Kerim YILDIRIM, Gökhan DALKILIÇ, Nevcihan DURU

6622

Formally analyzed m-coupon protocol with confirmation code (MCWCC)

  There are many marketing methods used to attract customers' attention and customers search for special discounts and conduct research to get products cheaper. Using discount coupons is one of the widely used methods for obtaining discounts. With the development of technology, classical paper-based discount coupons become e-coupons and then turn into mobile coupons (m-coupons). It is inevitable that retailers will use m-coupon technology to attract customers while mobile devices are used in daily life. As a result, m-coupon technology is a promising technology. One of the significant problems with using m-coupons is security. Here it is necessary to ensure the safety of the seller's and retailer's data and to prevent unnecessary loss of income. In this study, a new m-coupon protocol is proposed and analyzed against well-known attacks: impersonation, man-in-the-middle, eavesdropping, replay, data modification, unauthorized coupon copying/generation, and multiple cash-in attacks. Then, to show that both the client and the retailer's data are at the highest level of security, the protocol is subjected to security analysis with a powerful protocol analysis tool, Scyther. Thus, the proposed protocol is proved to meet all safety criteria. To the best of our knowledge, this protocol is the first m-coupon protocol for which formal security analysis is conducted by the protocol's developers.
Keywords:

Authentication, data security, eavesdropping, formal security analysis tool, man-in-the-middle attack m-coupon, near field communication, Scyther,

PDF

___

  • Tan GWH, Ooi KB, Chong SC, Hew TS. NFC mobile credit card: the next frontier of mobile payment? Telemat Informat 2014; 31: 292-307.
  • Chaudhary S, Garg N. Internet of things: a revolution. Int J Adv Comput Technol 2014; 3: 714-716.
  • Evans D. The Internet of Things: How the Next Evolution of the Internet Is Changing Everything. White Paper by Cisco Internet Business Solutions Group, 2012.
  • Holton B. iPhone 6 and iOS 8: a look at accessibility with the help of iOS without the eye by Jonathan Mosen. AFB AccessWorld Mag 2014; 15, 10.
  • Ghìron SL, Sposato S, Medaglia CM, Moroni A. NFC ticketing: A prototype and usability test of an NFC-based virtual ticketing application. In: 1st International Workshop on Near Field Communication; 24–26 February 2009; Hagenberg, Austria. pp. 45-50.
  • Vives-Guasch A, Payeras-Capellà MM, Macia MP, Castellà-Roca J, Ferrer-Gomila JL. A secure e-ticketing scheme for mobile devices with near field communication (NFC) that includes exculpability and reusability. IEICE T Inf Syst 2012; 95: 78-93.
  • Zhang M, Yao D, Zhou Q. The application and design of QR code in scenic spot’s eTicketing system-a case study of Shenzhen Happy Valley. International Journal of Science and Technology 2012; 2: 817-822.
  • Hsiang HC. A secure and efficient authentication scheme for m-coupon systems. In: 8th International Conference on Future Generation Communication and Networking; 20–23 December 2014; Hainan, China. pp. 17-20.
  • Park SW, Lee IY. Efficient mcoupon authentication scheme for smart poster environment based on low-cost NFC. Int J Secur Appl 2013; 7: 131-138.
  • Hsueh SC, Chen JM. Sharing secure m-coupons for peer-generated targeting via eWOM communications. Electron Commer R A 2010; 9: 283–293.
  • Dominikus S, Aigner M. mCoupons: An application for near field communication (NFC). In: International Confer- ence on Advanced Information Networking and Applications Workshops; 21–23 May 2007; Canada. pp. 421-428.
  • Hsiang HC, Shih WK. Secure mcoupons scheme using NFC. Int J Innov Comput I 2009; 5: 3901-3909.
  • Park SW, Lee IY. Light-weight authentication scheme for NFC mCoupon service in IoT environments. Lect Notes Electr En 2015; 354: 285-299.
  • Chincholle D, Eriksson M, Burden A. Location-sensitive services: it’s now ready for prime time on cellular phones! In: 4th Conference on Designing Interactive Systems: Processes, Practices, Methods, and Techniques; 25–28 June 2002; London, UK. pp. 331-334.
  • Feldhofer M, Dominikus S, Wolkerstorfer J. Strong authentication for RFID systems using the AES algorithm. Lect Notes Comput Sc 2004; 4: 357–370.
  • Aigner M, Dominikus S, Feldhofer M. A system of secure virtual coupons using NFC technology. In: 5th Annual IEEE International Conference on Pervasive Computing and Communications Workshops; 19–23 March 2007; New York, NY, USA. pp. 362-366.
  • Yim J. Design of a smart coupon system. Lect Notes Electr En 2016; 11: 187-198.
  • GSM Association. Mobile NFC Technical Guidelines-V2, 2007.
  • Alshehri A, Briffa JA, Schneider S, Wesemeyer S. Formal security analysis of NFC m-coupon protocols using Casper/FDR. In: 5th International Workshop on Near Field Communication; 5 February 2013; Zurich, Switzerland. pp. 1-6.
  • Hoare CAR. Communicating Sequential Processes. New York, NY, USA: Prentice Hall, 1985.
  • Ryan PYA, Schneider SA, Goldsmith M, Lowe G, Roscoe AW. Modelling and analysis of security protocols. New York, NY, USA: Addison-Wesley Professional, 2001.
  • Cremers C. The Scyther tool: Verification, falsification, and analysis of security protocols. In: 20th International Conference, Computer Aided Verification; 7–14 July 2008; Princeton, NJ, USA. pp. 414-418.
  • Taha AM, Abdel-Hamid AT, Tahar S. Formal verification of IEEE 802.16 security sublayer using Scyther tool. In: Network and Service Security, N2S’09 International Conference; 24–26 June 2009; Paris, France. pp. 1-5.
  • Basin D, Cremers C, Meier S. Provably repairing the ISO/IEC 9798 standard for entity authentication1. IFIP Trans A 2013; 21: 817-846.
  • Cremers C. Key exchange in IPsec revisited: formal analysis of IKEv1 and IKEv2. Lect Notes Comput Sc 2011; 6879: 315-334.
  • Cremers C. Scyther User Manual. Oxford, UK: University of Oxford, 2014.
  • Dickinger A, Kleijnen M. Coupons going wireless: determinants of consumer intentions to redeem mobile coupons. J Interact Mark 2008; 22: 23-39.
  • Tercia CY, Teichert T. How consumers respond to incentivized word of mouth: an examination across gender. Austr Mar J 2017; 25: 46-56.
Turkish Journal of Electrical Engineering and Computer Science-Cover
  • ISSN: 1300-0632
  • Yayın Aralığı: Yılda 6 Sayı
  • Yayıncı: TÜBİTAK
Arşiv
Sayıdaki Diğer Makaleler

İsmail Enes UYSAL

Himanshu SHARMA, Rintu KHANNA, Neelu JAIN

Hıdır DÜZKAYA, Süleyman Sungur TEZCAN

Zhengwang XU, Jiarui ZHANG, Yuchun YI, Cheng CHEN, Jiaqi YU, Wei MEI, Daiwei FENG

Fatih UZGUR, Serdar KOCAMAN

İbtissam AHMIA, Méziane AÏDER

Evren DEĞİRMENCİ

Xiaohui LU, Dong CHEN, Tinghai CHENG, Zhe LI

Mohammad Saeed JAHANGIRY, Saeed SAFARI

Maria Jenisha CHARLES, Ammasaigounden NANJAPPAGOUNDER, Binu Ben Jose DHARMAIANRETNAM