Rafael Martínez-Peláez

Efficient Certificate Path Validation and Its Application in Mobile Payment Protocols

Certification path validation is a complex task that implies high computational cost. In this process is necessary to verify the binding between the owner of the certificate and his public key. In SET protocol, the customer and merchant require to verify the certification path of their certificates to trust each other. The customer and merchant carry out several cryptographic operations to complete SET protocol including the authentication process. Because mobile devices are limited in terms of processing and storage capacities, it is relevant to reduce the computational cost required by the cryptographic operations. In this paper, we apply TRUTHC (Trust Relationship Using Two Hash Chains) to reduce the computational cost of cryptographic operations carried out by the customer and merchant to complete the certification path validation. In addition, we compare the results using RSA and ECDSA protocols, with a typical PKI.

Study of mobile payment protocols and its performance evaluation on mobile devices

Mobile payment protocols must provide security services (e.g., authentication, authorisation, integrity, privacy and non-repudiation), but the features of mobile devices make it a difficult task, especially when the service requires to perform public key operations. It is very well known, that the public key operations require high execution time of the CPU and battery consumption. In this paper, we computed the computational cost required by each entity in five mobile payment protocols. In addition, we computed the transmission time of each message among different entities. The exchange of message was done using Bluetooth technology. The performance evaluation of each mobile payment protocol defines its feasibility according with the whole time expending during the protocol considering its computational cost and transmission time.

Reducing the computational cost of certification path validation in mobile payment

PKI can improve security of mobile payments but its complexity has made difficult its use in such environment. Certificate path validation is complex in PKI. This demands some storage and processing capacities to the verifier that can exceed the capabilities of mobile devices. In this paper, we propose TRUTHC to reduce computational cost of mobile payment authentication. TRUTHC replaces verification operations with hash operations. Results show a better reduction of the cost with ECDSA than with RSA

Mobile Payment Protocol for Micropayments: Withdrawal and Payment Anonymous

This paper presents an efficient and practical protocol to carry out micropayments, based on the use of anonymous mobile cash, that provides anonymity and unlinkability to customers. The mobile cash used in the protocol can be of different value and denomination. It is official after a bank signs it with a specific private key. The bank stores the relation between the mobile cashs value and its corresponding public key. The scheme prevents double spending and forgery attacks. A mobile device that supports Java applications and Bluetooth technology is required. Through the use of pseudonym certificates customers can be authenticated using WTLS protocol without disclosing personal information. The protocol requires a low computational cost.

P2PM-pay: Person to Person Mobile Payment Scheme Controlled by Expiration Date

Abstract In this paper, we propose P2PM-pay scheme which provides two key points. The first key point is related with the mobile cash. In P2PM-pay scheme, the mobile cash is controlled by the expiration date. The expiration date is embedded into the mobile cash by partial blind signature during the withdrawal date, and the bank does not hold information about the operation. Moreover, we have considered the effective date and deposit date for administrative purposes. The effective date is when customers use their mobile cash to pay for products, and the deposit date is when merchants receive the funds in their bank account. The other key point is related with the authentication process among participants. Although P2PM-pay uses WTLS protocol, we propose a wireless public key infrastructure with an efficient certificate path validation. Furthermore, the design of the proposed scheme achieves successfully the security requirements described in previous works. Consequently, P2PM-pay is secure against well-known attacks and efficient in terms of processing time.

Security Improvement of Two Dynamic ID-based Authentication Schemes by Sood-Sarje-Singh

In 2010, Sood-Sarje-Singh proposed two dynamic ID-based remote user authentication schemes. The first schemeis a security improvement of Liao et al.’s scheme and the second scheme is a security improvement of Wang etal.’s scheme. In both cases, the authors claimed that their schemes can resist many attacks. However, we find thatboth schemes have security flaws. In addition, their schemes require a verification table and time-synchronization,making the schemes unfeasible and unsecured for electronic services. In order to remedy the security flaws ofSood et al.’s schemes, we propose a robust scheme which resists the well-known attacks and achieves all thedesirable security goals.

Efficient remote user authentication scheme using smart cards

In 2009, Kim-Chung proposed a secure remote user authentication scheme. In this paper, we show that Kim-Chung|s scheme does not establish a session key. Moreover, the scheme requires time-synchronisation. In order to remedy these drawbacks, this paper proposes an improvement scheme which fulfils all the security requirements for a remote user authentication scheme. Security analysis proved that the improved scheme resists the typical attacks. Furthermore, the analysis of computational cost and storage capacity demonstrated that the scheme is feasible for a practical implementation.

New multi-channel voting scheme: towards remote e-voting over the internet

This paper proposes a multi-channel voting scheme where every eligible voter can choose his/her voting method, from traditional voting to the remote voting from any location. Therefore, a more natural evolution towards remote voting over the internet can be carried out. The authors describe the procedures for the multi-channel voting scheme, as well as the cryptographic tools and the technology involved in every instance. An important element is the use of the network smart card, which gives robustness to the authentication process. Moreover, a coercion free vote receipt and a multi-casting method which helps to reduce coercion are described.

CT4RDD: Classification trees for research on digital divide

Abstract This paper presents CT4RDD (classification trees for research on digital divide), a novel methodology for the quantitative analysis and modeling of the digital divide phenomenon with an approach of single country. It is inspired on the reputed Quinlan’s C4.5 algorithm to automatically produce classification trees, as implemented in Witten & Frank’s WEKA software toolkit. The methodology is created and evaluated on data from the 2010 Mexican Population and Housing Census that include a number of variables whose interactions involve aspects of the phenomenon; particularly, interactions among Internet service presence in households and a number of features regarding educational and economical levels, genders, ages, housing characteristics, ratios of indigenous population, etc. Discretization is used to represent percentages of presence of Internet in households of municipalities as a nominal target attribute to produce classification trees. Results suggest that the methodology can produce quantitative profiles that describe similarities and differences among a series of municipality classes that present different percentages of presence of Internet in households. The discovered profiles provide scholars, government officials and enterprise managers with valuable insight for research, planning and decision making.

Hierarchical Trust Architecture in a Mobile Ad-Hoc Network Using Ant Algorithms

Trust relationships change frequently in ad-hoc networks, so it is difficult to build certification paths among their nodes. When trust relationships are bidirectional, certification path discovery becomes more difficult because multiple paths can exist between two entities and all the options do not lead to the target entity. On the other hand, certificates can establish relationships of different trust level. In this paper, we propose a protocol that establishes a virtual hierarchy from a peer-to-peer web of trust. This protocol uses swarm intelligence to obtain information about the certification paths and to establish the trustworthiness of each node. Our protocol does not require to issue new certificates among network entities, facilitates the certification path discovery process and the maximum path length can be adapted to the characteristics of users with limited processing and storage capacity.