TRUST-BASED MICROPAYMENT AUTHENTICATION SYSTEM
advertisement
JOURNAL OF INFORMATION, KNOWLEDGE AND RESEARCH COMPUTER
SCIENCE AND APPLICATIONS
TRUST-BASED MICROPAYMENT
AUTHENTICATION SYSTEM IN MOBILE DATA
NETWORK
1 PROF.
HEMANT APPA TIRMARE, 2 PROF. SANJAY SHAMRAO PAWAR,
3 PROF. GITANJALI BHIMRAO YADAV
1 Assistant
Professor, I. T. Department, Bharati Vidyapeeth College of Engg. Kolhapur
Professor, E&TC. Department, Bharati Vidyapeeth College of Engg. Kolhapur
3 Assistant Professor, C.S.E. Department, Bharati Vidyapeeth College of Engg. Kolhapur
2 Assistant
tirmarehemant@rediffmail.com,pawarsanjay2@rediffmail.com,gitanjalistar@gmail.com
ABSTRACT: In this paper we develop trust based Anonymous Micro payment Authentication System for micro
payments in mobile data network. This system is innovative and practical authentication system designed for
micro payments in mobile data network. Through AMA the customer and merchant can authenticate each other
indirectly, at the same time the merchant does not know the customers real identity. A customer can get
Micropayments not only from his local domain but also from a fast remote domain without increasing any
burden on his mobile phone. The system maintains customer’s privacy, confidentiality and integrity without
increasing any burdens on mobile phone. Evaluation of proposed AMA is carried out based on security,
feasibility and scalability. All the work is carried out using WAP toolkit simulator and Nokia Mobile Browser
emulator.
Keywords: Anonymous Micro payments, Authentication, RSA, Cryptography
1. INTRODUCTION
In the recent year data communication networks has
led to enormous development in electronic
commerce. Internet banking and trading are the two
important applications that execute financial
transaction from anywhere in the world. This enables
banks and trading are two important applications that
execute financial transaction from anywhere in the
world. This enables banks and merchants to simplify
their financial transaction process as well as to
provide customer friendly service twenty four hours a
day. Electronic micro payment is one of the most
important research topics in electronics commerce,
practically, low cost online payment scenarios and
offline payments in rural areas. Micropayments refer
to low value financial transaction ranging from
several pennies to a few dollars [1].Large portion of
electronics commerce occurs in mobile data network
belongs to the category of Micropayments. The
amount of each single transaction in micro payment
is small, the number of users and transaction in micro
payment is small and the number of users and
transaction is large. Due to insecure transaction small
percentage of loss increases fraud. So measure issue
is to secure micro payment. The common security
scheme called pretty good privacy was designed to
provide privacy, integration, authentication and no
repudiation.
Presently security is based on cryptography which is
classified as to script based, macro payment based
hash chain based categories. These methods works
well for internet network and not suitable for mobile
data network. Mobile environment has some
limitations for mobile payment, such as limited
bandwidth of mobile data network, limited
computational capability and memory resources of
mobile phone. So it is necessary to propose a new
secure mechanism for mobile Micropayments. The
paper is organized as follows. Section 2 describes
AMA model. Section 3 focuses protocols designed.
Section 4 shows Implementation of RSA algorithm.
The experimental results are given in Section 5.
Finally Section 6 ends up with conclusion.
2.
ANONYMOUS
MICROPAYMENT
AUTHENTICATION (AMA) MODEL
In virtual world for authentication username
password, symmetric signature, asymmetric signature
and biometry methods are used. There are many
protocols and mechanisms are based on this
mechanism. In micro payment system symmetric and
asymmetric signature are chosen for authentication.
Username and password is not enough safe for
mobile commerce and biometry is not feasible and
asymmetric signature is used only for cross
authentication symmetric is used to authenticate the
customer and merchant in home domain The
combined authentication method is enough safe for
mobile micro payment. Selected model is similar to
Kerberos protocol [8][9].
ISSN: 0975 – 6728| NOV 10 TO OCT 11 | VOLUME – 01, ISSUE - 02
Page 26
JOURNAL OF INFORMATION, KNOWLEDGE AND RESEARCH COMPUTER
SCIENCE AND APPLICATIONS
3
CS
CC
4
2
5
1
C
M
6
Fig.1. Trusted AMA Model
The interaction paths with the customer as shown in
Fig.1 are
1) Customer sends request to Merchant for goods
through order form.
2) Merchant forwards this request with nickname and
account information to CC for verification through
price form.
3) After verification in CC sends billing form with
account information to CS for account settlement.
4) After account settlement of C and M CS sends
acknowledgement to CC.
5) CC forwards acknowledgement to M.
6) M forwards acknowledgement to C
So for secure transaction between customer and
merchant trusted third party introduces the process is
credential center(CC) along with clearing and
settlement center (CS) registers in CC. CS
administrates accounts for C and M, debits C’s
accounts and credits M’s account. It also provides
account closer, balance inquires, account statements.
AMA uses RSA algorithm for authentication. For
transaction submission of order form, price form,
billing form, the price negotiation protocol and micro
payment protocol are implemented. AMA allows
mutual authentication between M and C. AMA
maintains confidentiality of transaction data and
privacy of customer. The security and performance is
important issue. Computational efforts are shifted
from user side to network side and allowing customer
to get micro payment.
2.1 Principals and Notations
All the parties involved in the micro payment
systems are called principals. All principals
communicate through wireless and wired network.
Basic principals in micro payment systems are
merchant, customer credential center, clearing and
settlement center. The symbols C, M, CC and CS are
used to denote the names of the principals. The
following symbols are used to represent other
messages and protocols.
KCpb: Principal C’s public key
KCpr: Principal C’s private key
KAc-m: Authentication key shared between principal
C and Principal M
KSc-m: session key shared between C &M
H(x): One way hash function of message x
EK(x): Message x encrypted with key K
x,y: Msg x concatenated with Msg y
IDc: C’s identity
TIDc: Nickname, Temporary identity
Iz: Item z
Pz: Price of Item z offered by the merchant
V: Micro payment value
TSc: Timestamp Generated by C
ETIz: Expiration Time of offered price for item z
C M: x C sending message x to M
R: Random numbers generated by respective
principal
Authentication and session keys KAc-m and KSc-m
are generated as follows:
A secret key between principal c and principal M is
created when they know each other at the first time.
An authentication key KAc-m is created for C and M
to communicate over insecure network. The main
goals of Authentication key KAc-m are:
a) Mutual authentication between C and M
b) Confidentiality of data
From hash of secret key and random number the
KAc-m is generated .It is dynamic for random
number in every communication. It is very difficult
for any attacker to get information related to the
secret key. Thus key guessing attacks can be
prevented. The session key KSc-m is generated with
random number.
3. PROTOCOLS DESIGNED
3.1 Price Negotiation Protocol
Before transaction begins the customer queries the
merchant about the price of specific goods. It is not
necessary for both of them to establish the secure
channel for the price information. Sometimes it is
important to prevent a merchant from knowing the
identity of his customers. TIDc a nickname instead of
his customer real identity is used. A customer can
have many nicknames when customer registers in
CC. Several nicknames are assigned to customer and
those nicknames are knows only to the customer and
the CC. So the merchant does not know the real
identity of the customer. The customer privacy is
protected. To avoid replaying attacks timestamp is
used in protocol.
Steps:
1] C M: TIDc, Iz, Pz
2] M C: IDm, Iz, Pz, TSm, ETz
Step By Step Explanation:
1] Customer c queries merchant M about the price Pz
of the item Iz.
2] M responds to c with the price Pz of the item Iz,
M’s identity IDm, M’s time stamp TSm and Pz’s
expiration time ETz.
3.2 Authentication and Micro payment Protocol
During transaction, Customer c sends order including
payment authorization to merchant M.M forwards
order to CC. At the same time m sends elated
information of item Iz and its identity information to
ISSN: 0975 – 6728| NOV 10 TO OCT 11 | VOLUME – 01, ISSUE - 02
Page 27
JOURNAL OF INFORMATION, KNOWLEDGE AND RESEARCH COMPUTER
SCIENCE AND APPLICATIONS
CC.CC checks the validity of C’s payment
authorization, authenticates c and M. sends billing
information to CS. After receiving acknowledgement
from cc M provides goods or service to C.
Steps:
1] CM: Order form, TIDc, IDcc, Rc
Order form=EKAc-cc(IDc,IDm,Iz,Pz,TSc, ETz, H
(Iz,Pz,TSc,ETz))
2] MCC: Price form, Order form, TIDc, IDm,
IDcc, Rc, Rm
Price form= EKAm-cc (TIDc,IDm,IDcc,IDz, Pz,
TSm, ETz, H(Iz,Pz,TSm,ETz))
3] CC CS: Billing form, Rcc
Billing
form=
EKAcc-cs
(Serial
no,IDc,IDm,Iz,TScc,V,H(Iz,TScc,V))
4] CSCC: Acknowledgement
5] CCM : confirm To M ,Conform To C
Conform
To
M=
EKAm-cc(Serial
No.,TIDc,IDm,Iz,TScc,KSc-m,
V,H(Iz,TScc,KScm,V))
Conform To C= EKAc-cc (TIDc, IDm, Iz, TScc,
KSc-m, V, H (Iz, TScc, KSc-m, V))
6] M C: EKSc-m (content (Iz)), Conform To C
Step By Step Explanation:
1] C creates order including C’s and M’s identities,
item Iz and associated price Pz, Timestamp TSc read
from the C’s clock, Pz’s expiration time ETz. Some
important fields, such as Iz, Pz, TSc, and ETz are
hashed to check if they are modified or replaced with
others while transit. Then the order is encrypted by
the authentication key known only to C and CC Time
stamp is used to avoid reply attacks. C sends order
form to M with C’s nickname, CC’s identity and
random number is generated by C.
2] M forwards order form to CC. M creates a price
form including C’s nickname M’s and CC’s identity,
item Iz and associated price Pz, timestamp TSm, Pz’s
expiration time ETz. The price form with some
encrypted important field used to authenticate M’s
identity to CC and M sends price form to CC with
C’s nick name, Rc, Rm. Then Cc decrypts order form
and price form and authenticates C’s and M’s
identity. CC checks fields in order form and price
form.
3] CC creates a billing record including serial number
of transaction generated by CC and C’s and M’s
identities, timestamp TScc, Micro payment value V.
The billing record with some encrypted important
field used for authentication of CC and CS. Then CC
sends billing form to CS with Rcc.
4] CS decrypts billing form and checks C has enough
funds in the account. If funds is enough then CS
completes transaction otherwise adds billing record
and send acknowledge back to CC.
5] CC generates session key KSc-m for
communication between C and M and acknowledges
with Confirmtoc and Confirmtom. Conformtoc has
got from encryption of C’s and M’s identities, item z,
transaction value V, time stamp of CC, session key
KSc-m. Conformtom has got from encryption of C’s
nickname, M’s identities, item z, transaction value V,
time stamp of CC, session key KSc-m. CC sends
Conformtoc and conformtom to M.
6] M forwards Confirmtoc and sends encrypted
contents of item z with session key KSc-m generated
by CC. M adds this transaction record in to database.
C decrypts confirmtoc and gets the session key KScm. Then C decrypts contents of item Iz and session
key KSc-m.
3.3 Clearing and Settlement Protocol
Regularly M sends to CS amount of money spend by
C after the M authenticates CC and CS checks
amount are consistent before settles account.
Steps:
1] M CC: EKAm-cc (IDm, clearingreq), IDm, Rm
2] CC M: EkAm-cc (IDm, TScc, KSm-cs),
EKAcc-cs (IDm, TScc, KSm-cs)
3] MCS: KKAm-cs (serial nos, amount, period,
EKAcc-cs (IDm, Tscc, KSm-cs)
4] CS M: Acknowledge
Step By Step Explanation:
1] M sends clearing request to CC which is encrypted
with key KAm-cc.
2] CC checks M’s identity and refuges request if
authentication failed. Otherwise CC generates session
key KSm-cs for subsequent communication and
encrypts session key KSm-cs and timestamp of CC
with authentication key KAm-cc and sends
encryption to M then M forwards to CS.
3] M gets session key KSm-cs and decrypts message
sent by CC. then M encrypts amount of money spent
by C during the period with session key KSm-cs and
sends to CS.
4] CS checks if the amounts are consistent and sends
acknowledgement to M.
4. RSA ALGORITHM
RSA is public key algorithm with two different keys
used to encrypt and decrypt the data. RSA is used for
many application like RSA secured ID, Digital
Certificates, Smart cards etc. This algorithm is based
on exponentiation takes O ((log n) 3) operation. RSA
uses large integers. RSA is basically based on
mathematics. First it finds prime numbers and
generates a key pair using these two prime numbers.
Then encryption and decryption has been done using
key pair.
4.1 RSA Key Generation
1. Select two prime numbers p and q.
2. Compute n= p*q.
3. Calculate f (n) = (p-1)*(q-1)
4. Select integer e; gcd(f(n),e)=1 where 1<e<f(n).
5. Calculate d; d= e-1modf (n).
6. Public key Kb = {e, n}
7. Private key Kp= {d, n}
We have the private key d and public keys e and n .If
we encrypt text we need to first represent it in some
numeric form and then simply apply the formula
c=me(mod n) where M is plain text and c is cipher
ISSN: 0975 – 6728| NOV 10 TO OCT 11 | VOLUME – 01, ISSUE - 02
Page 28
JOURNAL OF INFORMATION, KNOWLEDGE AND RESEARCH COMPUTER
SCIENCE AND APPLICATIONS
text. If we decrypt cipher text c then apply formula
p=cd mod n
4.2 Timing Attacks
RSA exploit timing attacks and the inter operand size
based on time taken. RSA exploits time taken in
exponentiation. The countermeasures are, use
constant exponentiation time, add random delay and
blind values used in calculations. Once the system is
designed the next step is to convert it in to actual
code to satisfy user’s requirements as expected. The
approved is error free has been implemented. The
main aim of the system was to identify
malfunctioning of system. Implementation includes
proper training to end users.
4.3 Encryption
Encryption is done using the public key component e
and the modulus n. We encrypt message with their
public key (e, n). Encryption is done by taking an
exponentiation of the message m with public key e
and then taking a modulus of it. Following steps are
done in encryption.
1. Obtain recipient’s public key (n, e).
2 .Represent the plain text message as a positive
integer m<n.
3. Compute cipher text c=me mod n.
4. Send cipher text to recipient.
4.4 Decryption
Decryption is done using private key. Decryption is
similar to the encryption except that the keys used are
different. Following steps are done in decryption.
1. Recipient uses his private key (n, d) to compute
m=cd mod n
2. Extract plain text from the integer representative
m.
5. EXPERIMENTAL RESULTS
The C and M authenticate with CC indirectly. The
time stamp is used in two ways from order form and
price form, one is used to protect this transaction
from replying attacks and other one is to check
whether the price offer is still in effect because price
of item is often changed. C authentication with
trusted third party CC the registration is as shown in
Fig.2.
The Merchant M authentication with trusted third
party CC the registration is as shown in Fig.3
Fig.3.Merchant registrations with third party CC.
Both C and M trusts CC .CC authenticates C by
decrypting order form encrypted with authentication
key known only to C and CC.CC authenticates M by
decrypting price form encrypted with authentication
key known only to M and CC.
Anonymity is important to prevent a merchant from
real identity of customer. The customer’s real identity
is protected. Instead of customer’s real identity the
nick names TIDc are used for communication with
merchant. The nickname is known only to C and CC.
The login with nickname and password as shown in
fig.4 and The list of options for C are as shown in
fig.5.
Fig.4. C Login with Nickname and Password.
Fig.2.Customer registration and after registration
login form with nickname and password.
Fig.5. The list of options for customer
ISSN: 0975 – 6728| NOV 10 TO OCT 11 | VOLUME – 01, ISSUE - 02
Page 29
JOURNAL OF INFORMATION, KNOWLEDGE AND RESEARCH COMPUTER
SCIENCE AND APPLICATIONS
Instead of M’s real identity the nick names TIDm are
used for communication with merchant. The
nickname is known only to M and CC. The login
with nickname and password is as shown in fig.3.
Fig.6.After registration M login with CC.
Confidentiality is to encrypt important data per
transaction while in transit. After logged in through
nickname and password the list of goods displayed
for negotiation as shown in Fig.7. So order is
generated after requesting current rate of goods as
shown in fig.8.and the order form is generated and
encrypted with session key generated by CC. Any
other principal could not get the correct content of
these goods because he does not know this session
key.
Fig 7. After logged in through nickname and
password the list of goods displayed for negotiation.
Fig.8. order is generated after requesting current rate
of goods.
After placing the purchase order the validation and
after validation the account settlement of CS for the
customer and merchant as shown in Fig.9.
Fig.9.Account settlement of CS for the C and M with
previous and current balance.
After account settlement CS sends the feed back CC
then CC to M and then M to C. Integrity while in
transit is the data is protected from being modified
and replaced with others. The message digest
algorithms are used and hash values of some
important information is padded in to order form,
price form. Immune from key guessing attack is
prevented. The authentication key is created
dynamically using one way hash function and it is
known only to the respective principal and third party
CC. So It is very difficult for any attacker to get
information related to secret key by analyzing
intercepted data for the dynamic authentication key.
Scalability is when AMA can support mobile
commerce with RSA .So capability of mobile phone
is improved and CC is upgraded to CA. AMA
functions as authentication protocol to authenticate.
6. CONCLUSION
Using proper mechanism of Protocols and algorithms
the mobile micro payment transactions are secured.
For this security we have used micro payment
negotiation, authentication protocols and RSA
algorithm. The AMA model provides security to all
principals by generating various respective keys.
Customer and merchant authenticate indirectly with
each other and communicate with their nickname
which is known to respective principal and trusted
third party The customer gets goods or services from
the merchants in any domain without disclosing
privacy and without increasing communication
overheads in the air. Most computational effort is
moved to wired network side to reduce computational
overheads on the mobile phone with limited
computational capability and storage. We have
explored alternative for tamper resistant system.
7. REFERANCES
[1]Zhi-YuanHu, Yao-Wei Liu,Anonymous Micro
payment Authentication (AMA) system in mobile
data network, IEEE INFOCOM20040-7803-83567/04/$20.00 ©2004 IEEE.
ISSN: 0975 – 6728| NOV 10 TO OCT 11 | VOLUME – 01, ISSUE - 02
Page 30
JOURNAL OF INFORMATION, KNOWLEDGE AND RESEARCH COMPUTER
SCIENCE AND APPLICATIONS
[2]A. Mitchell C.Trinity Coll,Algorithms For
Software Implementations Of RSA, Cambridge as
appears computers and digital Techniques,IEEE May
1989(Vol, 136,No:3-pp66-170)
[3] Amir Hertzberg, Payment Technology for
ECommerce, Micro payments PP.245-280,in Editor
Prof.Weidong Kou, springer-Verlag, ISBN 3-54044007-0, 2003.
[4] New Orleans, Louisiana Sung-Ming Yen, SangJae, RSA speedup with Chinese Remainder Theorem
Immune against Hardware Fault Cryptanalysis,
December 11-15, 2000.
[5] T. Pedersen, Electronic Payments of small
amounts, In Fourth Cambridge Workshop on Security
Protocols. Springer Verlag, Lecture Notes in
Computer Science, April 1996.
[4] P.M. Hallam-baker. Micro Payment Transfer
Protocol (MPTP) Version 0.1, November 1995.
[6] G. Horn and B.Preneel, Authentication and
Payment in Future Mobile System, ‘Computer
security-ESORICS’98, Lecture Notes in computer
Science 14851998, pp.277-293.
[7] R.Hauser, M.Stenier and M.Waidner, Micro
payments based on ikp, 14th Worldwide Congress on
computer and communications and security
protection, Paris, 1996, pp.67-82.
[8] John Kohl and B. Clifford Neumann. The
Kerberos
Network
Authentication
service
(Ver.5).IETFRFC1510.Sept.1993.
[9] J. Kohl and B. Neumon and T. Ts’o, The
Evolution of the Kerberos Authentication Service, In
Brazier. And Johansen, D.Distributed Open Systems.
Los Alamitos, CS: IEEE Computer Society Press,
1994.
[10] Mihir Bellaire and Phillip Rogaway Entity
Authentication and Key Distribution, Extended
abstract in Advances in Cryptology- CRYPTO 93,
Lecture Notes in Computer science Vol.773, D.
Stinson ed, and springer-Verlag.1994.
[11] M. Bellaire. Garay, R. Hauser, A.Herzberg, etal,
iKP- A Family of secure electronic Payment
Protocols, In First USENIX Workshop on Electronic
Commerce, New York, 1995.
[12] Ronald L. Rivest and Adi Shamir, pay Word and
MicoMint,Two
simple
Micro
paymentSchemes,CryptoBytes,1996:2(1):pp.7-11.
ISSN: 0975 – 6728| NOV 10 TO OCT 11 | VOLUME – 01, ISSUE - 02
Page 31
