網(wǎng)絡(luò)銀行支付的加密技術(shù)[外文翻譯]

1、<p><b>　　畢業(yè)論文外文翻譯</b></p><p><b>　　譯文</b></p><p>　　標(biāo)題：網(wǎng)絡(luò)銀行支付的加密技術(shù)</p><p>　　資料來源：安全協(xié)議研討會(huì) 作者：Wenbo Mao</p><p>　　現(xiàn)在許多網(wǎng)上支付都使用

2、專用的通信網(wǎng)絡(luò)，來連接商家和銀行進(jìn)行交易。這些交易中，一部分是由買家向商家郵購(gòu)或電話訂購(gòu)（MOTO）發(fā)起的?？梢灶A(yù)見的是，現(xiàn)有的移動(dòng)互聯(lián)網(wǎng)上銀行卡支付交易將會(huì)降低，因?yàn)榛ヂ?lián)網(wǎng)通信經(jīng)濟(jì)的交易成本低廉，同時(shí)采用嚴(yán)格保密的加密算法。</p><p>　　為確保在互聯(lián)網(wǎng)上的網(wǎng)上銀行卡支付交易安全性，已經(jīng)提出了不少的加密協(xié)議。發(fā)布的協(xié)議包括“網(wǎng)上現(xiàn)金” ， “網(wǎng)絡(luò)數(shù)據(jù)” “網(wǎng)絡(luò)支票” ， “Netehex”, “公開市

3、場(chǎng)” ， “iKP” ， “Millicent” ， “STT” ，“SEPP”等。這些協(xié)議每個(gè)都有自己的優(yōu)點(diǎn)，都有助于更好地了解這個(gè)領(lǐng)域。尤其以STT和SEPP為當(dāng)今最大的運(yùn)營(yíng)商。銀行卡支付手段的出版兩種規(guī)格：分別是VISA和萬事達(dá)。這兩項(xiàng)規(guī)格，他們建立和提供專門的金融機(jī)構(gòu)給用戶使用，為系統(tǒng)運(yùn)營(yíng)商創(chuàng)造明顯的優(yōu)勢(shì)：交易成本最小化，需要聘用額外運(yùn)營(yíng)商的最小化，也可以直接使用這兩個(gè)信譽(yù)良好的支付系統(tǒng)供應(yīng)商得到了的全球地區(qū)的全球買家，商家和銀

4、行的基礎(chǔ)設(shè)施。</p><p>　　這兩項(xiàng)建議指定的網(wǎng)上銀行卡支付系統(tǒng)的網(wǎng)絡(luò)版本，使用了先進(jìn)的加密技術(shù)來增加安全性，但很難在開放環(huán)境下的提供網(wǎng)絡(luò)服務(wù);否則，指定系統(tǒng)將會(huì)類似今天的MOTO的版本，運(yùn)行在相對(duì)封閉的私人網(wǎng)絡(luò)。在本文中，我們報(bào)告了我們研究的這兩種規(guī)格。研究表明，轉(zhuǎn)移到開放的網(wǎng)絡(luò)，并使用先進(jìn)的加密算法并不一定會(huì)產(chǎn)生成功的網(wǎng)絡(luò)版系統(tǒng)，即使原來的系統(tǒng)上運(yùn)行的專用網(wǎng)絡(luò)成功，但由于使用傳統(tǒng)的方式來加強(qiáng)網(wǎng)絡(luò)安全的結(jié)

5、果，兩種規(guī)格都會(huì)因?yàn)橐恍┪⒚畹穆┒?，不?huì)在開放的網(wǎng)絡(luò)中使用。對(duì)于這兩項(xiàng)規(guī)格，我們將揭露一些弱點(diǎn)，并討論其原因。這些原因包括：容易成為惡意用戶的詐騙對(duì)象，缺乏一個(gè)不可抵賴性服務(wù)，一個(gè)微小的系統(tǒng)錯(cuò)誤就容易產(chǎn)生糾紛，缺少誠(chéng)信服務(wù)并在線上的授權(quán)系統(tǒng)性能低的空間進(jìn)行交易的支付，濫用一些加密機(jī)制。我們已經(jīng)注意到，STT和SEPP明確表示一個(gè)在網(wǎng)上授權(quán)進(jìn)行支付交易請(qǐng)求的金融機(jī)構(gòu)（稱為收單銀行，或收購(gòu)）進(jìn)行工作，并相信，銀行的銀行卡支付手段是成功的。工

6、作，可以解釋為：收購(gòu)過程至多有一個(gè)線上支付交易的要求。據(jù)我們了解，如果超過一個(gè)線上的要求，可以被每個(gè)支付交易接受，那么收購(gòu)方將可以采用一個(gè)簡(jiǎn)單的請(qǐng)求 - 響應(yīng)的機(jī)制，然后大部分缺少</p><p>　　幸運(yùn)的是，在STT和SEPP中發(fā)現(xiàn)的問題，可以很容易地解決。 VV'e提出一個(gè)非常規(guī)的使用請(qǐng)求 - 響應(yīng)的機(jī)制，其中的請(qǐng)求者，即創(chuàng)建并發(fā)送一個(gè)請(qǐng)求，產(chǎn)生一個(gè)沒有驗(yàn)證過的預(yù)期線上的響應(yīng);線上的核查工作將使用不

7、同的主體。使用這種想法修改STT和SEPP，那就是讓收購(gòu)創(chuàng)建一個(gè)買方的請(qǐng)求，但讓賣家確認(rèn)了一個(gè)正確的反應(yīng)。對(duì)賣方來說，雖然可以做的核查工作，不能親自應(yīng)對(duì)這一請(qǐng)求。因此，正確的反應(yīng)可以被用來作為一個(gè)付款承諾，而沒有訪問每個(gè)支付交易收購(gòu)的需要。面對(duì)今天的我們的機(jī)制模型，以面對(duì)面的支付工具的使用紙條：如果買方不簽字的請(qǐng)求，最終將不會(huì)得到成交或付款（當(dāng)然，購(gòu)買不成功）。因此，我們認(rèn)為我們的解決方案和現(xiàn)有的金融基礎(chǔ)設(shè)施的成功的工作機(jī)制之間將會(huì)有小

8、沖突。</p><p>　　使用請(qǐng)求 - 響應(yīng)機(jī)制的一個(gè)重要原因是，被稱為收購(gòu)的一方現(xiàn)在在安全的前提下，節(jié)約時(shí)間，減少耗時(shí)的計(jì)算。如果用消息重讀檢測(cè)和公共密鑰證書驗(yàn)證這些耗時(shí)的過程，前者需要實(shí)時(shí)維護(hù)一個(gè)很大的數(shù)據(jù)庫(kù)，而后者則需要其他各方的通信（例如，證書吊銷列表CRL的）。而在我們的解決方案，能夠脫機(jī)處理這些工作，將顯著提高支付系統(tǒng)的線上的性能。 </p><p>　　我們將描述支付機(jī)制為

9、“買家”， “賣家”和“銀行”，銀行是主導(dǎo)。當(dāng)銀行的交易是具體的，他們將表示一個(gè)角色，例如，“（銀行卡）發(fā)行人”或“（交易）的收購(gòu)方”。在我們的修訂中，收購(gòu)方往往會(huì)被稱為“（付款）網(wǎng)關(guān)”，因?yàn)樵诖蠖鄶?shù)情況下，當(dāng)我們提到這個(gè)主體，我們的意思是其計(jì)算機(jī)系統(tǒng)所面臨的開放式網(wǎng)絡(luò)所接收，處理和發(fā)送的收購(gòu)協(xié)議消息。另外，為方便起見，我們將經(jīng)常使用的“她”， “他”和“它”指買方，賣方和銀行，她和他也被稱為“最終用戶”。 </p>&l

10、t;p><b>　　2問題分析</b></p><p>　　簡(jiǎn)單介紹，我們有一些消息的名稱不同，但在STT和SEPP有相同的語(yǔ)義。那些值得一提的是“發(fā)票”和“確認(rèn)”， “發(fā)票”，是所謂的“商家認(rèn)證”和“確認(rèn)”被稱為“訂單確認(rèn)”。在這兩個(gè)協(xié)議，由買方來搜索賣方的銷售目錄，買方將首先得到SEPP的“發(fā)票”，此消息是個(gè)性化的，因?yàn)橘u方作為響應(yīng)發(fā)送到“啟動(dòng)”。此消息（即“憑據(jù)”）是不可更改的。

11、</p><p>　　這兩個(gè)協(xié)議都使用公共密鑰加密技術(shù)，但在SEPP初期的版本中，買方，甚至賣方，可以使用傳統(tǒng)的基于個(gè)人識(shí)別號(hào)碼（PIN）的加密。我們分析得出結(jié)論，所有各方都配備public-key/private-key對(duì)，發(fā)現(xiàn)的問題最適用于其他版本，也有這些問題的版本。我們的分析將討論在使用這兩個(gè)協(xié)議的加密機(jī)制，雖然編碼公式中沒有有關(guān)的分析。在第3節(jié)時(shí)，我們制定這兩個(gè)協(xié)議的修訂建議，我們將目前的加密公式和解釋

12、，修訂和前這兩個(gè)規(guī)格之間使用加密的本質(zhì)區(qū)別。 </p><p>　　“發(fā)票”的消息將包含賣方與收購(gòu)方的公鑰信息（密鑰和證書）。當(dāng)買方?jīng)Q定開始購(gòu)買，她將合并“訂單”和“有價(jià)證券”連同賣方與她的公鑰信息。該消息的一部分“訂購(gòu)”是旨在為賣方資料。收購(gòu)的銀行卡數(shù)量是機(jī)密數(shù)據(jù)處理和加密的“有價(jià)證券”，成為收購(gòu)方的公共關(guān)鍵。賣方將被授權(quán)支付收購(gòu)發(fā)送消息“驗(yàn)證請(qǐng)求”的要求。付款后由收購(gòu)方授權(quán)，賣方將消息“驗(yàn)證響應(yīng)”發(fā)送，然后他

13、將發(fā)送給買方的最終協(xié)議的消息“確認(rèn)”提供的商品/服務(wù)購(gòu)買的賣方的簽名，并將最后的消息作為收據(jù)。在一些大型生產(chǎn)企業(yè)中，可以在時(shí)間內(nèi)授權(quán)（買方之間的“訂單”發(fā)送和接收“確認(rèn)”期間），可以使買方，多次達(dá)到她的原訂單，她的采購(gòu)訂單（“訂單查詢”）的地位，并為每個(gè)查詢的查詢消息時(shí)，賣方將答復(fù)與回應(yīng)（“訂單答復(fù)”）。 </p><p>　　這些支付計(jì)劃，遠(yuǎn)遠(yuǎn)早于終止運(yùn)行的協(xié)議，賣方獲得所需要的材料將影響到資金的真正轉(zhuǎn)移（計(jì)入

14、其帳戶，并扣除買方）。這才是真正的，甚至不管是否運(yùn)行的協(xié)議將終止都會(huì)成功的支付。我們相信，當(dāng)出現(xiàn)這些問題時(shí)，這樣的計(jì)劃是可以在互聯(lián)網(wǎng)上使用（或任何開放網(wǎng)絡(luò)）。</p><p>　　2.1缺少的安全服務(wù)：不可抵賴性和完整性 </p><p>　　在一般情況下，開放的網(wǎng)絡(luò)上的通信（如互聯(lián)網(wǎng)）質(zhì)量好。然而，只有一個(gè)給定節(jié)點(diǎn)是不能保證始終可以訪問或到達(dá)。通信互聯(lián)網(wǎng)中的延遲是一種常見的現(xiàn)象，在網(wǎng)絡(luò)流

15、量高的時(shí)候尤為明顯。因此，發(fā)送到互聯(lián)網(wǎng)上的信息可能不及時(shí)到達(dá)收件人。如果途中損壞或延遲的消息（含“AUTH反應(yīng)”），那么它??可能會(huì)成為買家的滋擾：她有耐心等待，或重新?lián)芴?hào)查詢賣方（“PO查詢”選項(xiàng)，在SEPP）。在買方和賣方之間的通信鏈路的錯(cuò)誤時(shí)，重新?lián)芴?hào)意義通常不大。因此，更大的可能，是買方必須從不同的商店再次購(gòu)買同一物品。這顯然是一個(gè)不理想的情況，因?yàn)橘I方實(shí)際支付給賣方的然后要求退還的交易，是必須有所的賠償。據(jù)了解，負(fù)責(zé)重復(fù)交易形

16、式的主要內(nèi)容之一就是提高系統(tǒng)的每筆交易的費(fèi)用。 </p><p>　　也許，真正的問題并不是由于互聯(lián)網(wǎng)本身的不完善，這可能只是小小的漏洞，但是，惡意用戶將它放大，無論是買方或商人，都可以實(shí)現(xiàn)不當(dāng)利益。例如，賣方可以更改廣告商品的銷售數(shù)字，甚至當(dāng)貨物暫時(shí)缺貨。通過延遲發(fā)送的時(shí)間期間補(bǔ)給倉(cāng)庫(kù)的庫(kù)存，假稱在購(gòu)買他的鏈接商品，許多不知情的買家可以被欺騙的通信失敗“確認(rèn)”。 </p><p>　　還

17、有其他各種電子商務(wù)應(yīng)用，特別是使用互聯(lián)網(wǎng)提供其非物質(zhì)服務(wù)的信息時(shí)，比如，文件出售，保險(xiǎn)，賭博售票或航空公司機(jī)票預(yù)訂。（這是我們的信念，這些服務(wù)將成為一個(gè)全面的互聯(lián)網(wǎng)電子商務(wù)的活動(dòng)。）這些情況都更容易與STT和SEPP糾紛，如支付計(jì)劃。例如，假稱從賣方到她的鏈接通信故障，買方拒絕從而不需要支付取消費(fèi)用的機(jī)票預(yù)訂，其實(shí)原因是后來她找到更好的報(bào)價(jià)。另一方面，售票員可以要求假裝發(fā)送消息的“確認(rèn)”，至少可以賺取取消費(fèi)用，而真實(shí)的情況是當(dāng)他收到的消

18、息“訂單”時(shí)，已經(jīng)沒有票在可用的時(shí)間。 （可想而知，其他如保險(xiǎn)或彩票售票情況）。 </p><p>　　這里我們可以看到，這兩個(gè)標(biāo)準(zhǔn)沒有提供服務(wù)的不可抵賴性，證明有收到消息。針對(duì)這些方面的惡意行為，其實(shí)不需要任何復(fù)雜的技術(shù)。我們注意到糾紛不一定是欺詐行為的結(jié)果，他們可能是溝通失敗或真正的延遲所造成的。通訊故障或因充回交易量上漲推遲，由于他們的要求賠償或解決糾紛的其他工作，使得惡意用戶的損失被添加到系統(tǒng)中?？傊@

19、些都是整個(gè)支付系統(tǒng)的基礎(chǔ)。</p><p>　　由于惡意行為或網(wǎng)絡(luò)故障的后果是價(jià)格昂貴的，我們可以進(jìn)一步認(rèn)為，STT和SEPP的不適當(dāng)?shù)耐暾员Ｗo(hù)。一個(gè)安全的通信系統(tǒng)運(yùn)行在一個(gè)開放的網(wǎng)絡(luò)（例如，一個(gè)安全協(xié)議）的完整性保護(hù)服務(wù)需要檢測(cè)到任何一處，各個(gè)工程，和敏感數(shù)據(jù)或損壞，傳遞至網(wǎng)絡(luò)。完整性服務(wù)通常包括多余內(nèi)容維護(hù)，將用于修復(fù)一個(gè)使系統(tǒng)不完整的故障。一個(gè)簡(jiǎn)單的完整的服務(wù)應(yīng)保護(hù)系統(tǒng)，是用簡(jiǎn)單的成本，因此必須是廉價(jià)的后

20、備措施。而對(duì)應(yīng)的，高昂的代價(jià)是要他（她）實(shí)現(xiàn)增益損壞的完整性。 STT和SEPP不提供一個(gè)適當(dāng)?shù)恼\(chéng)信服務(wù)，因?yàn)樗鼈冊(cè)试S（沒有成本）對(duì)方用很輕松的方式獲得因完整性破壞的各種優(yōu)勢(shì)，而他們的成本在運(yùn)行備用措施的系統(tǒng)付出了高昂代價(jià)后，系統(tǒng)得到了一個(gè)完整失敗。 </p><p>　　一個(gè)簡(jiǎn)單的解決方法是延遲發(fā)送的消息，構(gòu)成了付款承諾。如果付款是在收到的線上溝通的最后一步，那么沒有人可以否認(rèn)收到任何其他線上的消息（包括最后一

21、個(gè)，如果買家真的要得到報(bào)酬）。如果它是一個(gè)真正的通信故障或任何其他原因，已經(jīng)引起了消息，沒有到達(dá)收件人，那么沒有人受到傷害，因?yàn)闆]有人已支付和無貨/服務(wù)將交付。這種延遲發(fā)送的付款并不意味著需要一個(gè)一個(gè)比對(duì)線上訪問每個(gè)支付交易收購(gòu)。這樣的想法是讓收購(gòu)創(chuàng)建一個(gè)買方的請(qǐng)求，并讓賣家有一個(gè)方法來驗(yàn)證的網(wǎng)絡(luò)反應(yīng)的正確性。正確的反應(yīng)構(gòu)成的付款承諾，并需要保證不會(huì)發(fā)送任何其他網(wǎng)絡(luò)方式取消。 </p><p>　　2.2低性能：

22、濫用加密機(jī)制的后果</p><p>　　當(dāng)我們談?wù)撏ㄐ畔到y(tǒng)的性能時(shí)，我們著重研究的一個(gè)關(guān)鍵性能，是其帶寬。帶寬限制了整個(gè)系統(tǒng)。在今天的銀行卡支付系統(tǒng)中，會(huì)執(zhí)行一些基本的安全檢查程序。例如，它證實(shí)了消息的真實(shí)性,收購(gòu)方和賣方之間的相對(duì)封閉的通信鏈路，進(jìn)行傳輸錯(cuò)誤檢測(cè)和糾正方面的驗(yàn)證。這些程序很簡(jiǎn)單，一般不費(fèi)時(shí)。然而，當(dāng)東西都搬上互聯(lián)網(wǎng)，在網(wǎng)上支付的交易量，更徹底的安全檢查將成為必要的預(yù)期目標(biāo)。 </p>

23、<p>　　在STT和SEPP中，一個(gè)主要元素是時(shí)間消耗。在我們的概念中，這是收購(gòu)方選擇用來處理網(wǎng)上交易消息的加密算法被濫用的結(jié)果。關(guān)于這兩種規(guī)格，遺憾的是忽略了一個(gè)重要關(guān)系：收購(gòu)方和賣方雙方保持長(zhǎng)期的業(yè)務(wù)關(guān)系。采用這種有益的關(guān)系，他們將很容易處理在收購(gòu)過程中頻繁的收到的不合理的消息，和一個(gè)長(zhǎng)期的業(yè)務(wù)合作伙伴共同使用一個(gè)公共密鑰加密。事實(shí)上，共享的加密密鑰對(duì)稱技術(shù)，將提供一個(gè)更好的性能相同的安全服務(wù)。例如，通過計(jì)算，RSA

24、算法的簽名認(rèn)證比使用共享密鑰慢約100倍，和取消爆發(fā)的RSA信息相比慢9000至10000倍。也許，他們的意圖是更有力地證明了消息的來源。我們應(yīng)該將重點(diǎn)放在安全服務(wù)之間的認(rèn)證和不可抵賴性的差異。前者是說服自己的一個(gè)對(duì)象的真實(shí)性，而后者則是證明給第三方。據(jù)我們了解，網(wǎng)上交易，授權(quán)其支付交易服務(wù)只需要身份驗(yàn)證，而且不是不可抵賴性。只有當(dāng)爭(zhēng)議發(fā)生時(shí)，才回被要求提供證明。</p><p>　　作為買賣關(guān)系，一個(gè)的結(jié)果更嚴(yán)

25、重的問題是，收購(gòu)方也需要驗(yàn)證買家的簽名，其中包括驗(yàn)證她的公鑰證書。通常情況下，后者的工作需要額外的通信證書吊銷列表（CRL）。我們相信，即使在緩慢公鑰加密本地計(jì)算中，到遠(yuǎn)程節(jié)點(diǎn)的通信將變得更加費(fèi)時(shí)。集中管理這些通信的收購(gòu)，這是非常不明智的。 </p><p>　　例行檢查收購(gòu)消息“PI”（或從映射一個(gè)數(shù)字“PI”） 的獨(dú)特性將進(jìn)一步耗時(shí)。為防止買方（如賣方的激勵(lì)重播此消息）多收費(fèi)，需要實(shí)時(shí)地保持記錄一段時(shí)間內(nèi)的所

26、有有效的“有價(jià)證券的”的相關(guān)號(hào)碼的數(shù)據(jù)庫(kù)。數(shù)據(jù)庫(kù)必須是實(shí)時(shí)的方式進(jìn)行排序，以便每個(gè)傳入的“有價(jià)證券”可以避免重復(fù)檢查。實(shí)時(shí)維護(hù)數(shù)據(jù)庫(kù)的容量是影響整個(gè)支付系統(tǒng)性能的關(guān)鍵。數(shù)據(jù)庫(kù)維護(hù)的復(fù)雜性與“PI”公司的的貨物/服務(wù)是成正比。此外，實(shí)時(shí)數(shù)據(jù)庫(kù)維護(hù)，數(shù)據(jù)庫(kù)的安全備份將更加昂貴。 </p><p><b>　　外文文獻(xiàn)原文</b></p><p>　　Title：On Cr

27、yptographic Techniques for On-line Bankcard Payment Transactions Using Open</p><p>　　Material Source: Security Protocols Workshop Author: Wenbo Mao</p><p>　　Many of today's on-line ba

28、nkcard payments are transacted using private communication networks linking merchants and banks, and some of these transactions are initiated by mail orders or telephone orders (MOTO) from buyers to merchants. It is fore

29、seeable that moving the existing on-line bankcard payment transactions onto the Internet can reduce the transaction cost because of the economy of the Internet communications, and also add difficulty for defrauding due t

30、o the readiness to use advanced cr</p><p>　　Quite a number of cryptographic protocols for securing on-line bankcard payment transactions on the Internet have been proposed. Published proposals

31、include CyberCash[1], NetBitl[10], NetCheque[8], Netehex[4], Open Market[5], iKP [6], Millicent [7], STT [3], and SEPP [2]. Each of these proposals has its own virtues and all contribute to a better understan

32、ding of the area of study. Among these proposals, STT and SEPP are two specifications published by two of toda</p><p>　　The two proposals specify open network versions of on-line bankcard payment syst

33、ems and use advanced cryptographic technologies to supply some security services that are well understood to be inadequate in open networks; the specified systems are otherwise similar to today's MOTO versio

34、ns running on relatively closed private networks. In this paper we report our study of these two specifications. The study shows that, moving things onto open networks with the use of advanc</p><

35、p>　　Fortunately, the problems to be identified in STT and SEPP can readily be fixed. VV'e will propose a unconventional use of challenge-response mechanism, in which the challenger, i.e., the principal who creates

36、 and sends a challenge, is not an on-line verifier of an expected response; the on-line verification job will be carried out by a different principal. Using this idea to revise STT and SEPP, it is to let the acquirer cre

37、ate a challenge to the buyer but let the seller verify the correctness </p><p>　　An important achievement due to the novel use of challenge-response mechanism can be referred to as that the acquirer is now a

38、ble to safely delay major time-consuming computations to an off-line time. Message replay detection and public-key certificate validating are two of such time-consuming processes: the former requires real-time maintenan

39、ce of a big database and the latter require communications to other parties (e.g., certificate revocation lists, CRL's). Being able to off-line process t</p><p>　　The remainder of this paper is organize

40、d as follows. Section 2 is a close study of problems in STT and SEPP. In Section 3 presents our revision that tackles the identified problems. Section 4 analyses why and how the problems are solved. Finally, Section 5 f

41、orms our conclusion. </p><p>　　Throughout the rest of this paper we shall be describing payment mechanisrns in which "buyers", "sellers" and "banks" are principals. When banks&

42、#39; rote in a transaction is specific, they will be denoted by that role, for example, "(bankcard) issuer" or "(transaction) acquirer". In our revision, the acquirer will often be referred to as &quo

43、t;(payment) gateway" as in most cases when we mention this principal we mean its computer systems that face the open networks, receive, process and send protocol m</p><p>　　2.Problem Analysis</p>

44、<p>　　Figure 1 illustrates on-line bankcard payment schemes used in STT and SEPP. For presentation simplicity, we have unified some message names which are different in STT and SEPP but have the same semantics. Th

45、ose worth mentioning Are “Invoice" and “Confirmation": In STT, "Invoice" is called "Merchant Credential" and "Confirmation" is called "Order Acknowledgement". In both

46、protocols, the buyer will first get “Invoice" from the sullen In SEPP, this message is personalized because the seller send</p><p>　　Both protocols use public-key cryptography, but SEPP also allows earl

47、y stage versions in which the buyer, and even the seller, can use conventional cryptography based on personal identification numbers (PINs). We focus on analyzing the version in which all parties are equipped with public

48、-key/private-key pairs, as most of the revealed problems apply to other versions, too. Our analysis will discuss the use of cryptographic mechanisms in these two protocols, though coding formulae are not concern</p>

49、;<p>　　The message "Invoice" will contain the seller's and the acquirer's public-key information (keys and certificates). When the buyer decides to start a purchase, she sends a combined message

50、"Order" and "PI" to the seller together with her public-key information. The message part "Order" is intended for the seller while the part: PI" ("Payment Instruction") for th

51、e acquirer. The bankcard number is treated as a piece of confidential data and will be encrypted in "PI" under the acquirer's public key.</p><p>　　In these payment schemes, far before a protoco

52、l run terminates, the seller obtains all of the needed material to affect a real transfer of money (crediting his account and debiting the buyer's). This is true even regardless of whether or not a protocol run will

53、terminate successfully. We believe that the following problems will emerge when such a scheme is used over the Internet (or any open network). We identify problems and sketch solutions.</p><p>　　2.1 Missing

54、security services: non-repudiation and integrity </p><p>　　In general, communications on open networks (e.g., the Internet) are in good quality. However, there is no guarantee that a given node is

55、always accessible or reachable. Communication delay in the Internet is a frequent phenomenon and is particularly noticeable during the time of high network traffic. As a result, messages sent to the Internet may not

56、 reach the recipient in time. If a message corrupted or delayed en route is one after (including) "Auth-Response", then it may becom</p><p>　　Perhaps, the real problem is not the imperfection of th

57、e Internet in its own right, it may be that the imperfection, however slight, can be amplified by a malicious user, either the buyer or the merchant, to achieve undeserved gain. For instance, the seller can promote sales

58、 figure by advertising goods even when the goods are temporarily out of stock. By delaying sending out "Confirmation's" for a period of time needed for replenishing the warehouse while falsely claiming comm

59、unication failures </p><p>　　There is various other electronic commerce applications particularly suit-able for using the Internet due to their nature of non-physical delivery of services Information-d

60、ocument selling, instant-insurance covering, gambling-ticket selling or airline-ticket reservation are a few examples. (It is our belief that these services will be among the first activities in a full-fledged Internet e

61、lectronic commerce.) These circumstances are more prone to disputes with STT and SEPP like payment sch</p><p>　　Here we see that the two specifications have not supplied the service of non- repudiation on pr

62、oof of message receipt. To be malicious in these ways does not require any sophisticated technique. We should note that disputes are not necessarily the result of fraudulent actions; they can be resulted from genuine com

63、munication failures or delays. The communication failures or delays rise the volume of charge-back transactions, while the malicious users add bigger loss to the system due to their dem</p><p>　　Since a cons

64、equence of malicious actions or of network failures is expensive, we can further regard that STT and SEPP do not serve a proper integrity protection. An integrity protection on a secure communication system (e.g., a secu

65、rity protocol) running over an open network is a service to detect any toss of, alteration on, or damage to the sensitive data. Passing along the network. An integrity service usually includes a. fatback measure which wi

66、ll be used to fix an integrity failure. A proper</p><p>　　A simple solution is to delay sending the message that constitutes a payment commitment. If a payment is received in the final step of on-line commun

67、ication, then no one can deny having received any other on-line messages (including the final one if the buyer really wants to get paid). If it is a genuine communication failure or for any other reason that has caused

68、 a message not reaching the recipient, then no one is hurt because no one has been paid and no goods/services will be delivered</p><p>　　2.2 Low performance: a consequence of misusing crypto-mechanisms

69、</p><p>　　When we speak of the performance of a communication system, we focus on studying the performance of a critical principal whose bandwidth limits the bandwidth of the whole system. In on-line bankcar

70、d payment systems, the acquirer is such a principal. </p><p>　　In today's bankcard payment systems, the acquirer performs some basic security checking routines. For instance, it validates the message gen

71、uineness. The relatively closed communication links between the acquirer and the seller mean that the validation is mainly in terms of detecting and correcting trans-mission errors. These routines are simple and in gener

72、al not time-consuming. However when things are moved onto the Internet, in addition to the expected incensement in the volume of on-line pa</p><p>　　A major time-consuming element in STT and SEPP is, in our

73、 belief, a result of misuse of cryptographic algorithms chosen for the acquirer to process messages during the on-line transaction authorization time. The two specifications have unfortunately overlooked an important fac

74、t: the acquirer and the seller are two parties who maintain a long-term business relationship. Instead of employing this useful relationship, they have unreasonably designated the acquirer to process frequent session mes

75、sag</p><p>　　A worse problem as a result of dismissing the acquirer-seller relationship is that, the acquirer has to also on-line verify the buyer's signature which includes validating her key certificat

76、e. Frequently, the latter job requires additional communications to certificate revocation lists (CRL's). Compared to local computations even in slow public-key cryptography, we believe that communications to remote

77、nodes will be much more time-consuming. It is very unwise to centralize these communications t</p><p>　　A further time-consuming routine with the acquirer is to on-line check the uniqueness of the message &#

78、39;PI" (or a number mapped from "PI") in order to prevent multiple charges to the buyer (e.g., the seller has an incentive to replay this message). This is to on-line, real-timely maintain a database that

79、records all valid “PI's” (or related numbers) for a period of time. The database must be sorted in a real-time way so that each incoming 'PI" can readily be checked against replay. The capacity of</p>