What is i i KP KP? ? i KP i KP: : i i - -Key Key- -Protocol - - PDF document

what is i i kp kp i kp i kp i i key key protocol protocol
SMART_READER_LITE
LIVE PREVIEW

What is i i KP KP? ? i KP i KP: : i i - -Key Key- -Protocol - - PDF document

Feb 11, 2023 360 likes •411 views

What is i i KP KP? ? i KP i KP: : i i - -Key Key- -Protocol Protocol What is i -Key-Protocol, i = 1, 2, 3, Family of protocols Secure electronic payment Based on credit card payments Christopher Hsu Can be extended

slide-1
SLIDE 1

iKP 1

3/12/2004 1

i iKP KP: : i i-

  • Key

Key-

  • Protocol

Protocol

Christopher Hsu

3/12/2004 2

What is What is i iKP KP? ?

i-Key-Protocol, i = 1, 2, 3, … Family of protocols Secure electronic payment Based on credit card payments Can be extended to debit card and

check payments

3/12/2004 3

History of History of i iKP KP

1995, IBM Research Labs Zurich and

Watson Research Centre

Open industry standard Incorporated into SEPP, SET ZiP: fully operational prototype Did not become commercial product But has been deployed in some

businesses

3/12/2004 4

Initial Assumptions Initial Assumptions

Only partial privacy is emphasized Encryption not used in protocol Can be implemented by other means Or protocol can be extended iKP emphasizes the payment Assumes purchase order is already

known

3/12/2004 5

Parties and Attackers Parties and Attackers

Three parties: Acquirer (A), Merchant

(M), Customer (C)

Three attackers: eavesdropper,

active attacker, insider

3/12/2004 6

Acquirer Requirements Acquirer Requirements

  • A1. Proof of transaction

authorization of customer

  • A2. Proof of transaction

authorization by merchant

slide-2
SLIDE 2

iKP 2

3/12/2004 7

Merchant Requirements Merchant Requirements

  • M1. Proof of transaction

authorization by acquirer

  • M2. Proof of transaction

authorization by customer

3/12/2004 8

Customer Requirements Customer Requirements

  • C1. Unauthorized payment is

impossible

  • C2. Proof of transaction

authorization by acquirer

  • C3. Certification and authentication
  • f merchant
  • C4. Receipt from merchant

3/12/2004 9

Extra Customer Requirements Extra Customer Requirements

  • C5. Privacy
  • C6. Anonymity

3/12/2004 10

Components of the Protocol Components of the Protocol

Keys: PKX, SKX, CERTX Cryptography: H(.), EX(.), SX(.) Quantities: SALTC, PRICE, DATE,

NONCEM, IDM, TIDM, DESC, CAN, RC, CID, Y/N, PIN, V

Discuss 1KP in detail, comparison

with 2KP and 3KP

3/12/2004 11

1KP Protocol Flow 1KP Protocol Flow

Initiate: CM Invoice: CM Payment: CM Auth-Request: MA Auth-Response: MA Confirm: CM SALTC, CID Clear EncSlip Clear, H(DESC,SALTC), EncSlip Y/N, SigA Y/N, SigA Common: PRICE, IDM, TIDM, DATE, NONCEM, CID, H(DESC,SALTC) Clear: IDM, TIDM, DATE, NONCEM, H(Common) SLIP: PRICE, H(Common), CAN, RC, [PIN] EncSlip: EA(SLIP) SigA: SA(Y/N, H(Common))

3/12/2004 12

Removing Nonce and Date Removing Nonce and Date

Initiate: CM Invoice: CM Payment: CM Auth-Request: MA Auth-Response: MA Confirm: CM SALTC, CID Clear EncSlip* Clear, H(DESC,SALTC), EncSlip* Y/N, SigA Y/N, SigA Common: PRICE, IDM, TIDM, DATE, NONCEM, CID, H(DESC,SALTC) Clear: IDM, TIDM, DATE, NONCEM, H(Common) SLIP: PRICE, H(Common), CAN, RC, [PIN] EncSlip: EA(SLIP) SigA: SA(Y/N, H(Common))

slide-3
SLIDE 3

iKP 3

3/12/2004 13

Removing SALT Removing SALTC

C

Initiate: CM Invoice: CM Payment: CM Auth-Request: MA Auth-Response: MA Confirm: CM SALTC, CID Clear EncSlip Clear, H(DESC,SALTC), EncSlip Y/N, SigA Y/N, SigA Common: PRICE, IDM, TIDM, DATE, NONCEM, CID, H(DESC,SALTC) Clear: IDM, TIDM, DATE, NONCEM, H(Common) SLIP: PRICE, H(Common), CAN, RC, [PIN] EncSlip: EA(SLIP) SigA: SA(Y/N, H(Common))

3/12/2004 14

Removing SALT Removing SALTC

C: Invariant

: Invariant

  • - Intruder never knows desc and salt

from same customer invariant "Intruder does not know DESC" forall i: IntruderId do forall j: CustomerId do !int[i].descs[j] | !int[i].salts[j] end end;

3/12/2004 15

What is not fulfilled? What is not fulfilled?

Acquirer’s proof of transaction

authorization by merchant

Merchant’s proof of transaction

authorization by customer

Customer’s certification and

authentication of merchant

Customer’s receipt from merchant

3/12/2004 16

2KP and 3KP 2KP and 3KP

Satisfies deficiencies of 1KP Differs in the number of public keys

available

Guarantees more undeniable

receipts for the transaction

3/12/2004 17

2KP Protocol Flow 2KP Protocol Flow

Initiate: CM Invoice: CM Payment: CM Auth-Request: MA Auth-Response: MA Confirm: CM SALTC, CID Clear, SigM, CERTM EncSlip Clear, H(DESC,SALTC), EncSlip, SigM, CERTM Y/N, SigA Y/N, V, SigA Common: PRICE, IDM, TIDM, DATE, NONCEM, CID, H(DESC,SALTC), H(V) Clear: IDM, TIDM, DATE, NONCEM, H(V), H(Common) SLIP: PRICE, H(Common), CAN, RC EncSlip: EA(SLIP) SigA: SA(Y/N, H(Common)) SigM: SM(H(Common), H(V))

3/12/2004 18

2KP Additions 2KP Additions

Merchant has public/private key and

certificate

Acquirer has certification and

authentication of merchant

Customer has certification and

authentication of merchant

Customer has receipt from merchant

slide-4
SLIDE 4

iKP 4

3/12/2004 19

3KP Protocol Flow 3KP Protocol Flow

Initiate: CM Invoice: CM Payment: CM Auth-Request: MA Auth-Response: MA Confirm: CM SALTC, CID, CERTC Clear, SigM EncSlip, SigC Clear, H(DESC,SALTC), EncSlip, SigM, SigC Y/N, SigA Y/N, V, SigA

Common: PRICE, IDM, TIDM, DATE, NONCEM, CID, H(DESC,SALTC), H(V) Clear: IDM, TIDM, DATE, NONCEM, H(V), H(Common) SLIP: PRICE, H(Common), CAN, RC EncSlip: EA(SLIP) SigA: SA(Y/N, H(Common)) SigM: SM(H(Common), H(V)) SigC: SC(EncSlip, H(Common))

3/12/2004 20

3KP Additions 3KP Additions

Customer has public/private key and

certificate

Merchant has proof of transaction

authorization by customer

3/12/2004 21

i iKP KP Comparison Overview Comparison Overview

** **

  • C4. Receipt from Merchant

** **

  • C3. Certification and Authentication of Merchant

** * *

  • C2. Proof of transaction Authorization by Acquirer

** * *

  • C1. Unauthorized Payment is Impossible

**

  • M2. Proof of Transaction Authorization by Customer

** ** **

  • M1. Proof of Transaction Authorization by Acquirer

** **

  • A2. Proof of Transaction Authorization by Merchant

** * *

  • A1. Proof of Transaction Authorization by Customer

3KP 2KP 1KP Requirements / Protocols

3/12/2004 22

i iKP KP Summary Summary

1KP: simple, merchant is not

authenticated, order and receipt are deniable

2KP: merchant is authenticated 3KP: non-repudiation for all

messages

Intended for gradual deployment

3/12/2004 23

Bibliography Bibliography

1.

Bellare, Mihir et al. Design, Implementation and Deployment

  • f the iKP Secure Electronic Payment System. IEEE Journal
  • f Selected Areas in Communications, VOL 18, NO. 4, April

2000.

2.

Bellare, Mihir et al. iKP – A Family of Secure Electronic Payment Protocols. 1995.