Secure electronic transaction (SET) is an immensee-commerce protocol designed to improve the security of creditcard purchases.In this paper, we focus on the initial bootstrapping phases of SET, whose objective is the registration of cardholders and merchants with a SET certificate authority. The aim of registration is twofold:getting the approval of the cardholder’s or merchant’s bank andreplacing traditional credit card numbers with electronic creden-tials that cardholders can present to the merchant so that their pri-vacy is protected.These registration subprotocols present a number of challengesto current formal verification methods. First, they do not assumethat each agent knows the public keys of the other agents. Key dis-tribution is one of the protocols’ tasks. Second, SET uses complexencryption primitives (digital envelopes) which introduce depen-dency chains: the loss of one secret key can lead to potentially un-limited losses.Building upon our previous work, we have been able to modeland formally verify SETs registration with the inductive method inIsabelle/HOL (T. Nipkow et al., 2002). We have solved its challengeswith very general techniques.
Verifying the SET Registration Protocols
BELLA, Giampaolo;
2003-01-01
Abstract
Secure electronic transaction (SET) is an immensee-commerce protocol designed to improve the security of creditcard purchases.In this paper, we focus on the initial bootstrapping phases of SET, whose objective is the registration of cardholders and merchants with a SET certificate authority. The aim of registration is twofold:getting the approval of the cardholder’s or merchant’s bank andreplacing traditional credit card numbers with electronic creden-tials that cardholders can present to the merchant so that their pri-vacy is protected.These registration subprotocols present a number of challengesto current formal verification methods. First, they do not assumethat each agent knows the public keys of the other agents. Key dis-tribution is one of the protocols’ tasks. Second, SET uses complexencryption primitives (digital envelopes) which introduce depen-dency chains: the loss of one secret key can lead to potentially un-limited losses.Building upon our previous work, we have been able to modeland formally verify SETs registration with the inductive method inIsabelle/HOL (T. Nipkow et al., 2002). We have solved its challengeswith very general techniques.| File | Dimensione | Formato | |
|---|---|---|---|
|
2003_JSAC.pdf
accesso aperto
Tipologia:
Versione Editoriale (PDF)
Dimensione
641.54 kB
Formato
Adobe PDF
|
641.54 kB | Adobe PDF | Visualizza/Apri |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
