Authentication Protocols for E-Commerce Applications
| Autor: | Jen-Ho Yang, 楊仁和 |
|---|---|
| Rok vydání: | 2009 |
| Druh dokumentu: | 學位論文 ; thesis |
| Popis: | 97 With the development of electronic transactions on the Internet, mutual authentication schemes play an important role in electronic commerce (e-commerce), in which both the sender and the receiver in transactions can check the other party’s validity on the Internet. According to security levels, the mutual authentication schemes can be generally divided into three categories. The first is based upon public-key cryptosystems (PKC), which has a higher security for users but its computation overhead is heavier. Thus, it is suitable for the electronic transactions which include a server with high computation ability. The second is based upon elliptic curve cryptosystems (ECC). Compared with PKC, ECC offers a better performance because it can achieve the same security with a smaller key size. Thus, the ECC-based mutual authentication protocols are more suitable for mobile environments. The third is based upon one-way hash functions, which has lower security for users but it is more efficient than the above-mentioned kinds of mutual authentication mechanisms. Compared with the PKC-based and ECC-based ones, the hash-function-based mutual authentication mechanism is more suitable for the electronic transactions in wireless environments, such as sensor networks and mobile commerce. In this dissertation, we propose the three kinds of mutual authentication schemes for different e-commerce applications. Based upon the modular-exponentiation operation, we propose an efficient ID-based mutual authentication protocol for mobile devices. Compared with the related works, the proposed protocol has lower computation load for users so it is more practical and efficient for e-commerce on mobile devices. However, heavy computation overhead is still unavoidable for the proposed mutual authentication protocol because it needs to compute the modular exponentiations. To reduce the computation overhead, we also propose a fast division algorithm and an efficient iterative modular multiplication algorithm based on Residue Number System (RNS) in this dissertation. Using the proposed RNS computation algorithms, the computation costs of modular exponentiations can be greatly reduced. In addition, we also propose an ID-based remote mutual authentication with key agreement scheme on ECC for mobile environments in this dissertation. Based upon the ID-based concept, the proposed scheme does not need public keys of users so the additional computations for verifying the certificates can be reduced. Compared with the related works, the proposed ID-based authentication scheme is more efficient and practical for mobile devices. Based upon one-way hash functions, we also propose a mutual authentication with key agreement (AKE) scheme for sensor networks. In the proposed AKE scheme, the computations of all sensors are done by one-way hash functions and exclusive-or (XOR) operations. Therefore, the proposed AKE scheme is more efficient and practical than previously proposed works for sensor networks. According to the proposed mutual authentication schemes, we propose two electronic payment (e-payment) systems for e-commerce: One is the electronic bill of lading system, and the other is the e-payment system using non-signature authenticated encryption scheme for e-commerce in this dissertation. The proposed electronic bill of lading system can efficiently solve the deadlock problem between the payer and the merchant. Moreover, the electronic bill of lading is the evidence to prove that the payer has paid the money. Thus, the payer can use it to exchange goods in offline environments. Moreover, the proposed scheme is composed by one-way hash functions and exclusive-or operations so the computation overhead is very low. Therefore, the proposed electronic bill of lading scheme is more practical, reliable, and efficient than the previous e-payment schemes for e-commerce. In this dissertation, we finally propose a non-signature authenticated encryption scheme, which accomplishes the message authentication, confidentiality, and integrity for communications on an open channel. Compared with the previous authenticated encryption schemes, the proposed scheme does not need to construct any digital signature so the computation costs can be significantly reduced. Based upon the non-signature authenticated encryption scheme, we further propose a fair e-payment system so the payment information can be securely transmitted on the Internet. In this electronic payment system, the transaction fairness of the payer and the merchant can be efficiently accomplished in off-line environments on the Internet. Therefore, the proposed e-payment system based upon the non-signature authenticated encryption scheme provides an efficient and practical payment tool for e-commerce. |
| Databáze: | Networked Digital Library of Theses & Dissertations |
| Externí odkaz: |
|