With the rapid development of computer network technology and digital information technology, e-commerce will become the main business model of the information society. One of its core technologies is to provide an electronic payment system (EPS) that is safe and convenient and can protect user privacy. (e-cash) is a very important electronic payment system. Among them, merchants and users can have their own bank's multi-bank offline electronic cash system more in line with actual needs, which is a hot issue for scholars in various countries. However, electronic cash in the form of numeric strings can easily be copied multiple times, so an important issue in designing a multi-bank offline e-cash solution is to prevent recurring costs. There are two existing offline solutions:
a) Block in advance. Add tamper-proof hardware to the user's e-wallet, typically for single banks. For example, an electronic payment system using Smart Cards, first proposed by S. Brands in 1993.
b) Post hoc testing. When storing, look up the paid electronic cash database. If you find the same record as the e-cash stored this time, the bank will identify the identity of the repeater.
Most existing offline e-cash solutions use only method b) to ensure security. However, if someone owns an account with the wrong identity, or disappears after repeatedly spending a large amount of money, even if the system detects the identity of the repeater afterwards, it cannot compensate for the huge losses already incurred. It can be seen that the method a), which can prevent repeated spending before it occurs, is also very important.
In this paper, the idea of ​​multi-bank offline electronic cash agreement is combined with the above two methods, and an elliptic curve cryptosystem is adopted. A multi-bank offline electronic cash model based on smart card and detailed design of corresponding protocol are proposed. In the case of ensuring user privacy, the protocol uses both pre-blocking and post-testing methods to effectively solve the problem of repeated spending, which reduces the burden of post-mortem detection and enhances the security of the system. At the same time, the introduction of smart cards can be Improve the user's convenience and flexibility in trading, and more realistic with the trend of development.
1 Multi-bank offline electronic cash model based on smart card
This paper proposes a smart card-based multi-bank offline electronic cash model. The model includes the following parties: Bank, User (with their own bank Banki) and Merchant (Shopper, with their own bank Bankj). Different parties implement different agreements to complete electronic transactions.
The characteristics of this model are as follows:
a) A number of banks work together to communicate information and accomplish tasks together.
b) Add a bank-issued, non-tamperable smart card to the user's e-wallet. The smart card and the user's personal computer (PC) complete the agreement by mutual restraint. The limitation of the smart card to the PC is as follows: If the user deletes the information that is unfavorable to himself in the smart card or spends the same electronic cash twice, the smart card does not work; the restriction of the PC to the smart card is: The smart card cannot be directly transmitted to the outside or from the outside The information is received and must be performed by a PC to prevent the smart card from leaking the user's confidential information (such as identity, etc.) and to authenticate each other when the PC and the smart card interact.
In the life cycle of electronic cash, three processes of extraction, payment and storage are required, provided that users and merchants have accounts in their respective banks. If not, you must first apply for a new account at your bank. Therefore, in the process of implementing the agreement, it is divided into four processes: account opening, extraction, payment and storage.
The following is a brief description of the transaction process in a multi-bank offline electronic cash model based on smart cards:
a) Open an account. Users and merchants respectively execute an account opening agreement with their own bank and must go to the bank to confirm. The bank sends the user a smart card, which forms a client-side e-wallet with the PC and participates in the agreement.
b) Extraction. The user and his or her own bank perform an extraction protocol on the authenticated communication channel to extract electronic cash from the user's account. The public key of e-cash includes information generated jointly by the smart card and the PC, and multiple banks perform restricted blind signature on it.
c) Payment. The user and the merchant execute the payment agreement, and the smart card is checked to confirm that there is no repeated spending before the payment can be successfully made. In this process, the merchant does not have to communicate with the bank and the transaction is offline.
d) Storage. The merchant and its own bank execute the storage agreement, and the bank checks whether the cost is repeated or repeated. If not, deposit the electronic cash into the merchant's account; otherwise, the bank can reveal the identity of the user or merchant from two different payment information.
2 Smart card-based multi-bank offline electronic cash agreement
According to the above-mentioned electronic cash transaction process, an elliptic curve cryptosystem is used to design a multi-bank offline electronic cash protocol based on smart cards. In the agreement, a number of banks work together, and the smart card plays a monitoring role while facilitating the user to use the electronic cash, thereby achieving the purpose of preventing the repeated spending in advance.
The initialization of the system is required by multiple banks before the implementation of the agreement, and the user and the merchant must register with their respective bank to obtain an account.
2. 1 establishment of system parameters 2. 2 account opening agreement 2. 3 extraction protocol 2. 4 payment agreement 2. 5 storage protocol
3 Protocol performance analysis
The security of the proposed protocol is mainly based on elliptic curve cryptosystem, restricted blind signature and joint signature. The elliptic curve cryptosystem with the characteristics of "short key, high security" is more conducive to use on a smart card with lower processing power, which can reduce its complexity and cost, and at the same time improve the execution efficiency of the protocol.
3. 1 Fair anonymity
On the one hand, this protocol adopts a kind of scheme abstracted on the basis of Radu's joint signature scheme due to the addition of smart cards. The scheme allows two signers (smart cards and PCs) to jointly sign a message with their private key, such as a response to the merchant's challenge at the time of payment; at the same time, the secret signer's signature private key is required and can be used The public key verifies the signature. In this way, the monitoring program of the bank can be prevented from communicating with other programs, the user's information is leaked, the privacy of the user is protected, and the monitoring program can effectively prevent the repeated spending of the user.
On the other hand, the extraction protocol in this paper is essentially a restricted blind signature protocol. Adding user account information A= s( U??P2 ) in the electronic cash, because the user selects the blind factor s to blind, the bank and the merchant can not see the user's account information, and the user satisfies the merchant and the bank. Anonymity. The bank cannot calculate the account information of the user according to the electronic cash paid once; if the merchant repeats the storage or the user repeatedly pays the electronic cash, the bank can find the account of the merchant or the user according to the newly sent information and the corresponding information already in the database. , so the agreement satisfies fair anonymity.
3. 2 Unforgeability
3. 3 Preventing repeated spending in advance
If the tamper-proof modification of the smart card is not destroyed, the user cannot repeatedly spend e-cash. Because the smart card and the PC work together to participate in the extraction and payment protocol, using the joint signature technology, the PC cannot complete the entire transaction alone. In addition, the smart card stores a set of electronic cash and a binary group (R, y0) composed of the electronic cash serial number it generates, and y0 is a one-time parameter. When paying, the smart card judges whether or not to repeat the cost by looking up (R, y0 ≠0). This method guarantees that each electronic cash can only be spent once.
3. 4 post-test detection repeated costs
If the smart card is accidentally destroyed, or the merchant tries to repeat the storage, the identity of the repeating consumer can still be detected through the bank after-the-fact detection method to ensure the security of the system and protect the interests of the bank.
4 Conclusion
In the process of developing electronic cash from theory to practical application, the research of multi-bank electronic cash is an important issue. From the perspective of practical application, this paper establishes and analyzes a multi-bank offline electronic cash model based on smart card for the repeated spending problem of multi-bank offline electronic cash system. On this basis, the various parts of the protocol are fully described. Finally, the analysis concludes that the proposed protocol can effectively solve the problem of repeated spending, and has good security, fair anonymity, unforgeability and practicability.
Top qualtiy Aluminum Case and box, lightweight, reliable, and water proof, shock-proof, used to carry and storage your expensive IEMS, instruments, cameras, drones and other items. Toprealcase is dedicated to design and manufacture best quality Aluminum case, box;
- There are CNC milling aluminum case with anodized surface process, available in many custom colors.
- Fabricated aluminum case with custom size and interal foam to meet your need.
- Molded aluminum case with custom size and logo.
Aluminum Case
Aluminum Case,Aluminum Storage Box,Aluminium Box,Aluminum Storage Case
Dongguan Topreal bag&case., Ltd. , https://www.toprealcase.com