Journal of KIISE:Information Networking (한국정보과학회논문지:정보통신)

Korean Institute of Information Scientists and Engineers (한국정보과학회)
권호 표지

Authentication and Key Agreement using Delegating Authority for a Secure Mobile Payment Protocol

안전한 모바일 결제 프로토콜을 위한 위임기관을 사용한 인증과 키 동의

  • 성순화 (충남대학교 공과대학 전기정보통신공학부)
  • Received : 2009.08.25
  • Accepted : 2010.01.20
  • Published : 2010.04.15
Download PDF
⟨ Previous Next ⟩

Abstract

Mobile payment system has many problems in real mobile payment networks because of the characteristics of mobile device and the security of mobile payment process. Specially, the previous suggested mobile payment protocol can not verify a trust of issuing bank. Therefore, this paper has analyzed the efficiency of a mobile payment with a delegating authority for an issuing bank to trust issuing bank. As a result, the mobile payment protocol with a delegating authority for a payment verification of an issuing bank has improved the time complexities for key computation and communication resilience.

모바일 결제 시스템은 모바일 장치의 특성과 모바일 결제 과정의 안전성 때문에 실제 모바일 결제 네트워크에 많은 문제점을 가지고 있다. 특히 이전에 제안된 모바일 결제 프로토콜에서는 결제 기관인 발행 은행의 신뢰 검증을 할 수 없다. 따라서 본 논문에서는 발행 은행의 신뢰성을 높이기 위한 발행 은행 검증 위임 기관을 제안하여, 모바일 결제 효율성을 분석하였다. 그 결과 은행의 결제 검증 위임 기관을 둔 모바일 결제 프로토콜은 키 동의 계산 시간과 통신 신뢰성 회복에서 향상을 보였다.

Keywords

References

  1. T. Weitzel, W. Konig, "Vom E-zum M-Payment" (in German), http://much-magic.wiwi.unifrankfurt.de/profs/mobile/infos.html
  2. Jean-Michel sahut and Malgorzata Galuszewska, "Electronic payment market:A non-optimal equilibrium," Proceedings of the 2004 International Symposium on Applications and the Internet Workshops(SAINTW'04), pp.3-8, 2004.
  3. Antovski, L. and Gusev, M., "M-payments," Proceedings of the 25th International Conference information Technology Interfaces(ITI'03), pp.95-100, 2003.
  4. Agnieszka Zmijewska, "Evaluating wireless technologies in mobile payments-A customer centric approach," Proceedings of the International Conference on Mobile Business(ICMB'05), pp.354-362, 2005
  5. Ondrus, J. and Pigneur, Y., "A distruption analysis in the mobile payment market," Proceedings of the 38th Hawaii International Conference on System Sciences(HICSS-38'05):84c-84c, 2005.
  6. Ashutosh Saxena, Manik Lal Das and Anurag Gupta, MMPS: "A versatile mobile-to-mobile payment system," Proceedings of the International Conference on Mobile Business(ICMB'05), pp.400- 405, 2005.
  7. Delic, N. and Vukasinovic, Ana., "Mobile payment solution-symbiosis between banks, application service providers and mobile network operators," Proceedings of the Third International Conference on Information Technology: New Generations (ITNG'06), pp.346-350, 2006.
  8. Ondrus, J., Camponovo, G., Pigneur, Y., "A proposal for a multi-perspective analysis of the mobile payment environment," Proceedings of the International Conference on Mobile Business(ICMB'05), pp.659- 662, 2005.
  9. Nambiar, S. and CHANG T. L., "M-payment solutions and m-commerce fraud management," Available at: http://europa.nvc.cs.vt.edu/~ctlu/Publication/ M-Payment-Solutions.pdf, September 9, 2004.
  10. Li Xi, Hu Han-ping, "A secure mobile payment system," Computer Technology and Application, ISSN1934-7332, vol.1, no.1, June 2007.
  11. S. Bellovin and M. Merritt, "Encrypted Key Exchanged: Password-Based Protocols Secure Against Dictionary Attacks," In Proc. of IEEE Symposium on Research in Security and Privacy, pp.72-84, 1992.
  12. W. Stallings, Cryptography and Network Security, 4th Edition, Prentice Hall International, 2007.
  13. C. Yang, T. Chang and M. Hwang, "Cryptanalysis of Simple Authenticated Key Agreement Protocols," IEICE Trans. Fundamentals, vol.E87-A, no.8, pp. 2174-2176, 2004.
  14. P. Syverson, "A Taxonomy of Relay Attacks," In Proc. of Computer Security Foundations Workshop VII, pp.187-191, 1994.
  15. S. McCanne and S. Floyd, "NS network simulator," URL: http://www.isi.edu/nsnam/ns