SlideShare a Scribd company logo

1893 1896

E
Editor IJARCET
Economy & FinanceBusiness
1 of 4
Download to read offline
ISSN: 2278 – 1323 International Journal of Advanced Research in Computer Engineering & Technology (IJARCET) Volume 2, No 5, May 2013 1893 www.ijarcet.org  Abstract— In e-commerce, e-payment is one of the most essential research areas. Properly combining the payment protocol with a fair exchange procedure, the payment system allows the consumer and the merchant to fairly exchange their money and merchandise. This paper analysis and addresses the security flaws in a fair e-cash payment system which is based on DSA signature with message recovery and proposes a solution that would ensure user authentication and data integrity. The improved system also defences against threats and misbehaviors related to unfairness and repudiation coming from insiders parties of the transaction. Index Terms— e-commerce, fairness, security, offline, e-cash I. INTRODUCTION The more business is conducted over the Internet, the greater the fair exchange problem is. The fairness has been described with a lot of definitions. The fair exchange ensures no parties gains advantage over the other party by misbehaving [2]. In other words, an exchange is said to be fair if at the end of transaction, each participant receives the expected item or neither dishonest participant receives any valuable information about the other’s item [11,14]. During the last decade, the researches proposed e-cash systems with fairness between consumer and merchant. Integrating fair exchange procedure with the payment protocol, the fair e-cash system, allows the consumer and merchant to exchange fairly their money and merchandise [2]. According to the participation of trusted third party (or bank), electronic cash systems can be classified into two types: online and offline. In an online e-cash system, the issuing bank should play a part in the payment protocol to verify the e-cash [12]. Although it is a simple way to ensure of the validity of payments, it can lead to the bottle-neck of a transaction and become network congestion. An off-line system can enhance performance [5] in which the bank is not involved during the payment procedure. The fairness of the e-cash scheme can be maintained with the help of an offline trusted third party (offline TTP or bank). That is, the consumer and the merchant can exchange their desired items without TTP’s participation. However, only when a party misbehaves, honest party can request the TTP to resolve the problem and ensure the fairness of the transaction. Numerous mechanisms have been proposed for offline e-cash system in the last decade. Most of these systems assumed that the banks and other third authorities are Manuscript received May, 2013. Thae Nu Nge, Faculty of Information and Communication Technology, University of Technology Yatanarpon Cyber City, Pyin Oo Lwin, Myanmar. trustworthy and they did not consider the insider attacks by untrusted authorities [6]. In paper [1] proposed an efficient e-cash system based on DSA multi-signature in which there is no withdrawal stage and e-cash is produced by consumer. It is very efficient because of not only reducing communication cost but also avoiding the storage and lose problem [1,7,8]. However, from the view point of preventing crimes, the security of e-cash system is weak. The scheme does not satisfy the unforgeable property since an adversary can fake a signature for the customer after the exchange phase. This paper addresses the issue of the security of e-cash system based on DSA signature with message recovery feature and adopts the concept of public key cryptosystem to e-cash procedure while still maintaining the efficiency but enhancing e-cash security. The paper is organized as follows. Briefly introduce the concept of the DSA signature with message recovery feature in Section 2. In Section 3, a brief description of fair e-cash scheme based on DSA multi- signature is shown. In Section 4, improved payment system that satisfies the designed properties is proposed. Finally, the conclusion is described in Section 5. II. DSA SIGNATURE FOR MESSAGE RECOVERY FEATURE This section briefly describes the concept of the message recovery feature of DSA signature [3,4,9,10,15]. Let p be a large prime, q be a large integer factor of p-1 and an element g Є Zp * whose order is q. Let x is the private key, y = gx mod p is the public key, k is random number k Є Zq. The signature ( r , s ) of a message m is r = m gk (mod p ), r’ = r(mod q ) , s = k − r’x(mod p ) The public key y is verified by recovering the message m from signature (r , s). That is, m = gs yr’ r (mod p). III. REVIEW OF FAIR E-CASH PAYMENT SCHEME In this section, a brief description of fair e-cash payment scheme based on DSA signature is presented. The basic scheme consists of three participants and four processes: set up process, exchange process, deposit process and dispute resolution process. A.Setup Process In setup process, national bank generates (xB , yB) and publish public key. National bank issues certification for the other branch bank i , CABi = ExB( yBi ) to prove the branch bank’s validity. ( xBi , yBi ) are the secret key and public key of branch bank i. Security Analysis of Fair E-cash Payment System Thae Nu Nge
ISSN: 2278 – 1323 International Journal of Advanced Research in Computer Engineering & Technology (IJARCET) Volume 2, No 5, May 2013 All Rights Reserved © 2013 IJARCET 1894 The consumer generates p, q, g, x, x1, y =gx and y1 = gx1 , and publishes p, q, g. For an exchange information m, consumer computes e-cash (denote as δ= (r, s)) r = mgk (mod p ) , r’ = r (mod q ), s = k − r’x (mod p ) and commitment (denote asδ1= (r1, s1)) , r1 = m gk (mod p), r1’ = r1 (mod q ), s1 = k − r1’x1 (mod p). Consumer contacts bank i to get the public key y certified. The arbitration key x2 is used by bank to make a fair dispute resolution when there is a dissension between user and merchant. The consumer sends y , y1 , δ, δ1 , x2, m, IDc to bank i. Bank i checks m = gs yr’ r (mod p), m = gs y1 r1’ r1 (mod p), s = s1+ r1’ x2 (mod p) is valid. After verifying the validity of all items, bank i issues a signed certificate CAc and an overdraft credit voucher Vc to consumer, where Vc = SigBi ( y1 || N || Eψ ( x2|| IDc )) , CAc = ( ExBi ( y ) || CABi ) , CABi = ExB ( yBi ) N stipulates the largest value of an e-cash which consumer can overdraft based on credit. After the setup process, consumer has (x, y), (x1, y1), x2, Vc, CAc, and bank i has his secret arbitration key x2, and y, y1, Vc , CAc. B. Exchange Process When the consumer wants to purchase the digital merchandise, consumer and merchant cooperate to do the following steps. Where C represents consumer and M represents merchant. 1. C M : Vc , CAc , δ1 2. C M : Er (u) 3. C M : δ Firstly, the consumer choose a number k randomly and compute δ1(r1, s1) on the purchase information m and sends δ1 , Vc and CAc to merchant. Second, merchant can verify the bank’s public key yBi and consumer public key y using the national bank’ public key yB from CAc . From Vc , he obtains public key y1 and checks N. If all items are valid, merchant sends the encrypted merchandise Er(u) to consumer. Otherwise, merchant does not send the merchandise, and stops the protocol. Finally, if consumer satisfies the merchandise, he computes the e-cash δ and sends it to merchant. Otherwise, consumer stops the protocol. After receiving e-cash δ, Merchant verifies δ using y. If it is valid, merchant ends the protocol. Otherwise, merchant requests bank i to resolve the dispute. C.Deposit Process Merchant sends the e-cash δ and CAc to merchant’s bank j. If e-cash δ is valid, bank i transfer financing from consumer’s accounts to bank j. D.Dispute Resolution Process If consumer does not sends the e-cash δ, or if δ is invalid, merchant performs these process. 1. M B : Vc , CAc , δ1 , Er(u), EyBi (r) 2. M B : δ Merchant sends Vc , CAc , δ1, Er(u) and the encrypted session key EyBi (r) to bank i. Bank i use his private key xBi to decrypts EyBi (r) and then recover u using r. Next, he verifies δ1 using the system parameters and keys from CAc and Vc. If everything is valid, bank i generates the e-cash using δ1 and his secret arbitration key x2 as follow: r = r1 , r1’ = r1 mod q , s = s1+r1’x2 mod p. The e-cash δ and encrypted merchandise is sent to merchant and consumer respectively. Otherwise, if bank i checks the invalid of the received item, bank i sends nothing to either party. E.Security Analysis The DSA signature with message recovery feature is vulnerable to existential forgery attacks, that is, given a valid signature of a known message, an adversary can forge a valid signature of another different message without the knowledge of the secret key [3,13,15]. Let A be the signer and an adversary gets A’s signature (r , s) for a message m. Then, the adversary can compute a signature ( r’ , s’) for a message m’ without the knowledge of A’s secret key by the following procedure. The adversary computes r1’= (mr−1 ) g−1 = r1 g−1 = gk −1 (mod p) . Then, sets a message m’ = m g−1 (mod p) , r’ = r and s’ =s-1. Sends (r’ , s’) as a signature of m’, (r’ , s’) is a valid signature of m’ since gs’ yr r = gs-1 yr r = gs yr r g−1 = m g−1 = m’ ( mod p ) By this procedure, an adversary can make the signature on a message mg−1 and also can generate a signature for any message in a subset Sm,g = {mg−n |n ∈ Zq}, within one time known-message attack. It is obvious that an adversary can forge consumer’s e-cash after he got the real e-cash after the exchange process. Hence, the faked e-cash can be verified successfully and there is no evidence that whether merchant makes deposit with the consumer’s real e-cash or not. Moreover, malicious merchant can make the illegal purchase with Vc , CAc and fake e-cash. It may cause a great financial loss to the business partners and dissatisfy the fairness of the exchange. In addition, a malicious bank can forge a fact of honest merchant’s double deposit [6]. IV. IMPROVED FAIR E-CASH PAYMENT SCHEME This section presents the improved fair e-cash payment scheme in order to solve the above flaws. The proposed solution is straightforward and it should not require to much modifications in the overall system. In addition to certified public key y, consumer applies another certified public key e to encrypt e-cash in payment process. Before registration process, the consumer needs to select two large prime numbers: p and q. Modulus n is : n = p × q. A number e is chosen that is 0< e < (p -1) ×(q - 1) and also co-prime: gcd (e; [(p -1) ×(q -1)]) = 1. The public key is: ( n, e). Private key d is d = e-1 (mod (p -1) ×(q -1)).
ISSN: 2278 – 1323 International Journal of Advanced Research in Computer Engineering & Technology (IJARCET) Volume 2, No 5, May 2013 1895 www.ijarcet.org A. Setup Process The registration process is the same procedure as the above protocol except the consumer submits the public key ( n , e ) to bank i . For an exchange information m, consumer computes e-cash (denote as δ = (r , s))and commitment (denote as δ1 = (r ,s )) as follow. r = m gk (mod p ) , r’ = r (mod q ) , s = k − r’x (mod p ) r1 = m gk (mod p ), r1’ = r1 (mod q ) , s1 = k − r1’x1 (mod p ) . After computing e-cash and commitment signature, the consumer encrypts them using his private key d. That is, e-cash δ:(r,s) is encrypted as δ’:(cr ,cs) as follow. cr = rd mod n , cs = sd mod n The encrypted commitment δ1’:( cr1, cs1) is computed as follow. cr1 = r1 d mod n , cs1 = s1 d mod n Next, consumer sends y, y1 , e , δ’:( cr, cs), δ1’:( cr 1, cs1), x2, m, IDc to bank i. Bank i recover the e-cash δ:(r, s) and commitment signature δ1(r1, s1) using public key (n,e) as follow. r = cr1 e mod n , s = cs e mod n and r1 = cr1 e mod n , s1 = cs1 e mod n After that, Bank i checks m = gs yr’ r (mod p) , m = gs y1 r1’ r1 (mod p) , s = s1+ r1’ x2 mod p is valid. After verifying the validity of all items, bank i issues a signed certificate CAc and an overdraft credit voucher Vc to consumer, where Vc = SigBi ( y1 || N || Eψ ( x2|| IDc )) , CAc = ( ExBi ( y || e) || CABi ) , CABi = ExB ( yBi ) After the setup process, consumer has (x, y), (x1, y1), x2, (e,d), Vc , CAc and bank i has his authentic public key e and y, y1, x2, Vc , CAc . B. Exchange Process When the consumer want to purchase the digital merchandise, the consumer and the merchant cooperate to do the following steps. 1. C M : Vc , CAc , δ1’ 2. C M : Er (u) 3. C M : δ At first, the consumer picks a number k randomly, and computes δ1:(r1, s1) for the purchase information m (which might contain consumer's unique identity, merchant's unique account number, price, description and date of transaction). To prevent the signature δ1:(r1, s1) modified or forged, the consumer encrypts commitment signature using his private key d, cr1 = r1 d mod n , cs1 = s1 d mod n and sends δ1’:( cr1, cs1), Vc and CAc to merchant. Secondly, merchant can verify consumer’s public key y and e using CAc. Merchant can recover the commitment δ1:(r1, s1) from δ1’:( cr1, cs1) using consumer’s authentic public key e as follow. r1 = cr1 e mod n , s1 = cs1 e mod n Then verifies the signature m = gs1 y1 r1’ r1 (mod p) If all items are valid, merchant sends encrypted merchandise to consumer. Finally, receiving expected merchandise, consumer computes e-cash δ:(r,s) and encrypts as δ’:( cr, cs) as follow and sends it to merchant. cr = rd mod n , cs = sd mod n Merchant checks the validity of δ’ using e and y as follow. r = cr e mod n , s = cs e mod n m = g s y r’ r (mod p) If both of them are valid, merchant ends the protocol. Otherwise, merchant performs the dispute resolution process. C. Deposit Process Merchant sends the e-cash δ’ and CAc to merchant’s bank j. Bank j verifies CABi using yB, verifies CAc using yBi . Bank j recovers the e-cash δ from δ’ using consumer’ authentic public key e and verifies e-cash using y. If merchant has not deposit e-cash before, bank j deposits it in her account. D. Dispute Resolution Process If consumer does not sends the e-cash, or if e-cash is invalid, merchant performs these processes. 1. M B : Vc , CAc , δ1’ , Er(u), EyBi (r) 2. M B : δ After receiving Vc , CAc , δ1’ , Er(u), EyBi (r) from merchant, bank i decrypts EyBi (r) using his private key xBi, and uses r to recover u. Next, he verifies δ1 using the system parameters and keys from CAc and Vc. Bank i recovers the δ1 from δ1’ using consumer’ authentic public key e and verifies δ1 using y. If everything is valid, bank i generates the e-cash using δ1 and his secret arbitration key x2 as follow: r = r1 , r1’ = r1 mod q , s = s1+r1’x2 mod p. The e-cash and encrypted merchandise is sent to merchant and consumer respectively. Otherwise, if bank i checks the invalid of the received item, bank i sends nothing to either party. E. Security Analysis In this section, the security issues with respect to the proposed system will be discussed. Authentication analysis: In improved system, part of e-cash is encrypted using public and private key pair (e,d), e-cash is still produced by consumer. During the exchange process, the consumer must prove the merchant that he is the owner of e-cash. Upon receiving δ1’:( cr1, cs1), the merchant compute r1= cr1 e mod n , s1 = cs1 e mod n . Even if someone can get CAc , Vc and fake signature, he can’t prove that he is the holder of CAc and Vc because he can’t produce δ1’:( cr1, cs1), without obtaining d. During the deposit process, the bank verifies the e-cash using public key e also ensures that e-cash is a valid one generated by consumer, not a modified one by merchant. The previous proposed system can’t hold this property because an adversary can make use of CAc, Vc and fake signature in another purchases as described in session 3.5. Therefore, encrypting the e-cash using key pair (e, d) makes the e-cash secure and ensures authentication of the system processes.
ISSN: 2278 – 1323 International Journal of Advanced Research in Computer Engineering & Technology (IJARCET) Volume 2, No 5, May 2013 All Rights Reserved © 2013 IJARCET 1896 Non-repudiation analysis: After the exchange phase, consumer cannot deny that he had spent the e-cash because only the consumer who knows the private key d could perform the computation of δ1’:( cr1, cs1),. As a result, the improved scheme gives the evidence of origin and fulfills non-repudiation. Integrity analysis: Because producing δ1’:( cr1, cs1), results that the e-cash is a valid one generated by the consumer. Although an adversary can successfully produce the forge e-cash, he can’t encrypt it without knowing consumer’s private key d. If an adversary deposits forged or modified e-cash (r’,s’), bank can check immediately. Thus, the adversary can’t make a deposit with the forge e-cash. Clearly, it also prevents the dishonest merchant initiating the dispute resolution process with a fake e-cash. For this reason, the improved scheme prevents the effects of existential forgery attack and confirms that data integrity is not violated. Impersonation analysis: Because the consumer’s private key is not stored in the database of the bank, the malicious bank employee can’t produce e-cash from the honest consumer’s account by impersonating the consumer with the secret key. Therefore, this incomplete information (for the bank) enhances security against the impersonation by the malicious bank [6]. Also, malicious bank cannot issue a consumer’s e-cash without the consumer’s agreement. In addition, a malicious bank cannot forge a fact of honest merchant’s double deposit. V. CONCLUSION This paper addresses the security issue of e-cash system based on DSA signature with message recovery feature and shows the weakness of that system. The improved scheme encrypts the e-cash using public key cryptosystem during the exchange phase that prevents the effects of existential forgery attack and overcomes the weakness. The proposed solution is straightforward and it should not require to much modifications in the overall system. Hence, integrating authentic public key for e-cash verification satisfies the two basic requirements: authenticity and integrity and makes the fair offline e-cash payment systems securely workable. In the future, it needs to formalize both the protocol and the security requirements that it needs to meet, and then verify that the requirements are met indeed using one of the formal verification methods such as AVISPA. ACKNOWLEDGMENT I would like to thank my supervisor and all of my teachers for their helpful comments in improving our manuscript. REFERENCES [1] Zhaoxia, Wang Shaobin, Nu Shuwang , “A DSA Multi-Signature Protocol and Applying in E-Bank and E-Voting”, IEEE 978-1-4244-5895-0, 2010. [2] C-H Wang and W-M Chiang, “The Design of a Novel E-cash System with the Fairness Property and Its Implementation in Wireless Communications”, Department of Computer Science and Information Engineering National Chiayi University , Journal of Computers Vol.18, No.2, July 2007. [3] Atsuko Miyaji, “Weakness in Message recovery signature scheme based on discrete logarithm problems 1”, IEICE Japan Tech. Rep., ISEC95-11, 1994. [4] Y.-M. Tseng, “Digital signature with message recovery using self-certified public keys and its variants”, Applied Mathematics and Computation 136 (2003) 203–214. [5] C. Popescu, “A Secure E-Cash Transfer System based on the Elliptic Curve Discrete Logarithm Problem”, INFORMATICA, vol. 22, No. 3, 395–409, 2011. [6] T.Nishide, S.Miyazaki, K.Sakurai, “Security Analysis of Offline E-cash Systems with Malicious Insider”, Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications, vol. 3, number: 1/2, pp. 55-71. [7] Lei Hu, "Fair E-cash Payment Model on Credit O", 2006 IEEE Asia-Pacific Conference on Services Computing (APSCC 06), 12/2006. [8] Guohua Cui, "A fair e-cash payment scheme based on credit", in Proc. 7th international conference on Electronic commerce - ICEC 05 ICEC 05, 2005. [9] Gao, C. zhi, D. Xie, J. Li, B. Wei, and H. Tian. "Deniably Information-Hiding Encryptions Secure against Adaptive Chosen Ciphertext Attack", Fourth International Conference on Intelligent Networking and Collaborative Systems, 2012. [10] Tseng, Y.M.,"Digital signature with message recovery using self-certified public keys and its variants", Applied Mathematics and Computation, 20030315. [11] Xian Zhu. "Optimistic fair-exchange protocols based on DSA signatures", IEEE International Conference on Services Computing 2004 (SCC 2004) Proceedings 2004, 2004 [12] Al-Fayoumi, Mohammad. "Practical E-Payment Scheme", International Journal of Computer Science Issues (IJCSI)/16940784, 20100501 [13] Zichen Li. "A new forgery attack on message recovery signatures", Journal of Electronics (China), 07/2000 [14] Xinmei Wang. "Fair Exchange Signature Schemes", 22nd International Conference on Advanced Information Networking and Applications - Workshops (aina workshops 2008), 03/2008 [15] Kaisa Nyberg. "Message recovery for signature schemes based on the discrete logarithm problem", Lecture Notes in Computer Science, 1995 Thae Nu Nge received Master degree in Information Technology from Mandalay Technological University, Myanmar in 2009. Now she is currently pursuing Ph.D degree in security protocols and electronic payments systems. Research interests include cryptography, network security, security protocols and electronic payment systems.

Recommended

Diffie-Hellman Algorithm and Anonymous Micropayments Authentication in Mobile...
Diffie-Hellman Algorithm and Anonymous Micropayments Authentication in Mobile...Diffie-Hellman Algorithm and Anonymous Micropayments Authentication in Mobile...
Diffie-Hellman Algorithm and Anonymous Micropayments Authentication in Mobile...IOSR Journals
 
P8 a blockchain framework for insurance processes
P8 a blockchain framework for insurance processesP8 a blockchain framework for insurance processes
P8 a blockchain framework for insurance processesdevid8
 
The 3-D Secure Protocol
The 3-D Secure ProtocolThe 3-D Secure Protocol
The 3-D Secure ProtocolVlad Petre
 
B.Noviansyah - “National Public Key Infrastructure: Friend or Foe?"
B.Noviansyah - “National Public Key Infrastructure: Friend or Foe?"B.Noviansyah - “National Public Key Infrastructure: Friend or Foe?"
B.Noviansyah - “National Public Key Infrastructure: Friend or Foe?"idsecconf
 
CREDITSEC - Next Generation Credit Card Security
CREDITSEC - Next Generation Credit Card SecurityCREDITSEC - Next Generation Credit Card Security
CREDITSEC - Next Generation Credit Card SecurityRahul Tyagi
 
ROLE OF MULTIPLE ENCRYPTION IN SECURE ELECTRONIC TRANSACTION
ROLE OF MULTIPLE ENCRYPTION IN SECURE ELECTRONIC TRANSACTIONROLE OF MULTIPLE ENCRYPTION IN SECURE ELECTRONIC TRANSACTION
ROLE OF MULTIPLE ENCRYPTION IN SECURE ELECTRONIC TRANSACTIONIJNSA Journal
 
Ecommerce Chap 08
Ecommerce Chap 08Ecommerce Chap 08
Ecommerce Chap 08Pimsat University
 
1699 1704
1699 17041699 1704
1699 1704Editor IJARCET
 

Recommended

Diffie-Hellman Algorithm and Anonymous Micropayments Authentication in Mobile...
Diffie-Hellman Algorithm and Anonymous Micropayments Authentication in Mobile...Diffie-Hellman Algorithm and Anonymous Micropayments Authentication in Mobile...
Diffie-Hellman Algorithm and Anonymous Micropayments Authentication in Mobile...IOSR Journals
 
P8 a blockchain framework for insurance processes
P8 a blockchain framework for insurance processesP8 a blockchain framework for insurance processes
P8 a blockchain framework for insurance processesdevid8
 
The 3-D Secure Protocol
The 3-D Secure ProtocolThe 3-D Secure Protocol
The 3-D Secure ProtocolVlad Petre
 
B.Noviansyah - “National Public Key Infrastructure: Friend or Foe?"
B.Noviansyah - “National Public Key Infrastructure: Friend or Foe?"B.Noviansyah - “National Public Key Infrastructure: Friend or Foe?"
B.Noviansyah - “National Public Key Infrastructure: Friend or Foe?"idsecconf
 
CREDITSEC - Next Generation Credit Card Security
CREDITSEC - Next Generation Credit Card SecurityCREDITSEC - Next Generation Credit Card Security
CREDITSEC - Next Generation Credit Card SecurityRahul Tyagi
 
ROLE OF MULTIPLE ENCRYPTION IN SECURE ELECTRONIC TRANSACTION
ROLE OF MULTIPLE ENCRYPTION IN SECURE ELECTRONIC TRANSACTIONROLE OF MULTIPLE ENCRYPTION IN SECURE ELECTRONIC TRANSACTION
ROLE OF MULTIPLE ENCRYPTION IN SECURE ELECTRONIC TRANSACTIONIJNSA Journal
 
Ecommerce Chap 08
Ecommerce Chap 08Ecommerce Chap 08
Ecommerce Chap 08Pimsat University
 
1699 1704
1699 17041699 1704
1699 1704Editor IJARCET
 
Ijarcet vol-2-issue-3-951-956
Ijarcet vol-2-issue-3-951-956Ijarcet vol-2-issue-3-951-956
Ijarcet vol-2-issue-3-951-956Editor IJARCET
 
Ijarcet vol-2-issue-7-2277-2280
Ijarcet vol-2-issue-7-2277-2280Ijarcet vol-2-issue-7-2277-2280
Ijarcet vol-2-issue-7-2277-2280Editor IJARCET
 
Ijarcet vol-2-issue-7-2341-2343
Ijarcet vol-2-issue-7-2341-2343Ijarcet vol-2-issue-7-2341-2343
Ijarcet vol-2-issue-7-2341-2343Editor IJARCET
 
Volume 2-issue-6-1974-1978
Volume 2-issue-6-1974-1978Volume 2-issue-6-1974-1978
Volume 2-issue-6-1974-1978Editor IJARCET
 
Ijarcet vol-2-issue-7-2273-2276
Ijarcet vol-2-issue-7-2273-2276Ijarcet vol-2-issue-7-2273-2276
Ijarcet vol-2-issue-7-2273-2276Editor IJARCET
 
Ijarcet vol-2-issue-7-2208-2216
Ijarcet vol-2-issue-7-2208-2216Ijarcet vol-2-issue-7-2208-2216
Ijarcet vol-2-issue-7-2208-2216Editor IJARCET
 
Volume 2-issue-6-2021-2029
Volume 2-issue-6-2021-2029Volume 2-issue-6-2021-2029
Volume 2-issue-6-2021-2029Editor IJARCET
 
Security Architecture for On-Line Mutual Funds Trading With Multiple Mobile A...
Security Architecture for On-Line Mutual Funds Trading With Multiple Mobile A...Security Architecture for On-Line Mutual Funds Trading With Multiple Mobile A...
Security Architecture for On-Line Mutual Funds Trading With Multiple Mobile A...CSCJournals
 
Secure E-payment Protocol
Secure E-payment ProtocolSecure E-payment Protocol
Secure E-payment ProtocolCSCJournals
 
P0176598101
P0176598101P0176598101
P0176598101IOSR Journals
 
Protocol Payment in M-commerce Transaction
Protocol Payment in M-commerce TransactionProtocol Payment in M-commerce Transaction
Protocol Payment in M-commerce Transactioniosrjce
 
An Identification and Detection of Fraudulence in Credit Card Fraud Transacti...
An Identification and Detection of Fraudulence in Credit Card Fraud Transacti...An Identification and Detection of Fraudulence in Credit Card Fraud Transacti...
An Identification and Detection of Fraudulence in Credit Card Fraud Transacti...IRJET Journal
 
Wic2010b
Wic2010bWic2010b
Wic2010bHai Nguyen
 
Paper id 2320146
Paper id 2320146Paper id 2320146
Paper id 2320146IJRAT
 
Divisible Transferable Anonymous Electronic Cash System for General Use
Divisible Transferable Anonymous Electronic Cash System for General UseDivisible Transferable Anonymous Electronic Cash System for General Use
Divisible Transferable Anonymous Electronic Cash System for General UseIJERD Editor
 
ENFORCING SET AND SSL PROTOCOLS IN EPAYMENT
ENFORCING SET AND SSL PROTOCOLS IN EPAYMENTENFORCING SET AND SSL PROTOCOLS IN EPAYMENT
ENFORCING SET AND SSL PROTOCOLS IN EPAYMENTijcsit
 
ENFORCING SET AND SSL PROTOCOLS IN EPAYMENT
ENFORCING SET AND SSL PROTOCOLS IN EPAYMENTENFORCING SET AND SSL PROTOCOLS IN EPAYMENT
ENFORCING SET AND SSL PROTOCOLS IN EPAYMENTAIRCC Publishing Corporation
 
J017216164
J017216164J017216164
J017216164IOSR Journals
 
Analysis of Spending Pattern on Credit Card Fraud Detection
Analysis of Spending Pattern on Credit Card Fraud DetectionAnalysis of Spending Pattern on Credit Card Fraud Detection
Analysis of Spending Pattern on Credit Card Fraud DetectionIOSR Journals
 
Enforcing Set and SSL Protocols in E-Payment
Enforcing Set and SSL Protocols in E-PaymentEnforcing Set and SSL Protocols in E-Payment
Enforcing Set and SSL Protocols in E-PaymentAIRCC Publishing Corporation
 
Application of Data Mining and Machine Learning techniques for Fraud Detectio...
Application of Data Mining and Machine Learning techniques for Fraud Detectio...Application of Data Mining and Machine Learning techniques for Fraud Detectio...
Application of Data Mining and Machine Learning techniques for Fraud Detectio...Christian Adom
 
Application to Quickly and Safely Store and Recover Credit Card’s Information...
Application to Quickly and Safely Store and Recover Credit Card’s Information...Application to Quickly and Safely Store and Recover Credit Card’s Information...
Application to Quickly and Safely Store and Recover Credit Card’s Information...IRJET Journal
 

More Related Content

Viewers also liked

Ijarcet vol-2-issue-3-951-956
Ijarcet vol-2-issue-3-951-956Ijarcet vol-2-issue-3-951-956
Ijarcet vol-2-issue-3-951-956Editor IJARCET
 
Ijarcet vol-2-issue-7-2277-2280
Ijarcet vol-2-issue-7-2277-2280Ijarcet vol-2-issue-7-2277-2280
Ijarcet vol-2-issue-7-2277-2280Editor IJARCET
 
Ijarcet vol-2-issue-7-2341-2343
Ijarcet vol-2-issue-7-2341-2343Ijarcet vol-2-issue-7-2341-2343
Ijarcet vol-2-issue-7-2341-2343Editor IJARCET
 
Volume 2-issue-6-1974-1978
Volume 2-issue-6-1974-1978Volume 2-issue-6-1974-1978
Volume 2-issue-6-1974-1978Editor IJARCET
 
Ijarcet vol-2-issue-7-2273-2276
Ijarcet vol-2-issue-7-2273-2276Ijarcet vol-2-issue-7-2273-2276
Ijarcet vol-2-issue-7-2273-2276Editor IJARCET
 
Ijarcet vol-2-issue-7-2208-2216
Ijarcet vol-2-issue-7-2208-2216Ijarcet vol-2-issue-7-2208-2216
Ijarcet vol-2-issue-7-2208-2216Editor IJARCET
 
Volume 2-issue-6-2021-2029
Volume 2-issue-6-2021-2029Volume 2-issue-6-2021-2029
Volume 2-issue-6-2021-2029Editor IJARCET
 

Viewers also liked (7)

Ijarcet vol-2-issue-3-951-956
Ijarcet vol-2-issue-3-951-956Ijarcet vol-2-issue-3-951-956
Ijarcet vol-2-issue-3-951-956
 
Ijarcet vol-2-issue-7-2277-2280
Ijarcet vol-2-issue-7-2277-2280Ijarcet vol-2-issue-7-2277-2280
Ijarcet vol-2-issue-7-2277-2280
 
Ijarcet vol-2-issue-7-2341-2343
Ijarcet vol-2-issue-7-2341-2343Ijarcet vol-2-issue-7-2341-2343
Ijarcet vol-2-issue-7-2341-2343
 
Volume 2-issue-6-1974-1978
Volume 2-issue-6-1974-1978Volume 2-issue-6-1974-1978
Volume 2-issue-6-1974-1978
 
Ijarcet vol-2-issue-7-2273-2276
Ijarcet vol-2-issue-7-2273-2276Ijarcet vol-2-issue-7-2273-2276
Ijarcet vol-2-issue-7-2273-2276
 
Ijarcet vol-2-issue-7-2208-2216
Ijarcet vol-2-issue-7-2208-2216Ijarcet vol-2-issue-7-2208-2216
Ijarcet vol-2-issue-7-2208-2216
 
Volume 2-issue-6-2021-2029
Volume 2-issue-6-2021-2029Volume 2-issue-6-2021-2029
Volume 2-issue-6-2021-2029
 

Similar to 1893 1896

Security Architecture for On-Line Mutual Funds Trading With Multiple Mobile A...
Security Architecture for On-Line Mutual Funds Trading With Multiple Mobile A...Security Architecture for On-Line Mutual Funds Trading With Multiple Mobile A...
Security Architecture for On-Line Mutual Funds Trading With Multiple Mobile A...CSCJournals
 
Secure E-payment Protocol
Secure E-payment ProtocolSecure E-payment Protocol
Secure E-payment ProtocolCSCJournals
 
Protocol Payment in M-commerce Transaction
Protocol Payment in M-commerce TransactionProtocol Payment in M-commerce Transaction
Protocol Payment in M-commerce Transactioniosrjce
 
An Identification and Detection of Fraudulence in Credit Card Fraud Transacti...
An Identification and Detection of Fraudulence in Credit Card Fraud Transacti...An Identification and Detection of Fraudulence in Credit Card Fraud Transacti...
An Identification and Detection of Fraudulence in Credit Card Fraud Transacti...IRJET Journal
 
Paper id 2320146
Paper id 2320146Paper id 2320146
Paper id 2320146IJRAT
 
Divisible Transferable Anonymous Electronic Cash System for General Use
Divisible Transferable Anonymous Electronic Cash System for General UseDivisible Transferable Anonymous Electronic Cash System for General Use
Divisible Transferable Anonymous Electronic Cash System for General UseIJERD Editor
 
ENFORCING SET AND SSL PROTOCOLS IN EPAYMENT
ENFORCING SET AND SSL PROTOCOLS IN EPAYMENTENFORCING SET AND SSL PROTOCOLS IN EPAYMENT
ENFORCING SET AND SSL PROTOCOLS IN EPAYMENTijcsit
 
Analysis of Spending Pattern on Credit Card Fraud Detection
Analysis of Spending Pattern on Credit Card Fraud DetectionAnalysis of Spending Pattern on Credit Card Fraud Detection
Analysis of Spending Pattern on Credit Card Fraud DetectionIOSR Journals
 
Application of Data Mining and Machine Learning techniques for Fraud Detectio...
Application of Data Mining and Machine Learning techniques for Fraud Detectio...Application of Data Mining and Machine Learning techniques for Fraud Detectio...
Application of Data Mining and Machine Learning techniques for Fraud Detectio...Christian Adom
 
Application to Quickly and Safely Store and Recover Credit Card’s Information...
Application to Quickly and Safely Store and Recover Credit Card’s Information...Application to Quickly and Safely Store and Recover Credit Card’s Information...
Application to Quickly and Safely Store and Recover Credit Card’s Information...IRJET Journal
 
Card payment evolution v1.0
Card payment evolution v1.0Card payment evolution v1.0
Card payment evolution v1.0Nugroho Gito
 
Implementing a Secured E-Payment Authorisation System Using Two-Factor Authen...
Implementing a Secured E-Payment Authorisation System Using Two-Factor Authen...Implementing a Secured E-Payment Authorisation System Using Two-Factor Authen...
Implementing a Secured E-Payment Authorisation System Using Two-Factor Authen...IJRESJOURNAL
 
A Research Paper on Credit Card Fraud Detection
A Research Paper on Credit Card Fraud DetectionA Research Paper on Credit Card Fraud Detection
A Research Paper on Credit Card Fraud DetectionIRJET Journal
 
A secure payment scheme in multihop wireless network by trusted node identifi...
A secure payment scheme in multihop wireless network by trusted node identifi...A secure payment scheme in multihop wireless network by trusted node identifi...
A secure payment scheme in multihop wireless network by trusted node identifi...prjpublications
 
A secure payment scheme in multihop
A secure payment scheme in multihopA secure payment scheme in multihop
A secure payment scheme in multihopprj_publication
 

Similar to 1893 1896 (20)

Security Architecture for On-Line Mutual Funds Trading With Multiple Mobile A...
Security Architecture for On-Line Mutual Funds Trading With Multiple Mobile A...Security Architecture for On-Line Mutual Funds Trading With Multiple Mobile A...
Security Architecture for On-Line Mutual Funds Trading With Multiple Mobile A...
 
Secure E-payment Protocol
Secure E-payment ProtocolSecure E-payment Protocol
Secure E-payment Protocol
 
P0176598101
P0176598101P0176598101
P0176598101
 
Protocol Payment in M-commerce Transaction
Protocol Payment in M-commerce TransactionProtocol Payment in M-commerce Transaction
Protocol Payment in M-commerce Transaction
 
An Identification and Detection of Fraudulence in Credit Card Fraud Transacti...
An Identification and Detection of Fraudulence in Credit Card Fraud Transacti...An Identification and Detection of Fraudulence in Credit Card Fraud Transacti...
An Identification and Detection of Fraudulence in Credit Card Fraud Transacti...
 
Wic2010b
Wic2010bWic2010b
Wic2010b
 
Paper id 2320146
Paper id 2320146Paper id 2320146
Paper id 2320146
 
Divisible Transferable Anonymous Electronic Cash System for General Use
Divisible Transferable Anonymous Electronic Cash System for General UseDivisible Transferable Anonymous Electronic Cash System for General Use
Divisible Transferable Anonymous Electronic Cash System for General Use
 
ENFORCING SET AND SSL PROTOCOLS IN EPAYMENT
ENFORCING SET AND SSL PROTOCOLS IN EPAYMENTENFORCING SET AND SSL PROTOCOLS IN EPAYMENT
ENFORCING SET AND SSL PROTOCOLS IN EPAYMENT
 
ENFORCING SET AND SSL PROTOCOLS IN EPAYMENT
ENFORCING SET AND SSL PROTOCOLS IN EPAYMENTENFORCING SET AND SSL PROTOCOLS IN EPAYMENT
ENFORCING SET AND SSL PROTOCOLS IN EPAYMENT
 
J017216164
J017216164J017216164
J017216164
 
Analysis of Spending Pattern on Credit Card Fraud Detection
Analysis of Spending Pattern on Credit Card Fraud DetectionAnalysis of Spending Pattern on Credit Card Fraud Detection
Analysis of Spending Pattern on Credit Card Fraud Detection
 
Enforcing Set and SSL Protocols in E-Payment
Enforcing Set and SSL Protocols in E-PaymentEnforcing Set and SSL Protocols in E-Payment
Enforcing Set and SSL Protocols in E-Payment
 
Application of Data Mining and Machine Learning techniques for Fraud Detectio...
Application of Data Mining and Machine Learning techniques for Fraud Detectio...Application of Data Mining and Machine Learning techniques for Fraud Detectio...
Application of Data Mining and Machine Learning techniques for Fraud Detectio...
 
Application to Quickly and Safely Store and Recover Credit Card’s Information...
Application to Quickly and Safely Store and Recover Credit Card’s Information...Application to Quickly and Safely Store and Recover Credit Card’s Information...
Application to Quickly and Safely Store and Recover Credit Card’s Information...
 
Card payment evolution v1.0
Card payment evolution v1.0Card payment evolution v1.0
Card payment evolution v1.0
 
Implementing a Secured E-Payment Authorisation System Using Two-Factor Authen...
Implementing a Secured E-Payment Authorisation System Using Two-Factor Authen...Implementing a Secured E-Payment Authorisation System Using Two-Factor Authen...
Implementing a Secured E-Payment Authorisation System Using Two-Factor Authen...
 
A Research Paper on Credit Card Fraud Detection
A Research Paper on Credit Card Fraud DetectionA Research Paper on Credit Card Fraud Detection
A Research Paper on Credit Card Fraud Detection
 
A secure payment scheme in multihop wireless network by trusted node identifi...
A secure payment scheme in multihop wireless network by trusted node identifi...A secure payment scheme in multihop wireless network by trusted node identifi...
A secure payment scheme in multihop wireless network by trusted node identifi...
 
A secure payment scheme in multihop
A secure payment scheme in multihopA secure payment scheme in multihop
A secure payment scheme in multihop
 

More from Editor IJARCET

Electrically small antennas: The art of miniaturization
Electrically small antennas: The art of miniaturizationElectrically small antennas: The art of miniaturization
Electrically small antennas: The art of miniaturizationEditor IJARCET
 
Volume 2-issue-6-2205-2207
Volume 2-issue-6-2205-2207Volume 2-issue-6-2205-2207
Volume 2-issue-6-2205-2207Editor IJARCET
 
Volume 2-issue-6-2195-2199
Volume 2-issue-6-2195-2199Volume 2-issue-6-2195-2199
Volume 2-issue-6-2195-2199Editor IJARCET
 
Volume 2-issue-6-2200-2204
Volume 2-issue-6-2200-2204Volume 2-issue-6-2200-2204
Volume 2-issue-6-2200-2204Editor IJARCET
 
Volume 2-issue-6-2190-2194
Volume 2-issue-6-2190-2194Volume 2-issue-6-2190-2194
Volume 2-issue-6-2190-2194Editor IJARCET
 
Volume 2-issue-6-2186-2189
Volume 2-issue-6-2186-2189Volume 2-issue-6-2186-2189
Volume 2-issue-6-2186-2189Editor IJARCET
 
Volume 2-issue-6-2177-2185
Volume 2-issue-6-2177-2185Volume 2-issue-6-2177-2185
Volume 2-issue-6-2177-2185Editor IJARCET
 
Volume 2-issue-6-2173-2176
Volume 2-issue-6-2173-2176Volume 2-issue-6-2173-2176
Volume 2-issue-6-2173-2176Editor IJARCET
 
Volume 2-issue-6-2165-2172
Volume 2-issue-6-2165-2172Volume 2-issue-6-2165-2172
Volume 2-issue-6-2165-2172Editor IJARCET
 
Volume 2-issue-6-2159-2164
Volume 2-issue-6-2159-2164Volume 2-issue-6-2159-2164
Volume 2-issue-6-2159-2164Editor IJARCET
 
Volume 2-issue-6-2155-2158
Volume 2-issue-6-2155-2158Volume 2-issue-6-2155-2158
Volume 2-issue-6-2155-2158Editor IJARCET
 
Volume 2-issue-6-2148-2154
Volume 2-issue-6-2148-2154Volume 2-issue-6-2148-2154
Volume 2-issue-6-2148-2154Editor IJARCET
 
Volume 2-issue-6-2143-2147
Volume 2-issue-6-2143-2147Volume 2-issue-6-2143-2147
Volume 2-issue-6-2143-2147Editor IJARCET
 
Volume 2-issue-6-2119-2124
Volume 2-issue-6-2119-2124Volume 2-issue-6-2119-2124
Volume 2-issue-6-2119-2124Editor IJARCET
 
Volume 2-issue-6-2139-2142
Volume 2-issue-6-2139-2142Volume 2-issue-6-2139-2142
Volume 2-issue-6-2139-2142Editor IJARCET
 
Volume 2-issue-6-2130-2138
Volume 2-issue-6-2130-2138Volume 2-issue-6-2130-2138
Volume 2-issue-6-2130-2138Editor IJARCET
 
Volume 2-issue-6-2125-2129
Volume 2-issue-6-2125-2129Volume 2-issue-6-2125-2129
Volume 2-issue-6-2125-2129Editor IJARCET
 
Volume 2-issue-6-2114-2118
Volume 2-issue-6-2114-2118Volume 2-issue-6-2114-2118
Volume 2-issue-6-2114-2118Editor IJARCET
 
Volume 2-issue-6-2108-2113
Volume 2-issue-6-2108-2113Volume 2-issue-6-2108-2113
Volume 2-issue-6-2108-2113Editor IJARCET
 
Volume 2-issue-6-2102-2107
Volume 2-issue-6-2102-2107Volume 2-issue-6-2102-2107
Volume 2-issue-6-2102-2107Editor IJARCET
 

More from Editor IJARCET (20)

Electrically small antennas: The art of miniaturization
Electrically small antennas: The art of miniaturizationElectrically small antennas: The art of miniaturization
Electrically small antennas: The art of miniaturization
 
Volume 2-issue-6-2205-2207
Volume 2-issue-6-2205-2207Volume 2-issue-6-2205-2207
Volume 2-issue-6-2205-2207
 
Volume 2-issue-6-2195-2199
Volume 2-issue-6-2195-2199Volume 2-issue-6-2195-2199
Volume 2-issue-6-2195-2199
 
Volume 2-issue-6-2200-2204
Volume 2-issue-6-2200-2204Volume 2-issue-6-2200-2204
Volume 2-issue-6-2200-2204
 
Volume 2-issue-6-2190-2194
Volume 2-issue-6-2190-2194Volume 2-issue-6-2190-2194
Volume 2-issue-6-2190-2194
 
Volume 2-issue-6-2186-2189
Volume 2-issue-6-2186-2189Volume 2-issue-6-2186-2189
Volume 2-issue-6-2186-2189
 
Volume 2-issue-6-2177-2185
Volume 2-issue-6-2177-2185Volume 2-issue-6-2177-2185
Volume 2-issue-6-2177-2185
 
Volume 2-issue-6-2173-2176
Volume 2-issue-6-2173-2176Volume 2-issue-6-2173-2176
Volume 2-issue-6-2173-2176
 
Volume 2-issue-6-2165-2172
Volume 2-issue-6-2165-2172Volume 2-issue-6-2165-2172
Volume 2-issue-6-2165-2172
 
Volume 2-issue-6-2159-2164
Volume 2-issue-6-2159-2164Volume 2-issue-6-2159-2164
Volume 2-issue-6-2159-2164
 
Volume 2-issue-6-2155-2158
Volume 2-issue-6-2155-2158Volume 2-issue-6-2155-2158
Volume 2-issue-6-2155-2158
 
Volume 2-issue-6-2148-2154
Volume 2-issue-6-2148-2154Volume 2-issue-6-2148-2154
Volume 2-issue-6-2148-2154
 
Volume 2-issue-6-2143-2147
Volume 2-issue-6-2143-2147Volume 2-issue-6-2143-2147
Volume 2-issue-6-2143-2147
 
Volume 2-issue-6-2119-2124
Volume 2-issue-6-2119-2124Volume 2-issue-6-2119-2124
Volume 2-issue-6-2119-2124
 
Volume 2-issue-6-2139-2142
Volume 2-issue-6-2139-2142Volume 2-issue-6-2139-2142
Volume 2-issue-6-2139-2142
 
Volume 2-issue-6-2130-2138
Volume 2-issue-6-2130-2138Volume 2-issue-6-2130-2138
Volume 2-issue-6-2130-2138
 
Volume 2-issue-6-2125-2129
Volume 2-issue-6-2125-2129Volume 2-issue-6-2125-2129
Volume 2-issue-6-2125-2129
 
Volume 2-issue-6-2114-2118
Volume 2-issue-6-2114-2118Volume 2-issue-6-2114-2118
Volume 2-issue-6-2114-2118
 
Volume 2-issue-6-2108-2113
Volume 2-issue-6-2108-2113Volume 2-issue-6-2108-2113
Volume 2-issue-6-2108-2113
 
Volume 2-issue-6-2102-2107
Volume 2-issue-6-2102-2107Volume 2-issue-6-2102-2107
Volume 2-issue-6-2102-2107
 

Recently uploaded

Call Girls Near Delhi Pride Hotel, New Delhi|9873777170
Call Girls Near Delhi Pride Hotel, New Delhi|9873777170Call Girls Near Delhi Pride Hotel, New Delhi|9873777170
Call Girls Near Delhi Pride Hotel, New Delhi|9873777170Sonam Pathan
 
Stock Market Brief Deck for "this does not happen often".pdf
Stock Market Brief Deck for "this does not happen often".pdfStock Market Brief Deck for "this does not happen often".pdf
Stock Market Brief Deck for "this does not happen often".pdfMichael Silva
 
Classical Theory of Macroeconomics by Adam Smith
Classical Theory of Macroeconomics by Adam SmithClassical Theory of Macroeconomics by Adam Smith
Classical Theory of Macroeconomics by Adam SmithAdamYassin2
 
Quantitative Analysis of Retail Sector Companies
Quantitative Analysis of Retail Sector CompaniesQuantitative Analysis of Retail Sector Companies
Quantitative Analysis of Retail Sector Companiesprashantbhati354
 
Financial Leverage Definition, Advantages, and Disadvantages
Financial Leverage Definition, Advantages, and DisadvantagesFinancial Leverage Definition, Advantages, and Disadvantages
Financial Leverage Definition, Advantages, and Disadvantagesjayjaymabutot13
 
(办理原版一样)QUT毕业证昆士兰科技大学毕业证学位证留信学历认证成绩单补办
(办理原版一样)QUT毕业证昆士兰科技大学毕业证学位证留信学历认证成绩单补办(办理原版一样)QUT毕业证昆士兰科技大学毕业证学位证留信学历认证成绩单补办
(办理原版一样)QUT毕业证昆士兰科技大学毕业证学位证留信学历认证成绩单补办fqiuho152
 
NO1 WorldWide online istikhara for love marriage vashikaran specialist love p...
NO1 WorldWide online istikhara for love marriage vashikaran specialist love p...NO1 WorldWide online istikhara for love marriage vashikaran specialist love p...
NO1 WorldWide online istikhara for love marriage vashikaran specialist love p...Amil Baba Dawood bangali
 
Call Girls Near Golden Tulip Essential Hotel, New Delhi 9873777170
Call Girls Near Golden Tulip Essential Hotel, New Delhi 9873777170Call Girls Near Golden Tulip Essential Hotel, New Delhi 9873777170
Call Girls Near Golden Tulip Essential Hotel, New Delhi 9873777170Sonam Pathan
 
The Core Functions of the Bangko Sentral ng Pilipinas
The Core Functions of the Bangko Sentral ng PilipinasThe Core Functions of the Bangko Sentral ng Pilipinas
The Core Functions of the Bangko Sentral ng PilipinasCherylouCamus
 
fca-bsps-decision-letter-redacted (1).pdf
fca-bsps-decision-letter-redacted (1).pdffca-bsps-decision-letter-redacted (1).pdf
fca-bsps-decision-letter-redacted (1).pdfHenry Tapper
 
chapter_2.ppt The labour market definitions and trends
chapter_2.ppt The labour market definitions and trendschapter_2.ppt The labour market definitions and trends
chapter_2.ppt The labour market definitions and trendslemlemtesfaye192
 
magnetic-pensions-a-new-blueprint-for-the-dc-landscape.pdf
magnetic-pensions-a-new-blueprint-for-the-dc-landscape.pdfmagnetic-pensions-a-new-blueprint-for-the-dc-landscape.pdf
magnetic-pensions-a-new-blueprint-for-the-dc-landscape.pdfHenry Tapper
 
Tenets of Physiocracy History of Economic
Tenets of Physiocracy History of EconomicTenets of Physiocracy History of Economic
Tenets of Physiocracy History of Economiccinemoviesu
 
Economic Risk Factor Update: April 2024 [SlideShare]
Economic Risk Factor Update: April 2024 [SlideShare]Economic Risk Factor Update: April 2024 [SlideShare]
Economic Risk Factor Update: April 2024 [SlideShare]Commonwealth
 
原版1:1复刻温哥华岛大学毕业证Vancouver毕业证留信学历认证
原版1:1复刻温哥华岛大学毕业证Vancouver毕业证留信学历认证原版1:1复刻温哥华岛大学毕业证Vancouver毕业证留信学历认证
原版1:1复刻温哥华岛大学毕业证Vancouver毕业证留信学历认证rjrjkk
 
Governor Olli Rehn: Dialling back monetary restraint
Governor Olli Rehn: Dialling back monetary restraintGovernor Olli Rehn: Dialling back monetary restraint
Governor Olli Rehn: Dialling back monetary restraintSuomen Pankki
 
212MTAMount Durham University Bachelor's Diploma in Technology
212MTAMount Durham University Bachelor's Diploma in Technology212MTAMount Durham University Bachelor's Diploma in Technology
212MTAMount Durham University Bachelor's Diploma in Technologyz xss
 
Interimreport1 January–31 March2024 Elo Mutual Pension Insurance Company
Interimreport1 January–31 March2024 Elo Mutual Pension Insurance CompanyInterimreport1 January–31 March2024 Elo Mutual Pension Insurance Company
Interimreport1 January–31 March2024 Elo Mutual Pension Insurance CompanyTyöeläkeyhtiö Elo
 

Recently uploaded (20)

Call Girls Near Delhi Pride Hotel, New Delhi|9873777170
Call Girls Near Delhi Pride Hotel, New Delhi|9873777170Call Girls Near Delhi Pride Hotel, New Delhi|9873777170
Call Girls Near Delhi Pride Hotel, New Delhi|9873777170
 
Stock Market Brief Deck for "this does not happen often".pdf
Stock Market Brief Deck for "this does not happen often".pdfStock Market Brief Deck for "this does not happen often".pdf
Stock Market Brief Deck for "this does not happen often".pdf
 
Classical Theory of Macroeconomics by Adam Smith
Classical Theory of Macroeconomics by Adam SmithClassical Theory of Macroeconomics by Adam Smith
Classical Theory of Macroeconomics by Adam Smith
 
Quantitative Analysis of Retail Sector Companies
Quantitative Analysis of Retail Sector CompaniesQuantitative Analysis of Retail Sector Companies
Quantitative Analysis of Retail Sector Companies
 
Financial Leverage Definition, Advantages, and Disadvantages
Financial Leverage Definition, Advantages, and DisadvantagesFinancial Leverage Definition, Advantages, and Disadvantages
Financial Leverage Definition, Advantages, and Disadvantages
 
(办理原版一样)QUT毕业证昆士兰科技大学毕业证学位证留信学历认证成绩单补办
(办理原版一样)QUT毕业证昆士兰科技大学毕业证学位证留信学历认证成绩单补办(办理原版一样)QUT毕业证昆士兰科技大学毕业证学位证留信学历认证成绩单补办
(办理原版一样)QUT毕业证昆士兰科技大学毕业证学位证留信学历认证成绩单补办
 
🔝+919953056974 🔝young Delhi Escort service Pusa Road
🔝+919953056974 🔝young Delhi Escort service Pusa Road🔝+919953056974 🔝young Delhi Escort service Pusa Road
🔝+919953056974 🔝young Delhi Escort service Pusa Road
 
NO1 WorldWide online istikhara for love marriage vashikaran specialist love p...
NO1 WorldWide online istikhara for love marriage vashikaran specialist love p...NO1 WorldWide online istikhara for love marriage vashikaran specialist love p...
NO1 WorldWide online istikhara for love marriage vashikaran specialist love p...
 
Call Girls Near Golden Tulip Essential Hotel, New Delhi 9873777170
Call Girls Near Golden Tulip Essential Hotel, New Delhi 9873777170Call Girls Near Golden Tulip Essential Hotel, New Delhi 9873777170
Call Girls Near Golden Tulip Essential Hotel, New Delhi 9873777170
 
The Core Functions of the Bangko Sentral ng Pilipinas
The Core Functions of the Bangko Sentral ng PilipinasThe Core Functions of the Bangko Sentral ng Pilipinas
The Core Functions of the Bangko Sentral ng Pilipinas
 
fca-bsps-decision-letter-redacted (1).pdf
fca-bsps-decision-letter-redacted (1).pdffca-bsps-decision-letter-redacted (1).pdf
fca-bsps-decision-letter-redacted (1).pdf
 
chapter_2.ppt The labour market definitions and trends
chapter_2.ppt The labour market definitions and trendschapter_2.ppt The labour market definitions and trends
chapter_2.ppt The labour market definitions and trends
 
magnetic-pensions-a-new-blueprint-for-the-dc-landscape.pdf
magnetic-pensions-a-new-blueprint-for-the-dc-landscape.pdfmagnetic-pensions-a-new-blueprint-for-the-dc-landscape.pdf
magnetic-pensions-a-new-blueprint-for-the-dc-landscape.pdf
 
Tenets of Physiocracy History of Economic
Tenets of Physiocracy History of EconomicTenets of Physiocracy History of Economic
Tenets of Physiocracy History of Economic
 
Economic Risk Factor Update: April 2024 [SlideShare]
Economic Risk Factor Update: April 2024 [SlideShare]Economic Risk Factor Update: April 2024 [SlideShare]
Economic Risk Factor Update: April 2024 [SlideShare]
 
原版1:1复刻温哥华岛大学毕业证Vancouver毕业证留信学历认证
原版1:1复刻温哥华岛大学毕业证Vancouver毕业证留信学历认证原版1:1复刻温哥华岛大学毕业证Vancouver毕业证留信学历认证
原版1:1复刻温哥华岛大学毕业证Vancouver毕业证留信学历认证
 
Governor Olli Rehn: Dialling back monetary restraint
Governor Olli Rehn: Dialling back monetary restraintGovernor Olli Rehn: Dialling back monetary restraint
Governor Olli Rehn: Dialling back monetary restraint
 
212MTAMount Durham University Bachelor's Diploma in Technology
212MTAMount Durham University Bachelor's Diploma in Technology212MTAMount Durham University Bachelor's Diploma in Technology
212MTAMount Durham University Bachelor's Diploma in Technology
 
Interimreport1 January–31 March2024 Elo Mutual Pension Insurance Company
Interimreport1 January–31 March2024 Elo Mutual Pension Insurance CompanyInterimreport1 January–31 March2024 Elo Mutual Pension Insurance Company
Interimreport1 January–31 March2024 Elo Mutual Pension Insurance Company
 
Monthly Economic Monitoring of Ukraine No 231, April 2024
Monthly Economic Monitoring of Ukraine No 231, April 2024Monthly Economic Monitoring of Ukraine No 231, April 2024
Monthly Economic Monitoring of Ukraine No 231, April 2024
 

1893 1896

  • 1. ISSN: 2278 – 1323 International Journal of Advanced Research in Computer Engineering & Technology (IJARCET) Volume 2, No 5, May 2013 1893 www.ijarcet.org  Abstract— In e-commerce, e-payment is one of the most essential research areas. Properly combining the payment protocol with a fair exchange procedure, the payment system allows the consumer and the merchant to fairly exchange their money and merchandise. This paper analysis and addresses the security flaws in a fair e-cash payment system which is based on DSA signature with message recovery and proposes a solution that would ensure user authentication and data integrity. The improved system also defences against threats and misbehaviors related to unfairness and repudiation coming from insiders parties of the transaction. Index Terms— e-commerce, fairness, security, offline, e-cash I. INTRODUCTION The more business is conducted over the Internet, the greater the fair exchange problem is. The fairness has been described with a lot of definitions. The fair exchange ensures no parties gains advantage over the other party by misbehaving [2]. In other words, an exchange is said to be fair if at the end of transaction, each participant receives the expected item or neither dishonest participant receives any valuable information about the other’s item [11,14]. During the last decade, the researches proposed e-cash systems with fairness between consumer and merchant. Integrating fair exchange procedure with the payment protocol, the fair e-cash system, allows the consumer and merchant to exchange fairly their money and merchandise [2]. According to the participation of trusted third party (or bank), electronic cash systems can be classified into two types: online and offline. In an online e-cash system, the issuing bank should play a part in the payment protocol to verify the e-cash [12]. Although it is a simple way to ensure of the validity of payments, it can lead to the bottle-neck of a transaction and become network congestion. An off-line system can enhance performance [5] in which the bank is not involved during the payment procedure. The fairness of the e-cash scheme can be maintained with the help of an offline trusted third party (offline TTP or bank). That is, the consumer and the merchant can exchange their desired items without TTP’s participation. However, only when a party misbehaves, honest party can request the TTP to resolve the problem and ensure the fairness of the transaction. Numerous mechanisms have been proposed for offline e-cash system in the last decade. Most of these systems assumed that the banks and other third authorities are Manuscript received May, 2013. Thae Nu Nge, Faculty of Information and Communication Technology, University of Technology Yatanarpon Cyber City, Pyin Oo Lwin, Myanmar. trustworthy and they did not consider the insider attacks by untrusted authorities [6]. In paper [1] proposed an efficient e-cash system based on DSA multi-signature in which there is no withdrawal stage and e-cash is produced by consumer. It is very efficient because of not only reducing communication cost but also avoiding the storage and lose problem [1,7,8]. However, from the view point of preventing crimes, the security of e-cash system is weak. The scheme does not satisfy the unforgeable property since an adversary can fake a signature for the customer after the exchange phase. This paper addresses the issue of the security of e-cash system based on DSA signature with message recovery feature and adopts the concept of public key cryptosystem to e-cash procedure while still maintaining the efficiency but enhancing e-cash security. The paper is organized as follows. Briefly introduce the concept of the DSA signature with message recovery feature in Section 2. In Section 3, a brief description of fair e-cash scheme based on DSA multi- signature is shown. In Section 4, improved payment system that satisfies the designed properties is proposed. Finally, the conclusion is described in Section 5. II. DSA SIGNATURE FOR MESSAGE RECOVERY FEATURE This section briefly describes the concept of the message recovery feature of DSA signature [3,4,9,10,15]. Let p be a large prime, q be a large integer factor of p-1 and an element g Є Zp * whose order is q. Let x is the private key, y = gx mod p is the public key, k is random number k Є Zq. The signature ( r , s ) of a message m is r = m gk (mod p ), r’ = r(mod q ) , s = k − r’x(mod p ) The public key y is verified by recovering the message m from signature (r , s). That is, m = gs yr’ r (mod p). III. REVIEW OF FAIR E-CASH PAYMENT SCHEME In this section, a brief description of fair e-cash payment scheme based on DSA signature is presented. The basic scheme consists of three participants and four processes: set up process, exchange process, deposit process and dispute resolution process. A.Setup Process In setup process, national bank generates (xB , yB) and publish public key. National bank issues certification for the other branch bank i , CABi = ExB( yBi ) to prove the branch bank’s validity. ( xBi , yBi ) are the secret key and public key of branch bank i. Security Analysis of Fair E-cash Payment System Thae Nu Nge
  • 2. ISSN: 2278 – 1323 International Journal of Advanced Research in Computer Engineering & Technology (IJARCET) Volume 2, No 5, May 2013 All Rights Reserved © 2013 IJARCET 1894 The consumer generates p, q, g, x, x1, y =gx and y1 = gx1 , and publishes p, q, g. For an exchange information m, consumer computes e-cash (denote as δ= (r, s)) r = mgk (mod p ) , r’ = r (mod q ), s = k − r’x (mod p ) and commitment (denote asδ1= (r1, s1)) , r1 = m gk (mod p), r1’ = r1 (mod q ), s1 = k − r1’x1 (mod p). Consumer contacts bank i to get the public key y certified. The arbitration key x2 is used by bank to make a fair dispute resolution when there is a dissension between user and merchant. The consumer sends y , y1 , δ, δ1 , x2, m, IDc to bank i. Bank i checks m = gs yr’ r (mod p), m = gs y1 r1’ r1 (mod p), s = s1+ r1’ x2 (mod p) is valid. After verifying the validity of all items, bank i issues a signed certificate CAc and an overdraft credit voucher Vc to consumer, where Vc = SigBi ( y1 || N || Eψ ( x2|| IDc )) , CAc = ( ExBi ( y ) || CABi ) , CABi = ExB ( yBi ) N stipulates the largest value of an e-cash which consumer can overdraft based on credit. After the setup process, consumer has (x, y), (x1, y1), x2, Vc, CAc, and bank i has his secret arbitration key x2, and y, y1, Vc , CAc. B. Exchange Process When the consumer wants to purchase the digital merchandise, consumer and merchant cooperate to do the following steps. Where C represents consumer and M represents merchant. 1. C M : Vc , CAc , δ1 2. C M : Er (u) 3. C M : δ Firstly, the consumer choose a number k randomly and compute δ1(r1, s1) on the purchase information m and sends δ1 , Vc and CAc to merchant. Second, merchant can verify the bank’s public key yBi and consumer public key y using the national bank’ public key yB from CAc . From Vc , he obtains public key y1 and checks N. If all items are valid, merchant sends the encrypted merchandise Er(u) to consumer. Otherwise, merchant does not send the merchandise, and stops the protocol. Finally, if consumer satisfies the merchandise, he computes the e-cash δ and sends it to merchant. Otherwise, consumer stops the protocol. After receiving e-cash δ, Merchant verifies δ using y. If it is valid, merchant ends the protocol. Otherwise, merchant requests bank i to resolve the dispute. C.Deposit Process Merchant sends the e-cash δ and CAc to merchant’s bank j. If e-cash δ is valid, bank i transfer financing from consumer’s accounts to bank j. D.Dispute Resolution Process If consumer does not sends the e-cash δ, or if δ is invalid, merchant performs these process. 1. M B : Vc , CAc , δ1 , Er(u), EyBi (r) 2. M B : δ Merchant sends Vc , CAc , δ1, Er(u) and the encrypted session key EyBi (r) to bank i. Bank i use his private key xBi to decrypts EyBi (r) and then recover u using r. Next, he verifies δ1 using the system parameters and keys from CAc and Vc. If everything is valid, bank i generates the e-cash using δ1 and his secret arbitration key x2 as follow: r = r1 , r1’ = r1 mod q , s = s1+r1’x2 mod p. The e-cash δ and encrypted merchandise is sent to merchant and consumer respectively. Otherwise, if bank i checks the invalid of the received item, bank i sends nothing to either party. E.Security Analysis The DSA signature with message recovery feature is vulnerable to existential forgery attacks, that is, given a valid signature of a known message, an adversary can forge a valid signature of another different message without the knowledge of the secret key [3,13,15]. Let A be the signer and an adversary gets A’s signature (r , s) for a message m. Then, the adversary can compute a signature ( r’ , s’) for a message m’ without the knowledge of A’s secret key by the following procedure. The adversary computes r1’= (mr−1 ) g−1 = r1 g−1 = gk −1 (mod p) . Then, sets a message m’ = m g−1 (mod p) , r’ = r and s’ =s-1. Sends (r’ , s’) as a signature of m’, (r’ , s’) is a valid signature of m’ since gs’ yr r = gs-1 yr r = gs yr r g−1 = m g−1 = m’ ( mod p ) By this procedure, an adversary can make the signature on a message mg−1 and also can generate a signature for any message in a subset Sm,g = {mg−n |n ∈ Zq}, within one time known-message attack. It is obvious that an adversary can forge consumer’s e-cash after he got the real e-cash after the exchange process. Hence, the faked e-cash can be verified successfully and there is no evidence that whether merchant makes deposit with the consumer’s real e-cash or not. Moreover, malicious merchant can make the illegal purchase with Vc , CAc and fake e-cash. It may cause a great financial loss to the business partners and dissatisfy the fairness of the exchange. In addition, a malicious bank can forge a fact of honest merchant’s double deposit [6]. IV. IMPROVED FAIR E-CASH PAYMENT SCHEME This section presents the improved fair e-cash payment scheme in order to solve the above flaws. The proposed solution is straightforward and it should not require to much modifications in the overall system. In addition to certified public key y, consumer applies another certified public key e to encrypt e-cash in payment process. Before registration process, the consumer needs to select two large prime numbers: p and q. Modulus n is : n = p × q. A number e is chosen that is 0< e < (p -1) ×(q - 1) and also co-prime: gcd (e; [(p -1) ×(q -1)]) = 1. The public key is: ( n, e). Private key d is d = e-1 (mod (p -1) ×(q -1)).
  • 3. ISSN: 2278 – 1323 International Journal of Advanced Research in Computer Engineering & Technology (IJARCET) Volume 2, No 5, May 2013 1895 www.ijarcet.org A. Setup Process The registration process is the same procedure as the above protocol except the consumer submits the public key ( n , e ) to bank i . For an exchange information m, consumer computes e-cash (denote as δ = (r , s))and commitment (denote as δ1 = (r ,s )) as follow. r = m gk (mod p ) , r’ = r (mod q ) , s = k − r’x (mod p ) r1 = m gk (mod p ), r1’ = r1 (mod q ) , s1 = k − r1’x1 (mod p ) . After computing e-cash and commitment signature, the consumer encrypts them using his private key d. That is, e-cash δ:(r,s) is encrypted as δ’:(cr ,cs) as follow. cr = rd mod n , cs = sd mod n The encrypted commitment δ1’:( cr1, cs1) is computed as follow. cr1 = r1 d mod n , cs1 = s1 d mod n Next, consumer sends y, y1 , e , δ’:( cr, cs), δ1’:( cr 1, cs1), x2, m, IDc to bank i. Bank i recover the e-cash δ:(r, s) and commitment signature δ1(r1, s1) using public key (n,e) as follow. r = cr1 e mod n , s = cs e mod n and r1 = cr1 e mod n , s1 = cs1 e mod n After that, Bank i checks m = gs yr’ r (mod p) , m = gs y1 r1’ r1 (mod p) , s = s1+ r1’ x2 mod p is valid. After verifying the validity of all items, bank i issues a signed certificate CAc and an overdraft credit voucher Vc to consumer, where Vc = SigBi ( y1 || N || Eψ ( x2|| IDc )) , CAc = ( ExBi ( y || e) || CABi ) , CABi = ExB ( yBi ) After the setup process, consumer has (x, y), (x1, y1), x2, (e,d), Vc , CAc and bank i has his authentic public key e and y, y1, x2, Vc , CAc . B. Exchange Process When the consumer want to purchase the digital merchandise, the consumer and the merchant cooperate to do the following steps. 1. C M : Vc , CAc , δ1’ 2. C M : Er (u) 3. C M : δ At first, the consumer picks a number k randomly, and computes δ1:(r1, s1) for the purchase information m (which might contain consumer's unique identity, merchant's unique account number, price, description and date of transaction). To prevent the signature δ1:(r1, s1) modified or forged, the consumer encrypts commitment signature using his private key d, cr1 = r1 d mod n , cs1 = s1 d mod n and sends δ1’:( cr1, cs1), Vc and CAc to merchant. Secondly, merchant can verify consumer’s public key y and e using CAc. Merchant can recover the commitment δ1:(r1, s1) from δ1’:( cr1, cs1) using consumer’s authentic public key e as follow. r1 = cr1 e mod n , s1 = cs1 e mod n Then verifies the signature m = gs1 y1 r1’ r1 (mod p) If all items are valid, merchant sends encrypted merchandise to consumer. Finally, receiving expected merchandise, consumer computes e-cash δ:(r,s) and encrypts as δ’:( cr, cs) as follow and sends it to merchant. cr = rd mod n , cs = sd mod n Merchant checks the validity of δ’ using e and y as follow. r = cr e mod n , s = cs e mod n m = g s y r’ r (mod p) If both of them are valid, merchant ends the protocol. Otherwise, merchant performs the dispute resolution process. C. Deposit Process Merchant sends the e-cash δ’ and CAc to merchant’s bank j. Bank j verifies CABi using yB, verifies CAc using yBi . Bank j recovers the e-cash δ from δ’ using consumer’ authentic public key e and verifies e-cash using y. If merchant has not deposit e-cash before, bank j deposits it in her account. D. Dispute Resolution Process If consumer does not sends the e-cash, or if e-cash is invalid, merchant performs these processes. 1. M B : Vc , CAc , δ1’ , Er(u), EyBi (r) 2. M B : δ After receiving Vc , CAc , δ1’ , Er(u), EyBi (r) from merchant, bank i decrypts EyBi (r) using his private key xBi, and uses r to recover u. Next, he verifies δ1 using the system parameters and keys from CAc and Vc. Bank i recovers the δ1 from δ1’ using consumer’ authentic public key e and verifies δ1 using y. If everything is valid, bank i generates the e-cash using δ1 and his secret arbitration key x2 as follow: r = r1 , r1’ = r1 mod q , s = s1+r1’x2 mod p. The e-cash and encrypted merchandise is sent to merchant and consumer respectively. Otherwise, if bank i checks the invalid of the received item, bank i sends nothing to either party. E. Security Analysis In this section, the security issues with respect to the proposed system will be discussed. Authentication analysis: In improved system, part of e-cash is encrypted using public and private key pair (e,d), e-cash is still produced by consumer. During the exchange process, the consumer must prove the merchant that he is the owner of e-cash. Upon receiving δ1’:( cr1, cs1), the merchant compute r1= cr1 e mod n , s1 = cs1 e mod n . Even if someone can get CAc , Vc and fake signature, he can’t prove that he is the holder of CAc and Vc because he can’t produce δ1’:( cr1, cs1), without obtaining d. During the deposit process, the bank verifies the e-cash using public key e also ensures that e-cash is a valid one generated by consumer, not a modified one by merchant. The previous proposed system can’t hold this property because an adversary can make use of CAc, Vc and fake signature in another purchases as described in session 3.5. Therefore, encrypting the e-cash using key pair (e, d) makes the e-cash secure and ensures authentication of the system processes.
  • 4. ISSN: 2278 – 1323 International Journal of Advanced Research in Computer Engineering & Technology (IJARCET) Volume 2, No 5, May 2013 All Rights Reserved © 2013 IJARCET 1896 Non-repudiation analysis: After the exchange phase, consumer cannot deny that he had spent the e-cash because only the consumer who knows the private key d could perform the computation of δ1’:( cr1, cs1),. As a result, the improved scheme gives the evidence of origin and fulfills non-repudiation. Integrity analysis: Because producing δ1’:( cr1, cs1), results that the e-cash is a valid one generated by the consumer. Although an adversary can successfully produce the forge e-cash, he can’t encrypt it without knowing consumer’s private key d. If an adversary deposits forged or modified e-cash (r’,s’), bank can check immediately. Thus, the adversary can’t make a deposit with the forge e-cash. Clearly, it also prevents the dishonest merchant initiating the dispute resolution process with a fake e-cash. For this reason, the improved scheme prevents the effects of existential forgery attack and confirms that data integrity is not violated. Impersonation analysis: Because the consumer’s private key is not stored in the database of the bank, the malicious bank employee can’t produce e-cash from the honest consumer’s account by impersonating the consumer with the secret key. Therefore, this incomplete information (for the bank) enhances security against the impersonation by the malicious bank [6]. Also, malicious bank cannot issue a consumer’s e-cash without the consumer’s agreement. In addition, a malicious bank cannot forge a fact of honest merchant’s double deposit. V. CONCLUSION This paper addresses the security issue of e-cash system based on DSA signature with message recovery feature and shows the weakness of that system. The improved scheme encrypts the e-cash using public key cryptosystem during the exchange phase that prevents the effects of existential forgery attack and overcomes the weakness. The proposed solution is straightforward and it should not require to much modifications in the overall system. Hence, integrating authentic public key for e-cash verification satisfies the two basic requirements: authenticity and integrity and makes the fair offline e-cash payment systems securely workable. In the future, it needs to formalize both the protocol and the security requirements that it needs to meet, and then verify that the requirements are met indeed using one of the formal verification methods such as AVISPA. ACKNOWLEDGMENT I would like to thank my supervisor and all of my teachers for their helpful comments in improving our manuscript. REFERENCES [1] Zhaoxia, Wang Shaobin, Nu Shuwang , “A DSA Multi-Signature Protocol and Applying in E-Bank and E-Voting”, IEEE 978-1-4244-5895-0, 2010. [2] C-H Wang and W-M Chiang, “The Design of a Novel E-cash System with the Fairness Property and Its Implementation in Wireless Communications”, Department of Computer Science and Information Engineering National Chiayi University , Journal of Computers Vol.18, No.2, July 2007. [3] Atsuko Miyaji, “Weakness in Message recovery signature scheme based on discrete logarithm problems 1”, IEICE Japan Tech. Rep., ISEC95-11, 1994. [4] Y.-M. Tseng, “Digital signature with message recovery using self-certified public keys and its variants”, Applied Mathematics and Computation 136 (2003) 203–214. [5] C. Popescu, “A Secure E-Cash Transfer System based on the Elliptic Curve Discrete Logarithm Problem”, INFORMATICA, vol. 22, No. 3, 395–409, 2011. [6] T.Nishide, S.Miyazaki, K.Sakurai, “Security Analysis of Offline E-cash Systems with Malicious Insider”, Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications, vol. 3, number: 1/2, pp. 55-71. [7] Lei Hu, "Fair E-cash Payment Model on Credit O", 2006 IEEE Asia-Pacific Conference on Services Computing (APSCC 06), 12/2006. [8] Guohua Cui, "A fair e-cash payment scheme based on credit", in Proc. 7th international conference on Electronic commerce - ICEC 05 ICEC 05, 2005. [9] Gao, C. zhi, D. Xie, J. Li, B. Wei, and H. Tian. "Deniably Information-Hiding Encryptions Secure against Adaptive Chosen Ciphertext Attack", Fourth International Conference on Intelligent Networking and Collaborative Systems, 2012. [10] Tseng, Y.M.,"Digital signature with message recovery using self-certified public keys and its variants", Applied Mathematics and Computation, 20030315. [11] Xian Zhu. "Optimistic fair-exchange protocols based on DSA signatures", IEEE International Conference on Services Computing 2004 (SCC 2004) Proceedings 2004, 2004 [12] Al-Fayoumi, Mohammad. "Practical E-Payment Scheme", International Journal of Computer Science Issues (IJCSI)/16940784, 20100501 [13] Zichen Li. "A new forgery attack on message recovery signatures", Journal of Electronics (China), 07/2000 [14] Xinmei Wang. "Fair Exchange Signature Schemes", 22nd International Conference on Advanced Information Networking and Applications - Workshops (aina workshops 2008), 03/2008 [15] Kaisa Nyberg. "Message recovery for signature schemes based on the discrete logarithm problem", Lecture Notes in Computer Science, 1995 Thae Nu Nge received Master degree in Information Technology from Mandalay Technological University, Myanmar in 2009. Now she is currently pursuing Ph.D degree in security protocols and electronic payments systems. Research interests include cryptography, network security, security protocols and electronic payment systems.