JOURNAL OF INFORMATION, KNOWLEDGE AND RESEARCH COMPUTER SCIENCE AND APPLICATIONS TRUST-BASED MICROPAYMENT AUTHENTICATION SYSTEM IN MOBILE DATA NETWORK 1 PROF. HEMANT APPA TIRMARE, 2 PROF. SANJAY SHAMRAO PAWAR, 3 PROF. GITANJALI BHIMRAO YADAV 1 Assistant Professor, I. T. Department, Bharati Vidyapeeth College of Engg. Kolhapur Professor, E&TC. Department, Bharati Vidyapeeth College of Engg. Kolhapur 3 Assistant Professor, C.S.E. Department, Bharati Vidyapeeth College of Engg. Kolhapur 2 Assistant tirmarehemant@rediffmail.com,pawarsanjay2@rediffmail.com,gitanjalistar@gmail.com ABSTRACT: In this paper we develop trust based Anonymous Micro payment Authentication System for micro payments in mobile data network. This system is innovative and practical authentication system designed for micro payments in mobile data network. Through AMA the customer and merchant can authenticate each other indirectly, at the same time the merchant does not know the customers real identity. A customer can get Micropayments not only from his local domain but also from a fast remote domain without increasing any burden on his mobile phone. The system maintains customer’s privacy, confidentiality and integrity without increasing any burdens on mobile phone. Evaluation of proposed AMA is carried out based on security, feasibility and scalability. All the work is carried out using WAP toolkit simulator and Nokia Mobile Browser emulator. Keywords: Anonymous Micro payments, Authentication, RSA, Cryptography 1. INTRODUCTION In the recent year data communication networks has led to enormous development in electronic commerce. Internet banking and trading are the two important applications that execute financial transaction from anywhere in the world. This enables banks and trading are two important applications that execute financial transaction from anywhere in the world. This enables banks and merchants to simplify their financial transaction process as well as to provide customer friendly service twenty four hours a day. Electronic micro payment is one of the most important research topics in electronics commerce, practically, low cost online payment scenarios and offline payments in rural areas. Micropayments refer to low value financial transaction ranging from several pennies to a few dollars [1].Large portion of electronics commerce occurs in mobile data network belongs to the category of Micropayments. The amount of each single transaction in micro payment is small, the number of users and transaction in micro payment is small and the number of users and transaction is large. Due to insecure transaction small percentage of loss increases fraud. So measure issue is to secure micro payment. The common security scheme called pretty good privacy was designed to provide privacy, integration, authentication and no repudiation. Presently security is based on cryptography which is classified as to script based, macro payment based hash chain based categories. These methods works well for internet network and not suitable for mobile data network. Mobile environment has some limitations for mobile payment, such as limited bandwidth of mobile data network, limited computational capability and memory resources of mobile phone. So it is necessary to propose a new secure mechanism for mobile Micropayments. The paper is organized as follows. Section 2 describes AMA model. Section 3 focuses protocols designed. Section 4 shows Implementation of RSA algorithm. The experimental results are given in Section 5. Finally Section 6 ends up with conclusion. 2. ANONYMOUS MICROPAYMENT AUTHENTICATION (AMA) MODEL In virtual world for authentication username password, symmetric signature, asymmetric signature and biometry methods are used. There are many protocols and mechanisms are based on this mechanism. In micro payment system symmetric and asymmetric signature are chosen for authentication. Username and password is not enough safe for mobile commerce and biometry is not feasible and asymmetric signature is used only for cross authentication symmetric is used to authenticate the customer and merchant in home domain The combined authentication method is enough safe for mobile micro payment. Selected model is similar to Kerberos protocol [8][9]. ISSN: 0975 – 6728| NOV 10 TO OCT 11 | VOLUME – 01, ISSUE - 02 Page 26 JOURNAL OF INFORMATION, KNOWLEDGE AND RESEARCH COMPUTER SCIENCE AND APPLICATIONS 3 CS CC 4 2 5 1 C M 6 Fig.1. Trusted AMA Model The interaction paths with the customer as shown in Fig.1 are 1) Customer sends request to Merchant for goods through order form. 2) Merchant forwards this request with nickname and account information to CC for verification through price form. 3) After verification in CC sends billing form with account information to CS for account settlement. 4) After account settlement of C and M CS sends acknowledgement to CC. 5) CC forwards acknowledgement to M. 6) M forwards acknowledgement to C So for secure transaction between customer and merchant trusted third party introduces the process is credential center(CC) along with clearing and settlement center (CS) registers in CC. CS administrates accounts for C and M, debits C’s accounts and credits M’s account. It also provides account closer, balance inquires, account statements. AMA uses RSA algorithm for authentication. For transaction submission of order form, price form, billing form, the price negotiation protocol and micro payment protocol are implemented. AMA allows mutual authentication between M and C. AMA maintains confidentiality of transaction data and privacy of customer. The security and performance is important issue. Computational efforts are shifted from user side to network side and allowing customer to get micro payment. 2.1 Principals and Notations All the parties involved in the micro payment systems are called principals. All principals communicate through wireless and wired network. Basic principals in micro payment systems are merchant, customer credential center, clearing and settlement center. The symbols C, M, CC and CS are used to denote the names of the principals. The following symbols are used to represent other messages and protocols. KCpb: Principal C’s public key KCpr: Principal C’s private key KAc-m: Authentication key shared between principal C and Principal M KSc-m: session key shared between C &M H(x): One way hash function of message x EK(x): Message x encrypted with key K x,y: Msg x concatenated with Msg y IDc: C’s identity TIDc: Nickname, Temporary identity Iz: Item z Pz: Price of Item z offered by the merchant V: Micro payment value TSc: Timestamp Generated by C ETIz: Expiration Time of offered price for item z C M: x C sending message x to M R: Random numbers generated by respective principal Authentication and session keys KAc-m and KSc-m are generated as follows: A secret key between principal c and principal M is created when they know each other at the first time. An authentication key KAc-m is created for C and M to communicate over insecure network. The main goals of Authentication key KAc-m are: a) Mutual authentication between C and M b) Confidentiality of data From hash of secret key and random number the KAc-m is generated .It is dynamic for random number in every communication. It is very difficult for any attacker to get information related to the secret key. Thus key guessing attacks can be prevented. The session key KSc-m is generated with random number. 3. PROTOCOLS DESIGNED 3.1 Price Negotiation Protocol Before transaction begins the customer queries the merchant about the price of specific goods. It is not necessary for both of them to establish the secure channel for the price information. Sometimes it is important to prevent a merchant from knowing the identity of his customers. TIDc a nickname instead of his customer real identity is used. A customer can have many nicknames when customer registers in CC. Several nicknames are assigned to customer and those nicknames are knows only to the customer and the CC. So the merchant does not know the real identity of the customer. The customer privacy is protected. To avoid replaying attacks timestamp is used in protocol. Steps: 1] C M: TIDc, Iz, Pz 2] M C: IDm, Iz, Pz, TSm, ETz Step By Step Explanation: 1] Customer c queries merchant M about the price Pz of the item Iz. 2] M responds to c with the price Pz of the item Iz, M’s identity IDm, M’s time stamp TSm and Pz’s expiration time ETz. 3.2 Authentication and Micro payment Protocol During transaction, Customer c sends order including payment authorization to merchant M.M forwards order to CC. At the same time m sends elated information of item Iz and its identity information to ISSN: 0975 – 6728| NOV 10 TO OCT 11 | VOLUME – 01, ISSUE - 02 Page 27 JOURNAL OF INFORMATION, KNOWLEDGE AND RESEARCH COMPUTER SCIENCE AND APPLICATIONS CC.CC checks the validity of C’s payment authorization, authenticates c and M. sends billing information to CS. After receiving acknowledgement from cc M provides goods or service to C. Steps: 1] CM: Order form, TIDc, IDcc, Rc Order form=EKAc-cc(IDc,IDm,Iz,Pz,TSc, ETz, H (Iz,Pz,TSc,ETz)) 2] MCC: Price form, Order form, TIDc, IDm, IDcc, Rc, Rm Price form= EKAm-cc (TIDc,IDm,IDcc,IDz, Pz, TSm, ETz, H(Iz,Pz,TSm,ETz)) 3] CC CS: Billing form, Rcc Billing form= EKAcc-cs (Serial no,IDc,IDm,Iz,TScc,V,H(Iz,TScc,V)) 4] CSCC: Acknowledgement 5] CCM : confirm To M ,Conform To C Conform To M= EKAm-cc(Serial No.,TIDc,IDm,Iz,TScc,KSc-m, V,H(Iz,TScc,KScm,V)) Conform To C= EKAc-cc (TIDc, IDm, Iz, TScc, KSc-m, V, H (Iz, TScc, KSc-m, V)) 6] M C: EKSc-m (content (Iz)), Conform To C Step By Step Explanation: 1] C creates order including C’s and M’s identities, item Iz and associated price Pz, Timestamp TSc read from the C’s clock, Pz’s expiration time ETz. Some important fields, such as Iz, Pz, TSc, and ETz are hashed to check if they are modified or replaced with others while transit. Then the order is encrypted by the authentication key known only to C and CC Time stamp is used to avoid reply attacks. C sends order form to M with C’s nickname, CC’s identity and random number is generated by C. 2] M forwards order form to CC. M creates a price form including C’s nickname M’s and CC’s identity, item Iz and associated price Pz, timestamp TSm, Pz’s expiration time ETz. The price form with some encrypted important field used to authenticate M’s identity to CC and M sends price form to CC with C’s nick name, Rc, Rm. Then Cc decrypts order form and price form and authenticates C’s and M’s identity. CC checks fields in order form and price form. 3] CC creates a billing record including serial number of transaction generated by CC and C’s and M’s identities, timestamp TScc, Micro payment value V. The billing record with some encrypted important field used for authentication of CC and CS. Then CC sends billing form to CS with Rcc. 4] CS decrypts billing form and checks C has enough funds in the account. If funds is enough then CS completes transaction otherwise adds billing record and send acknowledge back to CC. 5] CC generates session key KSc-m for communication between C and M and acknowledges with Confirmtoc and Confirmtom. Conformtoc has got from encryption of C’s and M’s identities, item z, transaction value V, time stamp of CC, session key KSc-m. Conformtom has got from encryption of C’s nickname, M’s identities, item z, transaction value V, time stamp of CC, session key KSc-m. CC sends Conformtoc and conformtom to M. 6] M forwards Confirmtoc and sends encrypted contents of item z with session key KSc-m generated by CC. M adds this transaction record in to database. C decrypts confirmtoc and gets the session key KScm. Then C decrypts contents of item Iz and session key KSc-m. 3.3 Clearing and Settlement Protocol Regularly M sends to CS amount of money spend by C after the M authenticates CC and CS checks amount are consistent before settles account. Steps: 1] M CC: EKAm-cc (IDm, clearingreq), IDm, Rm 2] CC M: EkAm-cc (IDm, TScc, KSm-cs), EKAcc-cs (IDm, TScc, KSm-cs) 3] MCS: KKAm-cs (serial nos, amount, period, EKAcc-cs (IDm, Tscc, KSm-cs) 4] CS M: Acknowledge Step By Step Explanation: 1] M sends clearing request to CC which is encrypted with key KAm-cc. 2] CC checks M’s identity and refuges request if authentication failed. Otherwise CC generates session key KSm-cs for subsequent communication and encrypts session key KSm-cs and timestamp of CC with authentication key KAm-cc and sends encryption to M then M forwards to CS. 3] M gets session key KSm-cs and decrypts message sent by CC. then M encrypts amount of money spent by C during the period with session key KSm-cs and sends to CS. 4] CS checks if the amounts are consistent and sends acknowledgement to M. 4. RSA ALGORITHM RSA is public key algorithm with two different keys used to encrypt and decrypt the data. RSA is used for many application like RSA secured ID, Digital Certificates, Smart cards etc. This algorithm is based on exponentiation takes O ((log n) 3) operation. RSA uses large integers. RSA is basically based on mathematics. First it finds prime numbers and generates a key pair using these two prime numbers. Then encryption and decryption has been done using key pair. 4.1 RSA Key Generation 1. Select two prime numbers p and q. 2. Compute n= p*q. 3. Calculate f (n) = (p-1)*(q-1) 4. Select integer e; gcd(f(n),e)=1 where 1<e<f(n). 5. Calculate d; d= e-1modf (n). 6. Public key Kb = {e, n} 7. Private key Kp= {d, n} We have the private key d and public keys e and n .If we encrypt text we need to first represent it in some numeric form and then simply apply the formula c=me(mod n) where M is plain text and c is cipher ISSN: 0975 – 6728| NOV 10 TO OCT 11 | VOLUME – 01, ISSUE - 02 Page 28 JOURNAL OF INFORMATION, KNOWLEDGE AND RESEARCH COMPUTER SCIENCE AND APPLICATIONS text. If we decrypt cipher text c then apply formula p=cd mod n 4.2 Timing Attacks RSA exploit timing attacks and the inter operand size based on time taken. RSA exploits time taken in exponentiation. The countermeasures are, use constant exponentiation time, add random delay and blind values used in calculations. Once the system is designed the next step is to convert it in to actual code to satisfy user’s requirements as expected. The approved is error free has been implemented. The main aim of the system was to identify malfunctioning of system. Implementation includes proper training to end users. 4.3 Encryption Encryption is done using the public key component e and the modulus n. We encrypt message with their public key (e, n). Encryption is done by taking an exponentiation of the message m with public key e and then taking a modulus of it. Following steps are done in encryption. 1. Obtain recipient’s public key (n, e). 2 .Represent the plain text message as a positive integer m<n. 3. Compute cipher text c=me mod n. 4. Send cipher text to recipient. 4.4 Decryption Decryption is done using private key. Decryption is similar to the encryption except that the keys used are different. Following steps are done in decryption. 1. Recipient uses his private key (n, d) to compute m=cd mod n 2. Extract plain text from the integer representative m. 5. EXPERIMENTAL RESULTS The C and M authenticate with CC indirectly. The time stamp is used in two ways from order form and price form, one is used to protect this transaction from replying attacks and other one is to check whether the price offer is still in effect because price of item is often changed. C authentication with trusted third party CC the registration is as shown in Fig.2. The Merchant M authentication with trusted third party CC the registration is as shown in Fig.3 Fig.3.Merchant registrations with third party CC. Both C and M trusts CC .CC authenticates C by decrypting order form encrypted with authentication key known only to C and CC.CC authenticates M by decrypting price form encrypted with authentication key known only to M and CC. Anonymity is important to prevent a merchant from real identity of customer. The customer’s real identity is protected. Instead of customer’s real identity the nick names TIDc are used for communication with merchant. The nickname is known only to C and CC. The login with nickname and password as shown in fig.4 and The list of options for C are as shown in fig.5. Fig.4. C Login with Nickname and Password. Fig.2.Customer registration and after registration login form with nickname and password. Fig.5. The list of options for customer ISSN: 0975 – 6728| NOV 10 TO OCT 11 | VOLUME – 01, ISSUE - 02 Page 29 JOURNAL OF INFORMATION, KNOWLEDGE AND RESEARCH COMPUTER SCIENCE AND APPLICATIONS Instead of M’s real identity the nick names TIDm are used for communication with merchant. The nickname is known only to M and CC. The login with nickname and password is as shown in fig.3. Fig.6.After registration M login with CC. Confidentiality is to encrypt important data per transaction while in transit. After logged in through nickname and password the list of goods displayed for negotiation as shown in Fig.7. So order is generated after requesting current rate of goods as shown in fig.8.and the order form is generated and encrypted with session key generated by CC. Any other principal could not get the correct content of these goods because he does not know this session key. Fig 7. After logged in through nickname and password the list of goods displayed for negotiation. Fig.8. order is generated after requesting current rate of goods. After placing the purchase order the validation and after validation the account settlement of CS for the customer and merchant as shown in Fig.9. Fig.9.Account settlement of CS for the C and M with previous and current balance. After account settlement CS sends the feed back CC then CC to M and then M to C. Integrity while in transit is the data is protected from being modified and replaced with others. The message digest algorithms are used and hash values of some important information is padded in to order form, price form. Immune from key guessing attack is prevented. The authentication key is created dynamically using one way hash function and it is known only to the respective principal and third party CC. So It is very difficult for any attacker to get information related to secret key by analyzing intercepted data for the dynamic authentication key. Scalability is when AMA can support mobile commerce with RSA .So capability of mobile phone is improved and CC is upgraded to CA. AMA functions as authentication protocol to authenticate. 6. CONCLUSION Using proper mechanism of Protocols and algorithms the mobile micro payment transactions are secured. For this security we have used micro payment negotiation, authentication protocols and RSA algorithm. The AMA model provides security to all principals by generating various respective keys. Customer and merchant authenticate indirectly with each other and communicate with their nickname which is known to respective principal and trusted third party The customer gets goods or services from the merchants in any domain without disclosing privacy and without increasing communication overheads in the air. Most computational effort is moved to wired network side to reduce computational overheads on the mobile phone with limited computational capability and storage. We have explored alternative for tamper resistant system. 7. REFERANCES [1]Zhi-YuanHu, Yao-Wei Liu,Anonymous Micro payment Authentication (AMA) system in mobile data network, IEEE INFOCOM20040-7803-83567/04/$20.00 ©2004 IEEE. ISSN: 0975 – 6728| NOV 10 TO OCT 11 | VOLUME – 01, ISSUE - 02 Page 30 JOURNAL OF INFORMATION, KNOWLEDGE AND RESEARCH COMPUTER SCIENCE AND APPLICATIONS [2]A. Mitchell C.Trinity Coll,Algorithms For Software Implementations Of RSA, Cambridge as appears computers and digital Techniques,IEEE May 1989(Vol, 136,No:3-pp66-170) [3] Amir Hertzberg, Payment Technology for ECommerce, Micro payments PP.245-280,in Editor Prof.Weidong Kou, springer-Verlag, ISBN 3-54044007-0, 2003. [4] New Orleans, Louisiana Sung-Ming Yen, SangJae, RSA speedup with Chinese Remainder Theorem Immune against Hardware Fault Cryptanalysis, December 11-15, 2000. [5] T. Pedersen, Electronic Payments of small amounts, In Fourth Cambridge Workshop on Security Protocols. Springer Verlag, Lecture Notes in Computer Science, April 1996. [4] P.M. Hallam-baker. Micro Payment Transfer Protocol (MPTP) Version 0.1, November 1995. [6] G. Horn and B.Preneel, Authentication and Payment in Future Mobile System, ‘Computer security-ESORICS’98, Lecture Notes in computer Science 14851998, pp.277-293. [7] R.Hauser, M.Stenier and M.Waidner, Micro payments based on ikp, 14th Worldwide Congress on computer and communications and security protection, Paris, 1996, pp.67-82. [8] John Kohl and B. Clifford Neumann. The Kerberos Network Authentication service (Ver.5).IETFRFC1510.Sept.1993. [9] J. Kohl and B. Neumon and T. Ts’o, The Evolution of the Kerberos Authentication Service, In Brazier. And Johansen, D.Distributed Open Systems. Los Alamitos, CS: IEEE Computer Society Press, 1994. [10] Mihir Bellaire and Phillip Rogaway Entity Authentication and Key Distribution, Extended abstract in Advances in Cryptology- CRYPTO 93, Lecture Notes in Computer science Vol.773, D. Stinson ed, and springer-Verlag.1994. [11] M. Bellaire. Garay, R. Hauser, A.Herzberg, etal, iKP- A Family of secure electronic Payment Protocols, In First USENIX Workshop on Electronic Commerce, New York, 1995. [12] Ronald L. Rivest and Adi Shamir, pay Word and MicoMint,Two simple Micro paymentSchemes,CryptoBytes,1996:2(1):pp.7-11. ISSN: 0975 – 6728| NOV 10 TO OCT 11 | VOLUME – 01, ISSUE - 02 Page 31