Solutions to Security Problems of Rivest and Shamir's Pay Word Scheme(Application)(<Special Section>Cryptography and Information Security)
スポンサーリンク
概要
- 論文の詳細を見る
The Pay Word Scheme, invented by Rivest and Shamir, is an efficient micropayment scheme utilizing a hash function. We point out that the scheme has the following problem : a malicious customer can damage the bank by purchasing in excess of the customer's credit which the bank has guaranteed by issuing a certificate. Generally, there are two positions of the bank with regard to the certificate. Position 1 : the bank takes full responsibility for the certificate and compensates all payments created by the customer's purchases ; and Position 2 : the bank does not redeem payments exceeding a limit set for the customer and shares the loss with the shop if trouble occurs. In the Pay Word Scheme, the bank can reduce its risk by adopting Position 2 rather than Position 1. However, this paper points out that the bank can damage the shop in Position 2 by impersonating an imaginary customer and making the shop share the loss with the bank. We propose a micropayment scheme (countermeasure) that overcomes these problems.
- 社団法人電子情報通信学会の論文
- 2005-01-01
著者
-
KOMANO Yuichi
Toshiba Corporation
-
OHTA Kazuo
University of Electro-Communications
-
Aoki S
Nec Shizuoka Ltd. Kakegawa‐shi Jpn
-
ADACHI Norio
Waseda University
-
AOKI Satoshi
Waseda University
-
Aoki S
Waseda University:(present Address)nec Corporation
-
Komano Yuichi
Toshiba Corp. Kawasaki‐shi Jpn
関連論文
- BS-CPA: Built-In Determined Sub-Key Correlation Power Analysis
- Cryptanalysis of Two MD5-Based Authentication Protocols: APOP and NMAC
- Extended Password Recovery Attacks against APOP, SIP, and Digest Authentication
- Toward the Fair Anonymous Signatures : Deniable Ring Signatures(Signatures,Cryptography and Information Security)
- Security of Cryptosystems Using Merkle-Damgård in the Random Oracle Model
- Passive Aligned Hybrid Integrated WDM Transceiver Module Using Planar Lightwave Circuit Platform (Special Issue On Devices, Packaging Technology, and Subsystems for the Optical Access Network)
- Passive Coupling of a Single Mode Optical Waveguide and a Laser Diode/Waveguide Photodiode for a WDM Transceiver Module (Special Issue on Optical Access Networks toward Life Enhancement)
- Extension of Secret Handshake Protocols with Multiple Groups in Monotone Condition
- Cryptanalysis of Two MD5-Based Authentication Protocols : APOP and NMAC
- Practical Password Recovery Attacks on MD4 Based Prefix and Hybrid Authentication Protocols
- Extended Password Recovery Attacks against APOP, SIP, and Digest Authentication
- A Strict Evaluation on the Number of Conditions for SHA-1 Collision Search
- New Message Differences for Collision Attacks on MD4 and MD5
- Improved Collision Attacks on MD4 and MD5(Hash Functions,Cryptography and Information Security)
- Universally composable client-to-client general authenticated key exchange (特集:情報システムを支えるコンピュータセキュリティ技術の再考)
- Universally Composable Hierarchical Hybrid Authenticated Key Exchange(Protocols,Cryptography and Information Security)
- Improved Collision Search for Hash Functions : New Advanced Message Modification
- Provably Secure Untraceable Electronic Cash against Insider Attacks(Discrete Mathematics and Its Applications)
- Fair Exchange of Signatures with Multiple Signers(Discrete Mathematics and Its Applications)
- OAEP-ES : Methodology of Universal Padding Technique (Asymmetric Cipher) (Cryptography and Information Security)
- Solutions to Security Problems of Rivest and Shamir's Pay Word Scheme(Application)(Cryptography and Information Security)
- Provably Secure Multisignatures in Formal Security Model and Their Optimality
- Taxonomical Security Consideration of OAEP Variants(Discrete Mathematics and Its Applications)
- BS-CPA : Built-In Determined Sub-Key Correlation Power Analysis
- Power Analysis against a DPA-Resistant S-Box Implementation Based on the Fourier Transform
- Near-Collision Attacks on MD4 : Applied to MD4-Based Protocols
- Security of Cryptosystems Using Merkle-Damgard in the Random Oracle Model
- Visual Secret Sharing Schemes for Multiple Secret Images Allowing the Rotation of Shares(Discrete Mathematics and Its Applications)
- Ring signatures: universally composable definitions and constructions (特集:情報システムを支えるコンピュータセキュリティ技術の再考)
- Leaky Random Oracle
- FOREWORD
- Universally Composable NBAC-Based Fair Voucher Exchange for Mobile Environments
- How to Shorten a Ciphertext of Reproducible Key Encapsulation Mechanisms in the Random Oracle Model
- Meet-in-the-Middle (Second) Preimage Attacks on Two Double-Branch Hash Functions RIPEMD and RIPEMD-128
- Toward Effective Countermeasures against an Improved Fault Sensitivity Analysis
- Proxiable Designated Verifier Signature
- A New Type of Fault-Based Attack: Fault Behavior Analysis