
yuieolanolvyuer
7/27/2019 cryptographyande-commerceupdated-120215201600-phpapp01
11/40
University of Glamorgan 11
Types of Ciphers A Simple Substitution cipher, or Monoalphabetic cipher, is one in which each
character in the plain text is replaced with a corresponding character of cipher-text.
AHomophonicsubstitution cipher is like a simple substitution crypto-system, except
that a single character of plaintext can map to one of several characters of ciphertext. For
Example, A could correspond to 5, 14 and 147.
These types of ciphers where used as early as 1401 by the Duchy of Mantua.
A Polygram substitution cipher is one which blocks of characters are encrypted in
groups. For Example, THE could correspond to RTQ.
The Playfair cipher is an example of this type of cipher and was used by the British in
World War One.
APolyalphabetic substitution cipher is made up of multiple monoalphabetic ciphers.
The particular cipher used changes with the position of each character in the plain text.
These types of ciphers were used in the American Civil War by the Union.
SLIDE WEB
7/27/2019 cryptographyande-commerceupdated-120215201600-phpapp01
12/40
University of Glamorgan 12
Asymmetric and Symmetricencryption
There are two main types of cryptography symmetric and asymmetric algorithm
Symmetric - (also known as private key, secret key, single key encryption). Onekey encrypts an decrypts the message. This key must be guarded carefully
Main drawback of these algorithms is key exchange.
One form of symmetric algorithm which can bemathematically proved to be unbreakable is theone time pad this uses a secret key once,
which is then thrown away. This is expensiveand difficult to manage, due to the number ofkeys used.
SLIDE WEB
7/27/2019 cryptographyande-commerceupdated-120215201600-phpapp01
13/40
University of Glamorgan 13
Digital Cipher
The following example is of a one time pad cipher. The plain text message is inASCII , the key is a random sequence as long as the message. The cipher usesan XOR operation (or binary addition for each set of digits, 0+0 =1 0+1=1,1+1=0). Decryption uses the same system.
SLIDE WEB
A B C
Plaintext 01000011 01000001 01000010
key 11010001 01111001 00101011
ciphertext 10010010 00111000 01101001
One time pads are unbreakable However if we use a limited length keythe cipher could be broken by brute force.
33 bit key - 8 billion possibilities - 1 day on PC.
56 bit key - 3 thousand trillion possibilities - supercomputer is required.
One time Pad
Truly randomkey same lengthas message
7/27/2019 cryptographyande-commerceupdated-120215201600-phpapp01
14/40
University of Glamorgan 14
Symmetric Algorithms (1)
Encryption algorithm can be divided into two types block ciphers andstream ciphers. Two criteria to determine this;
Block size - Block cipher encrypts large blocks with complex
encryption functions stream ciphers encrypts smaller blocks with asimple encryption function
Key stream - a block cipher uses the same key in a singledocument a stream cipher encrypts under a constantly changingkey secure of stream cipher s relies on the key stream generator
design.
SLIDE WEB
7/27/2019 cryptographyande-commerceupdated-120215201600-phpapp01
15/40
University of Glamorgan 15
Symmetric Algorithms (2)
There are a number of symmetric algorithms in use;
Data Encryption Algorithm (Data Encryption Standard, DES) adoptedby the US Government in 1977 and ANSI standard 1981 blockalgorithm (in feedback mode can act as a stream cipher)it uses a 56 bit
key supposedly can be broken (US have just replaced the standardwith Rijndael equivalent to 128 bit key, virtually unbreakable (at themoment!)
Blowfish fast single block algorithm variable key length in publicdomain
IDEA patented algorithm (hampers widespread use 128 bit secure) RC5 block cipher developed by Ronald Rivest (R in RSA)
SLIDE WEB
SLIDE
7/27/2019 cryptographyande-commerceupdated-120215201600-phpapp01
16/40
University of Glamorgan 16
Asymmetric Encryption Systems (1) Asymmetric encryption systems consist oftwokeys. One key will encrypt/decrypt the
other using a one way function
Plaintext Ciphertext
If Key 1 was used last, then use Key2
If Key 2 was used last, then use Key1
Plaintext
A
Ciphertext
P
1. Convert tonumber(a=1,b=2)
2. Subtract 53. obtain square
A simple example of a one way function thiswill encrypt the message in a way whichcannot be reversed.
A pair of keys can generated using primenumbers and the modulus operator.
SLIDE WEB
If Key 1 was used last, then use Key2
If Key 2 was used last, then use Key1
SLIDE
7/27/2019 cryptographyande-commerceupdated-120215201600-phpapp01
17/40
University of Glamorgan 17
Public & Private Key SystemsAsymmetric encryption systems are also known as Public / Private keys systems. Each user has
two keys: a public key and a private key. The user publishes their public key freely as the
keys operate as inverses. So If Alice wishes to send Bob a message;
1. Wendy downloads Bobs public Key and uses this to encrypt the messages
2. Wendy then sends the message over the web, if intercepted. Can anyone read it ? No they cant!It can not be read be decrypted with Bobs Public key, only with Bobs Private key
3. Bob received the message and uses his carefully guarded private keydecrypts the message.
P = D(KPRIV, E(KPUB, P) )
That is a user can decode with a private key what someone else has encrypted withthe corresponding public key.
SLIDE WEB
7/27/2019 cryptographyande-commerceupdated-120215201600-phpapp01
18/40
University of Glamorgan 18
Encryption and E-commerceThere are an extensive number of applications relating to e-commerce which encryption makepossible;
Certification authorities
Cookies, SET, Shopping Carts, SSL Encryption, Hash algorithms e.g. MD5
Payment protocols iKP (IBM Zurich) (renamed to SEPP in conjunction with MasterCard). Millicent, SET (Secure Electronic Transaction; Visa and MasterCard) Digital Cash, Digital Certificates, Digital Wallets
Cryptography is rarely a total solution as it translates the communications problem into a keymanagement problem which then becomes a general computer security problem. Generally they
are used for Encryption Digital signatures Integrity check functions (hashes)
SLIDE
7/27/2019 cryptographyande-commerceupdated-120215201600-phpapp01
19/40
University of Glamorgan 19
Security Requirements and Key Length
Type of Traffic Lifetime Min key length
Product announcements, interest rates days/weeks 64 bits
Long-term business plans years 80 bits
Trade secrets decades 112 bits
Identification of spies > 50 years 128 bits
Security Requirements for Different Information
An example is the use of both symmetric and asymmetric keys in a businessenvironment
Symmetric keys are used for daily transactions
Asymmetric keys are used to exchange new symmetric keys
Trade off between security and ease of use
Encryption adds a processing overhead to any transaction it should be usedappropriately
SLIDE WEB
SLIDE
7/27/2019 cryptographyande-commerceupdated-120215201600-phpapp01
20/40
University of Glamorgan 20
Cryptography and e-commerce
Examples
WEB SLIDE
SLIDE
7/27/2019 cryptographyande-commerceupdated-120215201600-phpapp01
21/40
University of Glamorgan 21
Digital Signatures
A digital signature is a protocol that produces the same effect as a real signature: itis a mark that only the sender can make, but other people can easily recognize asbelonging to the sender. Just like read signatures, a digital signature is used to confirmagreement to a message.
Digital signatures must meet two primary conditions:
Unforgeable: If person P signs a message M with a signature S(P,M) it isimpossible for anyone else to produce the pair [M, S(P, M)].
Authentic: If a person Rreceives the pair [M, S(P, M)] purportedly from P, Rcancheck that the signature is really from P. Only Pcould have created this signature,and the signature is firmly attached to M.
Two additional requirements are also desirable:
Not alterable: After being transmitted, M cannot be changed by R or aninterceptor.
Not reusable: A previous message presented will be instantly detected by R.
WEB SLIDE
011110100101101
SLIDE
7/27/2019 cryptographyande-commerceupdated-120215201600-phpapp01
22/40
University of Glamorgan 22
Symmetric Key Digital Signatures With private key encryption, the secrecy of the key guarantees the authenticity of the
message as well as secrecy. If Sandy and the Bank have an encryption key in common,she can encrypt her request to transfer money. The bank can be sure of its authenticitybecause nobody else has Sandys key.
Conventional symmetric key encryption does not prevent forgery. Any one who knows the key can create a digital signature. Thus the bank has no protection against repudiation (denial of sending a message).
The repudiation problem can be solved if both the sender and the receiver use anarbitrator. Identity of sender isSand identity of recipient is R Sender and arbiter share a key Ks Recipient and arbiter share a key KR
Content of message between sender and recipient is M The arbitrator will use a sealing function. A sealing function is a mathematical
function affected by every bit of its input. For example, the bytes of the input can beused as numbers and the sum of all input computed.
WEBSLIDE
SLIDE
7/27/2019 cryptographyande-commerceupdated-120215201600-phpapp01
23/40
University of Glamorgan 23
Symmetric Key Digital Signatures
Ssends sealed
Mto Arbiter
SENDER
KS
M
1 ARBITER
Arbiter retrieves
plaintextMfrom S2
M
KS
M
KR
S
M
Arbiter seals [ Message received from
SenderE(M,KS), Identify of SenderS,
and copy of plaintextM] and sends all toR3RECIPIENT
WEB
SLIDE
7/27/2019 cryptographyande-commerceupdated-120215201600-phpapp01
24/40
University of Glamorgan 24
Asymmetric Key Digital Signatures The basic digital signature protocol using asymmetric encryption
protocol is as follows. Alice encrypts a document Mwith her private key APRI, thereby signing
the document, e.g. E(APRI, M).
Alice encrypts the message with Bobs public key BPUB, and then sends themessage Cto Bob, e.g. C= E(BPUB, E(APRI, M) )
Bob decrypts the message using his private key BPRIand then Alicespublic keyAPUB, thereby verifying the signature, e.g. M= D(BPRI, D(APUB,M) )
APRI
M
Encrypts message with
BPUB andAPRIand
then send the message
SENDER
1
M
Decrypts message withBPRI
andAPUB
in order to deriveM.
RECIPIENT
2
BPUB
WEB
SLIDE
7/27/2019 cryptographyande-commerceupdated-120215201600-phpapp01
25/40
University of Glamorgan 25
Digital Signatures and Timestamps In order to stop a message that has been signed using a digital
signature from being reused, we need to make use of timestamps.
The protocol is the same as the asymmetric protocol for signingdocuments except that the message contains a time stamp.
e.g. M= [ Message, Time-Stamp]
The timestamp will define when the message was sent. Two messages with the same contents and the same time-stamp will be
ignored, thus a message can not be re-used.
APRI
M
Encrypts message withBPUB
andAPRI
and
then send the message
SENDER
1
M
Decrypts message with
BPRI
andAPUB
in order to deriveM.
RECIPIENT
2
BPUB
WEB
WEB SLIDE
7/27/2019 cryptographyande-commerceupdated-120215201600-phpapp01
26/40
University of Glamorgan 26
Public Keys and Digital Signatures There are many Digital Signature Algorithm that have been developed,
and they all make use of large prime numbers and modular arithmetic
on the plain text to be signed.
The Digital Signature Algorithm (DSA)has been proposed by the U.S.
National Institute for Standards and Technology (NIST) for use in their
Digital Signature Standard (DSS). The standard was proposed in August
1991. Digital Signature Algorithm was developed by the U.S. National
Security Agency (NSA)
RSAis a general public-key/private-key encryption system
Schnorr and ElGamal Algorithmis a specific digital signature algorithm. GOST Digital Signature Algorithm(This is the Russian digital signature
standard and is officially called GOST R 43.10-94)
ENSIGNis a digital signature scheme from NTT Japan.
WEB
7/27/2019 cryptographyande-commerceupdated-120215201600-phpapp01
27/40
University of Glamorgan 27
The Electronic Communications Act 2000
The ECA (2000) is aimed at supporting electronic commerce byproviding a legal framework for cryptography and digital signaturesThe main purpose of the Act is to help build confidence in electroniccommerce and the technology underlying it by providing for:
An approvals scheme for businesses and other organisations providing
cryptography services, such as electronic signature services andconfidentiality services;
The legal recognition of electronic signatures and the process underwhich they are verified, generated or communicated;
The removal of obstacles in other legislation to the use of electronic
communication and storage in place of paper.
7/27/2019 cryptographyande-commerceupdated-120215201600-phpapp01
28/40
University of Glamorgan 28
The International ContextThe ECA (2000) in the UK relates to some recent European Directives;
The Act aims to implement some aspects of the EU Electronic Signatures Directive(1999/93/EC), which was adopted on 13 December 1999. This was aimed at thelegal recognition of electronic signatures in the E.U.
The Act also supports the EU E-Commerce Directive, which seeks to removebarriers to the development of electronic commerce in the internal market.
The Act also meets the Cryptography Guidelines, published by the Organisation forEconomic Co-operation and Development (OECD) (1997)
The Act is also compatible with the United Nations Commission on InternationalTrade Law (UNCITRAL) Model Law on Electronic Commerce
The UK differs from the global trend of defining as legal, any signature which has a
certificate attached as legal binding. Instead it gives electronic signatures the samestatus as handwritten in English law evidential method of authenticating adocument
[Computer Law, Reed and Angel]
WEB SLIDE
7/27/2019 cryptographyande-commerceupdated-120215201600-phpapp01
29/40
University of Glamorgan 29
Contract Signing Suppose that Bill and Ben agree to something and wish to sign a contract to show their agreement. Both
of them are committed to performing some act by the contract but each wants to commit only if theother does.
A Contracting protocol requires two things Commitment.
After a certain point both parties are bound by the contract; until then neither is. Unforgeability,
The signatures of the contract must be demonstrably authentic; that is, it must be possible foreither party to prove that the signature of the other is authentic.
One solution is to use a Trusted Third Party (TTP) as an Arbitrator1. Bill signs a copy of the contract and sends it to the TTP.2. Ben signs a copy of the contract and sends it to the TTP.3. The TTP announces when both signed contracts have arrived.4. Ben signs two copies of the contract and sends them to Bill.5. Bill signs both copies of the contract and, keeps one for himself, and sends the other to Ben.
6. Ben and Bill both inform the TTP that each have a copy of the contract signed by both of them.7. The TTP destroys his two copies of the contract with only one signature each.
WEB
WEB SLIDE
7/27/2019 cryptographyande-commerceupdated-120215201600-phpapp01
30/40
University of Glamorgan 30
Blind Signatures
The process of blinding a message can be thought of as putting a message in anenvelope along with a piece of carbon paper. Nobody can read the message throughthe envelope. A blind signature is made on the envelope and this goes through theenvelope and the carbon paper onto the original message.
When the message is removed from the envelope it will be signed and the signer willnot have known what was signed.
In the steps below, a user Aliceuses the blind signature protocol to get another userBob, to sign a message without knowing its contents.
Alice takes the message and multiplies it by a random value, called a blindingfactor. This blinds the message so its contents can not be read.
Alicesends the blinded message to Bob.
Bobdigitally signs the blinded message and returns it toAlice.
Alicedivides out the blinding factor, leaving the original message now signed by
Bob.
Original MessageEnvelope containing
Message and Carbon paper
Envelope containing
Message and Carbon paperOriginal Message
Blinding Process Sent to Signer Remove Envelope
SignatureSignature
WEB
WEB SLIDE
7/27/2019 cryptographyande-commerceupdated-120215201600-phpapp01
31/40
University of Glamorgan 31
Blind Signatures & Ecash Coins
The electronic coins used within the Ecash system are unique in that they are partly minted
by the client before being signed by the bank. Each coin has a 100 digit serial number that
is generated by the clients cyberwallet software.
The bank uses different signature keys for different coin denominations. The client informs
the bank of the value of the coin and the bank signs the coins with the correct signature.
For Example, Serial# is the serial number of the coin, and SK$1 is the secret key one
dollar key for the bank. Thus a one dollar coin could look like:
E( KeyPRI-SK$1 , Serial# )
To allow the signature to be quickly verified (decrypted) an indication of which public key
to use (Key_Version) is usually included with a coin. For convenience, the plaintext serial
number is also included:
Coin = Serial#, Key_Version, E( KeyPRI-$1 , Serial# )
The Key_Version can also be used to obtain other information about the coin, including its
value, currency, and expiry date.
WEB
WEB SLIDE
7/27/2019 cryptographyande-commerceupdated-120215201600-phpapp01
32/40
University of Glamorgan 32
Some Legal Stuff.. RIPA (2000)Although section 49(9) states that a notice under this section shall not require thedisclosure of any key which is intended to be used for the purpose only of generatingelectronic signatures, this intention of protecting the integrity of signature keys, will veryoften fail since RIPA also allows access to encryption keys. In many cryptographicproducts the same passphrase (or key) is used for both signature and confidentialitypurposes, and this means that access to keys for protected information will also giveaccess to signature keys. This duality is confirmed in the draft Code of Practice whichstates where there are reasonable grounds to believe that a key has been used forelectronic signature and, additionally, confidentiality purposes, that key may be requiredto be disclosed under the terms of the 2000 Act.In practice, this failure to distinguishwill undermine the use of digital signatures and hinder the development of e-commerce, conflicting with the intentions of the Electronic Communications Act 2000.
From : Akdeniz, Y.; Taylor, N.; Walker, C., Regulation of Investigatory Powers Act 2000 (1): Bigbrother.gov.uk: Statesurveillance in the age of information and rights, (2001) Criminal Law Review, (February), pp. 73-90 at
http://www.cyber-rights.org/documents/crimlr.pdfCopyright 2001 Akdeniz, Taylor, Walker
This implies that if you have a public/private key pair for confidentiality of incoming material, use adifferentpublic/private pair for outgoing electronic signatures.
SLIDE WEB
7/27/2019 cryptographyande-commerceupdated-120215201600-phpapp01
33/40
University of Glamorgan 33
Summary of termsSome definitions;
Cryptography science of secret writing
Cryptanalysis science of breaking of breaking ciphers
Cipher method used to convert plaintext to cipher text
Plaintextan encrypted message I am coming to tea tonight
Cipher text - the encrypted message L dp frplqj wr whd wrqjkw
Encryption (Encipherment) -process of converting plaintext to cipher text(scrambles the message).
Decryption (Decipherment) - process of converting cipher text to plain text (restoresthe plaintext message)
Key code used in conjunction with an algorithm to encrypt /decrypt data
WEB SLIDE
7/27/2019 cryptographyande-commerceupdated-120215201600-phpapp01
34/40
University of Glamorgan 34
Certificates (1) As humans we establish and use trust all the time. However trust is based
upon the ability of people to identify and certify who and what they are. We use certificates and trust all the time to do business.
Within modern encryption systems a public key and a users identity arebound into a certificate which is then signed by someone to certify theaccuracy of that binding.
Certificates can be awarded by certification authorities (CA), and certificateauthorities can themselves have certificates
Certificates are used to create and manage encryption keys, as keys mayhave a limited life to them.
Name: Iain Sutherland
Position: LecturerPublic Key: 71F1890ACDE45..
Name: University of Glam
Position: Employer
Public Key: 7897636361FA..
Chain of Certificates
Encrypted under University o
Glamorgans Private Key
Certificate for Iain Sutherland
Encrypted under HEFCs
Private Key
Islands of Trust
7/27/2019 cryptographyande-commerceupdated-120215201600-phpapp01
35/40
Certificates (2)
University of Glamorgan 35
7/27/2019 cryptographyande-commerceupdated-120215201600-phpapp01
36/40
Certificates (3)
University of Glamorgan 36
7/27/2019 cryptographyande-commerceupdated-120215201600-phpapp01
37/40
Certificates (4)
University of Glamorgan 37
SLIDE WEB
7/27/2019 cryptographyande-commerceupdated-120215201600-phpapp01
38/40
University of Glamorgan 38
An example of Cryptography: SET Secure Electronic Transaction (SET) is a protocol for credit card holders to
order good in a secure manner over the internet.
This makes use of public and private keys amongst other things:
to provide for confidential transmission;
to ensure the integrity of payment instructions for goods and servicesorder data;
Rather than look at the protocol in detail we look at one message. The order
message sent by the customer, to the seller and the sellers bank.
This type of message in known as a dual signature
7/27/2019 cryptographyande-commerceupdated-120215201600-phpapp01
39/40
University of Glamorgan 39
SET Transaction
Consumer
BankVendor
1. Request Transaction
2. Acknowledgement request
3. Purchase order
4. Purchase order verification
5. Customer Payment data
6. Verify customer data
7. Status Query
8. Purchase Status information
9. Request payment
10. Verify payment
[Redrawn from Ghosh p132]
SET currently only supports credit cardpayments online not debit cards, or stored valuepayments other protocols are likely to arise to address these issues.
Open standard so a number of implementations have arisen.;
Cyber cash supports SET standard
RSA Data Security - set compliant software S/PAY
Ultimately not technology or standard itself that will make this a successful protocol butthe fact that it is backed by the two largest credit card associations (MasterCard & Visa)
An overview of the purchase /payment process used by SET(Secure Electronic Transactions)
OHP Handout
7/27/2019 cryptographyande-commerceupdated-120215201600-phpapp01
40/40
University of Glamorgan 40
B2C: SET protocol Authentication uses symmetric key distribution w/o server Digests of the order information - OI- and payment information - PI- are calculated - H[OI]
and H[PI] These two are concatenated and signed DS
Merchant gets OI, H[PI] & DS - hence can find H[PI] Issuer gets PI, H[OI] & DS - hence can find H[OI]
Merchant and issuer can see only info. they should see, but can verify details of the order and payment
Suppose some of the information is tampered with. When the DS is decrypted merchant finds a different H[PI] issuer finds a different H[OI]
Customer
message to
Merchant
Customer
message to
Bank
M2 Message DigestM1 Message Digest
M3 Message Digest
Encrypted
with Bank Key
Only the bank c an read it
Encrypted with
Merchant Key
Only the merch ant can read it
M3=Digest(M1+M2)
Dual Customer Signature
Encrypted with
Private Key