A secure and efficient authenticated encryption for electronic payment systems using elliptic curve cryptography

Electronic Commerce Research

Volumn 16, Issue 1, 2016, Pages 113-139

  Chaudhry, Shehzad Ashraf ^a   Farash, Mohammad Sabzinejad ^b   Naqvi, Husnain ^a   Sher, Muhammad ^a  

^a INTERNATIONAL ISLAMIC UNIVERSITY   (Pakistan)

^b KHARAZMI UNIVERSITY   (Iran)

Author keywords

Authenticated encryption; Digital signature; E payment system; Elliptic curve cryptography; ProVerif; Signcryption

Indexed keywords

AUTHENTICATION; ELECTRONIC DOCUMENT IDENTIFICATION SYSTEMS; ELECTRONIC MONEY; GEOMETRY; NETWORK SECURITY;

AUTHENTICATED ENCRYPTION; AUTHENTICATED ENCRYPTION SCHEME; DIGITAL SIGNATURE; E-PAYMENT SYSTEM; E-PAYMENTS; ELECTRONIC PAYMENT SYSTEMS; PAYMENT SCHEMES; PAYMENT SYSTEMS; PROVERIF; SIGNCRYPTION;

PUBLIC KEY CRYPTOGRAPHY;

EID: 84958043300     PISSN: 13895753     EISSN: 15729362     Source Type: Journal    
DOI: 10.1007/s10660-015-9192-5     Document Type: Article

References (39)

1. Chen, S., & Ning, J. (2002). Constraints on e-commerce in less developed countries: The case of china. Electronic Commerce Research, 2(1–2), 31–42. doi:10.1023/A:1013331817147.
2. Kshetri, N. (2013). Cybercrime and cyber-security issues associated with china: some economic and institutional considerations. Electronic Commerce Research, 13(1), 41–69. doi:10.1007/s10660-013-9105-4.
3. Huang, X., Dai, X., & Liang, W. (2014). Bulapay: A novel web service based third-party payment system for e-commerce. Electronic Commerce Research, 14(4), 611–633. doi:10.1007/s10660-014-9172-1.
4. Chaum, D. (2013). Blind signatures for untraceable payments. In Advances in cryptology—CRYPTO ’86 Proceedings (pp. 199–203). Berlin: Springer.
5. Lysyanskaya, A., & Ramzan, Z. (1998). Group blind digital signatures: A scalable solution to electronic cash. In D. M. Goldschlag & S. G. Stubblebine (Eds.), Financial cryptography (pp. 184–197). Berlin: Springer.
6. Zhang, L., Zhang, F., Qin, B., & Liu, S. (2011). Provably-secure electronic cash based on certificateless partially-blind signatures. Electronic Commerce Research and Applications, 10(5), 545–552.
7. Xiaojun, W. (2010). An e-payment system based on quantum group signature. Physica Scripta, 82(6), 65403.
8. Eslami, Z., & Talebi, M. (2011). A new untraceable off-line electronic cash system. Electronic Commerce Research and Applications, 10(1), 59–66.
9. Yen, Y.-C., Wu, T.-C., Lo, N.-W., & Tsai, K.-Y. (2012). A fair-exchange e-payment protocol for digital products with customer unlinkability. KSII Transactions on Internet and Information Systems, 6(11), 2956–2979.
10. Chen, X., Li, J., Ma, J., Lou, W., & Wong, D. S. (2014). New and efficient conditional e-payment systems with transferability. Future Generation Computer Systems, 37, 252–258.
11. Yang, J.-H., Chang, Y.-F., & Chen, Y.-H. (2013). An efficient authenticated encryption scheme based on ecc and its application for electronic payment. Information Technology And Control, 42(4), 315–324.
12. Farash, M. S., & Attari, M. A. (2014). A secure and efficient identity-based authenticated key exchange protocol for mobile client-server networks. The Journal of Supercomputing, 69(1), 395–411.
13. Irshad, A., Sher, M., Faisal, M. S., Ghani, A., Ul Hassan, M., & Ch, S. A. (2014). A secure authentication scheme for session initiation protocol by using ecc on the basis of the tang and liu scheme. Security and Communication Networks, 7(8), 1210–1218.
14. Irshad, A., Sher, M., Rehman, E., Ch, S. A., Ul Hassan, M., & Ghani, A. (2013). A single round-trip sip authentication scheme for voice over internet protocol using smart card. Multimedia Tools and Applications. doi:10.1007/s11042-013-1807-z.
15. Farash, M. S., & Attari, M. A. (2013). An enhanced authenticated key agreement for session initiation protocol. Information Technology and Control, 42(4), 333–342.
16. Farash, M. S. (2014). Cryptanalysis and improvement of an efficient mutual authentication rfid scheme based on elliptic curve cryptography. The Journal of Supercomputing, 70(1), 987–1001.
17. Farash, M. S., & Attari, M. A. (2014). An anonymous and untraceable password-based authentication scheme for session initiation protocol using smart cards. International Journal of Communication Systems. doi:10.1002/dac.2848.
18. Farash, M. S. (2014). Security analysis and enhancements of an improved authentication for session initiation protocol with provable security. Peer-to-Peer Networking and Applications. doi:10.1007/s12083-014-0315-x.
19. Farash, M. S. (2015). Cryptanalysis and improvement of an improved authentication with key agreement scheme on elliptic curve cryptosystem for global mobility networks. International Journal of Network Management, 25(1), 31–51.
20. Farash, M. S., Kumari, S., & Bakhtiari, M. (2015). Cryptanalysis and improvement of a robust smart card secured authentication scheme on sip using elliptic curve cryptography. Multimedia Tools and Applications. doi:10.1007/s11042-015-2487-7.
21. Farash, M. S., Islam, S. H., & Mohammad, S. O. (2015). A provably secure and efficient two-party password-based explicit uthenticated key exchange protocol resistance to password guessing attacks. Concurrency and Computation: Practice and Experience. doi:10.1002/cpe.3477.
22. Zheng, Y. (1997). Digital signcryption or how to achieve cost (signature & encryption)〈〈 cost (signature) + cost (encryption). In Advances in Cryptology-CRYPTO’97 (pp. 165–179). Berlin: Springer.
23. He, D., Kumar, N., & Chilamkurti, N. (2015). A secure temporal-credential-based mutual authentication and key agreement scheme with pseudo identity for wireless sensor networks, Information Sciences. doi:10.1016/j.ins.2015.02.010
24. He, D., & Zeadally, S. (2015). Authentication protocol for an ambient assisted living system. Communications Magazine, IEEE, 53(1), 71–77.
25. Chaudhry, S., Naqvi, H., Shon, T., Sher, M., & Farash, M. (2015). Cryptanalysis and improvement of an improved two factor authentication protocol for telecare medical information systems. Journal of Medical Systems, 39(6), 1–11. doi:10.1007/s10916-015-0244-0.
26. Abdalla, M., Benhamouda, F., & Pointcheval, D. (2015). Public-key encryption indistinguishable under plaintext-checkable attacks. In Public-Key Cryptography—PKC 2015 (pp. 332–352). Berlin: Springer.
27. Ch, S. A., Nizamuddin, N., Sher, M., Ghani, A., Naqvi, H., & Irshad, A. (2014). An efficient signcryption scheme with forward secrecy and public verifiability based on hyper elliptic curve cryptography. Multimedia Tools and Applications. doi:10.1007/s11042-014-2283-9.
28. Ch, S. A., Nizamuddin, N., & Sher, M. (2012). Public verifiable signcryption schemes with forward secrecy based on hyperelliptic curve cryptosystem. In Information systems, technology and management (pp. 135–142). Springer.
29. Nizamuddin, N., Ch, S. A., Nasar, W., & Javaid, Q. (2011.)Efficient signcryption schemes based on hyperelliptic curve cryptosystem. In 2011 7th IEEE international conference on emerging technologies (ICET) (pp. 1–4).
30. Nizamuddin, N., Ch, S. A., & Amin, N. (2011). Signcryption schemes with forward secrecy based on hyperelliptic curve cryptosystem. In IEEE high capacity optical networks and enabling technologies (HONET), 2011 (pp. 244–247).
31. Zheng, Y. (1997). Digital signcryption or how to achieve cost (signature & encryption) cost (signature) + cost (encryption). In Advances in cryptology-CRYPTO’97 (pp. 165–179). Santa Barbara: Springer.
32. Li, C.-T. (2011). Secure smart card based password authentication scheme with user anonymity. Information Technology and Control, 40(2), 157–162.
33. Hong, J.-W., Yoon, S.-Y., Park, D.-I., Choi, M.-J., Yoon, E.-J., & Yoo, K.-Y. (2011). A new efficient key agreement scheme for vsat satellite communications based on elliptic curve cryptosystem. Information Technology and Control, 40(3), 252–259.
34. Farash, M. S., & Attari, M. A. (2014). A provably secure and efficient authentication scheme for access control in mobile pay-tv systems. Multimedia Tools and Applications. doi:10.1007/s11042-014-2296-4.
35. Johnson, D., Menezes, A., & Vanstone, S. (2001). The elliptic curve digital signature algorithm (ecdsa). International Journal of Information Security, 1(1), 36–63.
36. Xie, Q., Dong, N., Tan, X., Wong, D. S., & Wang, G. (2013). Improvement of a three-party password-based key exchange protocol with formal verification. Information Technology And Control, 42(3), 231–237.
37. Xie, Q., Dong, N., Wong, D. S., & Hu, B. Cryptanalysis and security enhancement of a robust two-factor authentication and key agreement protocol. International Journal of Communication Systems. doi:10.1002/dac.2858
38. Hu, B., Xie, Q., & Li, Y. (2011). Automatic verification of password-based authentication protocols using smart card. In 2011 IEEE international conference on information technology, computer engineering and management sciences (ICM) (Vol. 1, pp. 34–39).
39. Cheval, V., & Blanchet, B. (2013). Proving more observational equivalences with proverif. In D. Basin & J. C. Mitchell (Eds.), Principles of security and trust (pp. 226–246). Berlin: Springer.