Abstract
In this paper we describe how to apply identity based cryptography to credit card payments. This would help with reducing the possibility of credit card fraud that is prevalent on the Internet. Our method is founded on the identity-based cryptography and it secures the credit card transactions in such a way that many types of credit card fraud become either impossible or much more difficult for the attacker to perform simply by stealing the credit card number and some related information. Our method would require some changes to the functionality of the credit cards and thus it is not an immediate remedy. However, the decreasing costs of more advanced hardware and the fairly fast cycle of reissuing new credit cards make it possible to include identity-based cryptography methods to credit cards in the near future.
Access provided by Autonomous University of Puebla. Download to read the full chapter text
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000)
Bond, M., Choudary, O., Murdoch, S.J., Skorobogatov, S., Anderson, R.: Chip and skim: cloning emv cards with the pre-play attack. IEEE Symposium on Security and Privacy (2014), http://www.cl.cam.ac.uk/~sjm217/papers/oakland14chipandskim.pdf
Boneh, D., Franklin, M.: Identity-based encryption from the weil pairing. SIAM Journal on Computing 32(3), 586–615 (2003)
Diffie, W., Hellman, M.E.: New directions in cryptography. IEEE Transactions on Information Theory 22(6), 644–654 (1976)
Dutta, R., Barua, R., Sarkar, P.: Pairing-based cryptographic protocols: A survey. Cryptology ePrint Archive, Report 2004/064 (2004), http://eprint.iacr.org/
EMV co.: The EMV 4.3 standard specifications (November 2011), http://www.emvco.com/specifications.aspx?id=223
Fleischhacker, N., Manulis, M., Sadr-Azodi, A.: Modular design and analysis framework for multi-factor authentication and key exchange. Cryptology ePrint Archive, Report 2012/181 (2012), http://eprint.iacr.org/
Goldwasser, S., Micali, S., Rivest, R.L.: A digital signature scheme secure against adaptive chosen-message attacks. SIAM Journal on Computing 17(2), 281–308 (1988)
Hess, F.: Efficient identity based signature schemes based on pairings. In: Nyberg, K., Heys, H.M. (eds.) SAC 2002. LNCS, vol. 2595, pp. 310–324. Springer, Heidelberg (2003)
Jager, T., Kohlar, F., Schäge, S., Schwenk, J.: Generic compilers for authenticated key exchange. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 232–249. Springer, Heidelberg (2010)
Maji, H.K., Prabhakaran, M., Rosulek, M.: Attribute-based signatures. In: Kiayias, A. (ed.) CT-RSA 2011. LNCS, vol. 6558, pp. 376–392. Springer, Heidelberg (2011)
Murdoch, S.J., Anderson, R.: Security protocols and evidence: Where many payment systems fail (2014), http://www.ifca.ai/fc14/papers/fc14_submission_124.pdf
Murdoch, S.J., Anderson, R.: Verified by visa and mastercard securecode: Or, how not to design authentication. In: Sion, R. (ed.) FC 2010. LNCS, vol. 6052, pp. 336–342. Springer, Heidelberg (2010), http://dx.doi.org/10.1007/978-3-642-14577-3_27
Nakamoto, S.: Bitcoin: A peer-to-peer electronic cash system (2008), https://bitcointalk.org/bitcoin.pdf
Okamoto, T., Takashima, K.: Decentralized attribute-based signatures. In: Kurosawa, K., Hanaoka, G. (eds.) PKC 2013. LNCS, vol. 7778, pp. 125–142. Springer, Heidelberg (2013)
Panda Security: The cyber crime black market (2011), http://press.pandasecurity.com/wp-content/uploads/2011/01/The-Cyber-Crime-Black-Market.pdf
PCI Security Standards Council: Payment card industry data security standard v3.0 (2013), https://www.pcisecuritystandards.org/security_standards/documents.php
Schoenmakers, B.: A simple publicly verifiable secret sharing scheme and its application to electronic voting. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 148–164. Springer, Heidelberg (1999)
Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakley, G., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985), http://dx.doi.org/10.1007/3-540-39568-7_5
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Halunen, K., Sailio, M. (2014). Identity-Based Cryptography in Credit Card Payments. In: Kotulski, Z., Księżopolski, B., Mazur, K. (eds) Cryptography and Security Systems. CSS 2014. Communications in Computer and Information Science, vol 448. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-44893-9_5
Download citation
DOI: https://doi.org/10.1007/978-3-662-44893-9_5
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-44892-2
Online ISBN: 978-3-662-44893-9
eBook Packages: Computer ScienceComputer Science (R0)