Security and Internet Commerce. Chapter 27. Security in Transaction Systems. Security is essential in many transaction processing applications Authentication Is the user who he says he is? Authorization What is an authenticated user allowed to do? Only cashiers can write cashier’s checks
Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.
Security and Internet Commerce
ciphertext = Ksender[plaintext]
Ksender = Kreceiver
M = K[K[M]]
abc xza, def tyy, ghi rew, ...
abc bca, def efd, ghi hig, ...
KuPub and KuPri
M = KuPri[KuPub[M]]
e*d 1 (mod (p-1)*(q-1))
C = M e (mod N)
M = C d (mod N)
KPub[KPri[M]] = M
|f (M) | << |M |
M1, M2, M3
M4, M5, M6
M7, M8, M9
v1 v2 v3
Sets have roughly equal size.
Elements of a set are unrelated.
KC, KS[KSess C-S , S, LT] --- C can decrypt this
KS, KS[KSess C-S , C, LT] --- The ticket; C cannot decrypt this
M1: (C, S)
M3: (ticket, authenticator, arguments)
KC, AS[KSess C-TGS , TGS, LT] - session keyfor TGS
KTGS, AS[KSess C-TGS , C, LT] - tkt for service from TGS
KSess,C-TGS[KSess C-S , S, LT] - session key for S
KS, AS[KSess C-S, C, LT] - ticket for S
m1: KGPub[Trans_id, credit_card_info, $_amount]
m2: KMPub[Trans_id, $_amount, desc]
Dual signature: f(m1), f(m2), KCPri[f(f(m1)*f(m2))]
m4: KGPub[Trans_id, $_amount, KMPri[f(Trans_id, $_amount)]]
b-1(KjPri[b(n)]) = b-1(b(KjPri[(n)])) = KjPri[n]
u*u-1 =1 (mod N)
KjPub[u] * n (mod N)
sr = KjPri[KjPub[u]*n]
KjPri[n] = u-1 * sr (mod N)