Karşılıklı Kimlik Dogrulaması Saglayan Etkin Elektronik Çek Defteri Seması

1988’de Chaum vd. elektronik çek fikrini ortaya attılar. Ardından, Pasupathinathan vd. elektronik çek defteri çözümü üretmeye çalı¸stılar. Fakat sistemlerinde her bir çek için bir imza bulundugu için, tam bir elektronik çek defteri çözümü sayılmaz. Daha sonra ˘ T.H. Chen vd., Chang vd. ve C.L. Chen vd., W.K Chen vd.’nin çözümünü geli¸stiren çek defteri sistemleri önerdiler. Yakın zamanda Sertkaya ve Kalkar önerilen bu sistemlerin, çek sahteciligine ve manipulasyonlarına kar¸sı dayanıklı olmadıklarını gösterdiler. Ayrıca, ˘ bu sistemlerin nasıl düzeltilecegine dair çözümler önerdiler. Bu sistemlerin güvenli ˘ versiyonları hala daha eski hallerinin temel problemlerini ta¸sımaktadırlar; örnegin, fazla ˘ sayıda özet hesaplama, zaman senkronizasyon problemleri ve çok sayıda ileti¸sim turu. Bu çalı¸sma, kar¸sılıklı kimlik dogrulaması sa ˘ glayan verimli ve güvenli bir elektronik çek ˘ defteri ¸seması önermektedir.

An Efficient Electronic Checkbook Scheme with Mutual Authentication

In 1988, Chaum et al. introduced the idea of electronic check. Then,Pasupathinathan et al. tried to come up with an electronic checkbook scheme. However,their scheme requires signature for each e-check and is not considered as an e-checkbook.Later, three e-checkbook propositions are made by T.H Chen et al., Chang et al., andC.L. Chen et al. based on the scheme of W.K. Chen et al.. Recently, Sertkaya and Kalkarshowed that these three e-checkbook schemes are susceptible to e-check forgery and/ore-check manipulation attacks. They also proposed fixes for these schemes. Nonetheless,fixed versions also carry out drawbacks of the original schemes, like heavy hashingcomputations, time-synchronization issues, and multiple communication rounds. Thisstudy offers an efficient and secure e-checkbook scheme with mutual authentication.

PDF

___

[1] Jee Hea An, Yevgeniy Dodis, and Tal Rabin. On the security of joint signature and encryption. In Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology, EUROCRYPT ’02, pages 83–107, London, UK, UK, 2002. Springer-Verlag.
[2] Milton M. Anderson. The Electronic Check Architecture. Technical report, Financial Services Technology Consortium, 1998.
[3] Bank for International Settlements. Statistics on payment, clearing and settlement systems in the CPMI countries, 2017.
[4] Stefan Brands. An Efficient Off-line Electronic Cash System Based On The Representation Problem. Technical report, Centrum Wiskunde & Informatica (CWI), 1993.
[5] Chin-Chen Chang, Shih-Chang Chang, and Jung-San Lee. An on-line electronic check system with mutual authentication. Computers & Electrical Engineering, 35(5):757 – 763, 2009.
[6] David Chaum, Bert den Boer, Eugène van Heyst, Stig Mjølsnes, and Adri Steenbeek. Efficient offline electronic checks. In Jean-Jacques Quisquater and Joos Vandewalle, editors, Advances in Cryptology — EUROCRYPT ’89, pages 294–301, Berlin, Heidelberg, 1990. Springer Berlin Heidelberg.
[7] David Chaum, Amos Fiat, and Moni Naor. Untraceable electronic cash. In Shafi Goldwasser, editor, Advances in Cryptology — CRYPTO’ 88, pages 319– 327, New York, NY, 1990. Springer New York.
[8] Chin-Ling Chen, Cheng-Hsiung Wu, and Wei-Chech Lin. Improving an on-line electronic check system with mutual authentication. In Proceedings of International Conference on Advanced Information Technologies (AIT 2010), 2010.
[9] Tzung-Her Chen, Shu-Chen Yeh, Kuan-Chieh Liao, and Wei-Bin Lee. A practical and efficient electronic checkbook. Journal of Organizational Computing and Electronic Commerce, 19(4):285–293, 2009.
[10] Wei-Kuei Chen. Efficient on-line electronic checks. Applied Mathematics and Computation, 162(3):1259 – 1263, 2005.
[11] Shafi Goldwasser, Silvio Micali, and Ronald L. Rivest. A digital signature scheme secure against adaptive chosen-message attacks. SIAM J. Comput., 17(2):281–308, April 1988.
[12] M. F. Hinarejos, J. Ferrer-Gomila, G. Draper-Gil, and L. Huguet-Rotger. Anonymity and transferability for an electronic bank check scheme. In 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications, pages 427–435, June 2012.
[13] Jonathan Katz and Yehuda Lindell. Introduction to Modern Cryptography. Chapman & Hall/CRC, 2nd edition, 2014.
[14] S. Kim and H. Oh. A new electronic check system with reusable refunds. International Journal of Information Security, 1(3):175–188, Nov 2002.
[15] Security Requirements For Cryptographic Modules. Federal Information Processing Standards Publication (FIPS) 140-2, National Institute for Standards and Technology, Gaithersburg, MD 20899-8900, USA, 2001.
[16] Guideline for Using Cryptographic Standards in the Federal Government: Cryptographic Mechanisms. NIST Special Publication (SP) 800-175B, National Institute for Standards and Technology, Gaithersburg, MD 20899-8900, USA, 2016.
[17] Vijayakrishnan Pasupathinathan, Josef Pieprzyk, and Huaxiong Wang. Privacy enhanced electronic cheque system. In Seventh IEEE International Conference on E-Commerce Technology (CEC’05), pages 431–434, July 2005.
[18] Aude Plateaux, Patrick Lacharme, Vincent Coquet, Sylvain Vernois, Kumar Murty, and Christophe Rosenberger. An e-payment architecture ensuring a high level of privacy protection. In Tanveer Zia, Albert Zomaya, Vijay Varadharajan, and Morley Mao, editors, Security and Privacy in Communication Networks, pages 305–322, Cham, 2013. Springer International Publishing.
[19] Phillip Rogaway and Thomas Shrimpton. Cryptographic hash-function basics: Definitions, implications and separations for preimage resistance, secondpreimage resistance, and collision resistance. Cryptology ePrint Archive, Report 2004/035, 2004.
[20] C. P. Schnorr. Efficient signature generation by smart cards. Journal of Cryptology, 4(3):161–174, Jan 1991.
[21] Isa Sertkaya and Oznur Kalkar. Forgery Attacks on Some Electronic Checkbook Schemes. submitted 2018.
[22] Visa and MasterCard. SET Secure Electronic Transaction Specification Book 1, 1997.
[23] Wikipedia. International Bank Account Number — Wikipedia, the free encyclopedia, 2019. [Online; accessed 09-January-2019].
[24] Hsiao-Cheng Yu, Kuo-Hua Hsi, and Pei-Jen Kuo. Electronic payment systems: an analysis and comparison of types. Technology in Society, 24(3):331 – 347, 2002.