Research Article | Open Access
Jiachen Yang, Longsheng Xu, Qinggang Meng, Shudong He, "Dynamic Symmetric Key Mobile Commerce Scheme Based on Self-Verified Mechanism", Mathematical Problems in Engineering, vol. 2014, Article ID 103136, 8 pages, 2014. https://doi.org/10.1155/2014/103136
Dynamic Symmetric Key Mobile Commerce Scheme Based on Self-Verified Mechanism
In terms of the security and efficiency of mobile e-commerce, the authors summarized the advantages and disadvantages of several related schemes, especially the self-verified mobile payment scheme based on the elliptic curve cryptosystem (ECC) and then proposed a new type of dynamic symmetric key mobile commerce scheme based on self-verified mechanism. The authors analyzed the basic algorithm based on self-verified mechanisms and detailed the complete transaction process of the proposed scheme. The authors analyzed the payment scheme based on the security and high efficiency index. The analysis shows that the proposed scheme not only meets the high efficiency of mobile electronic payment premise, but also takes the security into account. The user confirmation mechanism at the end of the proposed scheme further strengthens the security of the proposed scheme. In brief, the proposed scheme is more efficient and practical than most of the existing schemes.
With the rapid development of mobile communication technology, more and more electronic trading has been introduced to the wireless network environment . The wireless mobile network in the electronic trading model not only provides numerous merchants with a new way of promoting the sale of products and increases the profit, but also greatly enriches the network shopping environment of the consumers . Mobile electronic commerce has achieved rapid development, since the mobile users and merchants traded anywhere and anytime . However, compared with fixed networks, there are some factors that have restricted the development of mobile commerce, such as lower bandwidth, longer delay time, unstable connection, limited storage space, and restricted computing power . In order to reduce the risk of these problems, the priority of all kinds of mobile payment schemes is the security and efficiency of the solution.
Recently, with the development of mobile commerce based on the characteristics of the mobile network, some researchers have successively put forward certificate-based public key cryptosystem scheme (CBCS) , ID-based cryptography scheme (IDBCS) [1, 4, 5], and self-verified digital signature scheme (SVDSS) [2, 6, 7]. CBCS is similar to the scheme based on the Secure Electronic Transaction protocol, in which user’s authentication requires the certificate preserved in the certificate authority (CA). When the node certificate is updated or canceled, each node directory needs to be updated synchronously. The requirements of this sort of certificate management for calculation, storage, and communication of the system are relatively high. In order to avoid the certificate management burden, IDBCS used key escrow (KE) features and key distribution center (KDC) unified manage public/private key pair of all trading entity, which can generate a symmetric key, and then improve the efficiency of system. However, once the KDC public/private key leaks, the system will lose the security barrier. In addition, with the increase of the number of users, the KDC needs to maintain a set of large user authentication tables, resulting in increasing the burden of the system . SVDSS is more efficient and secure than CBCS and IDBCS. On the one hand, its authentication mechanism does not need to rely on complex certificate management, which reduces the amount of calculation and traffic and improves the execution efficiency; on the other hand, it does not set public/private key to KDC. Thus SVDSS has extensive application prospect in the field of mobile e-commerce.
The core work of SVDSS is generating the authentication key and digital signature which verifies the identity of transaction entity. At present, the mainstream generative mechanism of SVDSS is based on ECC. Compared with the public key cryptosystem (PKC), ECC uses smaller key length to meet the same level of security and has very low computational burden [7–9]. The specific performance comparison can be seen in Table 1. Therefore, the electronic payment scheme based on ECC is more effective than that based on PKC.
The symmetric key encryption system has a simple encryption processing, encryption speed, shorter key, and so forth . The authors summarize the theory and experience of predecessors and propose a new type of dynamic symmetric key mobile commerce scheme based on self-verified mechanism in this paper. This proposed scheme meets the requirements of both security and high efficiency because of the application of ECC. Based on the self-verified signature concept, each transaction entity holds the verification key and the digital signature for a later user authentication [2, 10]. The symmetric keys held by two entities are generated dynamically by the verification key and the digital signature. This contributes to security and efficient information interaction. A special key management mechanism is not necessary to reduce the cost of key management. In this way, the network operator only needs to provide users with a secure network and does not need to maintain redundancy authentication table. Therefore, the electronic payment scheme can not only meet the requirements of the large-scale mobile users, but also execute secure and efficient information interaction with generated symmetric key between the two entities after successful authentication. The environment of the electronic payment scheme is very suitable for large-scale mobile user environments, because the network operator does not need to maintain redundancy authentication table. In addition, the proposed scheme supports user anonymity mechanism and confidentiality, and it can prevent impersonation attack effectively. With our efforts, the system safeguards the rights and interests of users and ensures security. This scheme adopts ECC. Compared with other mechanisms such as the PKC and pairing function encryption mechanism, ECC obviously improves the operating efficiency of the system [11, 12]. To sum up, the proposed scheme is effective and practical in mobile commerce.
This paper is structured as follows. In Section 2, the authors summarize the main idea of the self-verified mechanism and basic steps. In Section 3, the paper presents detailed process of the proposed scheme. In Section 4, the authors analyze operational efficiency and security. Finally, conclusions are made in Section 5.
2. The Principle of Self-Verified Mechanism
Yang and Chang  proposed an authentication mechanism which is divided into three phases: the initialization phase, the registration phase, and the authentication phase.
2.1. The Initialization Phase
In this phase, the server initializes the system parameters over an elliptic curve domain through the following steps. In order to facilitate subsequent statements, important parameters and explanations are listed in Table 2.
2.1.1. Elliptic Curve Equation
chooses a finite field over a large odd prime and generates an elliptic curve equation : where parameters satisfy the following conditions:
selects a public point over and a public one-way hash function , where is the finite point over .
2.1.2. Generating Public Key
chooses its private key to compute its public key by
2.2. The Registration Phase
Assume that user wants to log in the server . Prior to the logging, must register to .
2.2.1. Generating Verification Key and Self-Verified Signature
Firstly, sends a registration request to . generates s verification key by where and is s identity. computes by where and denote the -coordinate and -coordinate of , respectively. To generate the self-verified signature , computes
2.2.2. Confirming the Legitimacy of Information
sends to via a secure channel. verifies the legitimacy of the message by computing Then, checks if is equal to . If they are equal, then confirms that is really generated by .
2.3. The Authentication Phase
In this phase, wants to log in ; can verify the user’s legality .
2.3.1. Obtaining Data Set
uses to compute where is the timestamp; sends data set () to .
2.3.2. Identity Authentication
After receiving (), computes checks if is equal to that is sent from . If they are equal, then can authenticate that is a legal user.
3. Proposed Scheme
There are three transaction entities in the proposed e-payment scheme: the provider of electronic goods , the mobile user , and the network operator that is a collection of financial institutions. provides the wireless network bearer services to and , such as 3G services. Before being involved in trading officially, and must register to and obtain the exclusive account. Only in this way can provide service for user’s transaction. The trading model of the proposed scheme is shown in Figure 1.
The proposed electronic trading scheme is divided into four phases: the registration phase, the withdrawing phase, the paying phase, and the depositing phase. During the registration phase, and need to register to for obtaining their verification keys and self-verified signatures. The function of withdrawing phase is that not only obtains an electronic identification of account balance but also completes the identity authentication with . In the paying phase, and perform authentication with each other; then will obtain the electronic goods from . During the depositing phase, agrees on this transaction and then redeems the price from the account of .
3.1. The Registration Phase
Before the depositing phase, and need to register to for obtaining their verification keys and self-verified signatures. The steps of this phase are demonstrated as follows.
sends a registration request to , and generates the verification key and the self-verified signature . Through the secure way, sends authentication information to . Then stores into its mobile device for subsequent authentications.
In a similar way, gets the authentication information from and stores it into its mobile device.
3.1.3. Storing Authentication Information
stores the registration information of and to its database. The information provides the foundation of authentication, generating keys, information transfer, and payment in later transaction.
3.2. The Withdrawing Phase
According to the registration information in the registration phase, obtains an electronic identification of account balance that the maximum value is . In the subsequent transactions, the value of electronic goods bought by from will not exceed . In this phase, and not only complete the identity authentication but also generate a pair of symmetric key between themselves, and the symmetric key will be applied during user confirmation mechanism in the depositing phase. The steps of this phase are shown as follows and the specific flow chart is shown in Figure 2.
Step 1. makes use of to compute where is the timestamp and sends , , , , and to .
Step 2. In order to verify the legitimacy of , uses its private key to compute Then, checks validity of . If is valid, computes confirms that is legal and above withdrawing information is really sent from when equals . Otherwise, rejects the transaction.
Step 3. generates an electronic identification of account balance that the maximum value is . In the subsequent transactions, the value of electronic goods bought by from will not exceed . Meanwhile, generates a serial number of .
Step 4. makes use of , , to generate the symmetric key Based on ECC, generates the digital signature and computes and then it sends to and stores in the local database and deducts the cost of from mobile user’s account.
Step 5. uses symmetric key to decrypt for , , , , .
Then whether the equation is established is checked. If it is established, confirms that is really sent by , stores into the users’ database, and obtains symmetric key .
3.3. The Paying Phase
In this phase, sends good information to ; then and perform authentication with each other. After the authentication is legalized, will obtain the electronic goods encrypted by the symmetric key generated between the two entities. The steps of this phase are shown as follows and the specific flow chart is shown in Figure 3.
Step 1.1. browses ’s online shop and generates the good information that contains the descriptions and the prices defined by of the electronic goods. Meanwhile, arbitrarily selects an integer and obtains the value by generates the dynamic symmetric key between and by where and is the unique identification of and . encrypts the payment message with the key
Step 1.2. After receiving the encrypted payment message , obtains by decrypts and obtains payment message by verifies the legitimacy of digital signature with computing . If the signature is legal, can confirm is really sent by . Therefore, confirms that is legal and obtains the dynamic symmetric key .
Step 1.3. obtains the good information GI and then determines whether inequality was established. If is greater than or equal to , stores in the database and sends to , where is the electronic goods. Then obtains the encrypted by . Otherwise, rejects the transaction.
If user wants to execute subsequent transactions, the proposed scheme can make full use of symmetric key , which is generated in the previous process. In the transaction, both entities apply hash function , symmetric key , and good information to complete the transaction. The steps of this phase are shown as follows.
Step J.1. browses ’s online shop and generates the good information . In the meantime updates symmetric key , where represents performing the hash operation times.
Step J.2. uses to compute the payment message by where contains the price information and sends to . updates the symmetric key and obtains the payment message by
Step J.3. After receiving , judges the condition If the inequality is not established, rejects the transaction. If the inequality is established, stores into the database and sends to . Finally, obtains electronic goods encrypted by .
3.4. The Depositing Phase
After the paying phase, obtains from and wants to redeem them from in this phase. The steps of this phase are shown as follows and the specific flow chart is shown in Figure 4.
Step 1. makes use of to generate Then it sends , , to , where is the collection of .
Step 2. In order to verify , uses private key to generate and compute by checks if the equation holds. If the equation holds, then confirms that is legal.
Step 3. uses to compute and sends to . makes use of and obtains , , , . If agrees on this transaction and replies confirmation information to , then completes the deposit. Otherwise, rejects this transaction.
4. The Performance and the Security Analyses
This scheme will be compared to the related schemes in terms of performance and security analysis in order to identify the characteristics and advantages of proposed scheme. Compared with previous trading models [1, 2], the proposed scheme further compresses the computation costs, and the dynamic symmetric key introduced improves the dynamic efficiency of the system. Considering the complexity and integration of current system, the proposed scheme adds the user confirmation mechanism which can maximize the protection of the rights of the user.
4.1. The Performance Analysis
Compared with authentication mechanism of CBCS and IDBCS, the efficiency SVDSS authentication is higher. The reason is that this scheme adopts the self-verified signature mechanism to implement authentication between transactions entities, eliminate the need for frequent transfer certificate and verification, and save communication cost. In the specific verification process, the proposed scheme adopts the mechanism based on ECC. Compared with the public key cryptosystem (PKC) , ECC uses smaller key length to meet the same level of security and bear very low computational burden . After trading entity verifies that each side is legal object, it achieves symmetric encryption/decryption using the symmetric key. In the concrete scheme, it further improves the system efficiency from the following two aspects.
4.1.1. Payment Efficiency
In the previous mobile commerce, hash function was used to generate electronic money instead of cash. denotes the execution time for executing the hash function for token generation and verification. As for denotes 0.006 ms on 15 a Pentium IV 3.0 GHz with 2 GB. In the literature , in order to generate and verify tokens, the total number of hash operation performed is 3 N in the entire transaction process (including the generating, using, and redeeming of electronic token). In the literature , when obtains the tokens from , did not use hash function but did get the tokens directly. So the total number of hash operation performed is 2 N. According to literature [1, 2], the total execution time for token generation and verification is and . Usually, the number is from 50 to 50,000. The total execution time of token generation and verification is illustrated in Figure 5, where the literature [1, 2] introduces the Lin et al.’s scheme and Yang and chang’s scheme, respectively. In the proposed scheme, does not use hash function to generate the electronic tokens; the user directly obtains from . The total price of the goods purchased keeps accumulating in , as long as the price does not exceed . Therefore, compared with literature [1, 2], payment efficiency of proposed scheme has been greatly improved.
4.1.2. Message Encryption and Decryption
Recently, in order to improve the efficiency of mobile commerce, symmetric key mechanisms have been applied actively. However, due to the difficulties of key management of symmetric key, the concrete scheme of mobile commerce is based on asymmetric keys, to generate a symmetric key between trading entity. According to literature , the system generates symmetric key between entities, but the public/private key that can generate symmetric key exists in the KDC. Once the KDC information leakage occurs, the security of the whole system will be under threat. And the generated symmetric keys in subsequent transactions are not continuously updated, which will result in the insecurity of the system. In the literature , both the symmetric keys are generated by executing three times point multiplication over during each paying phase. In the paying phase, assume and execute times payment, the total execution time for generating the symmetric keys is 3.
denotes the time of the multiplication on an elliptic curve . In this paper, the scheme generates the first pair symmetric key in the first process during the paying phase. In the subsequent transaction, only the hash function is used to update the symmetric key . The total execution time for generating the symmetric keys is . In fact, is much larger than . This will further reduce the computing cost of the system and improve the execution efficiency. As is shown in Figure 6, the computational cost of generating symmetric key in the proposed scheme is higher than that in the literature .
4.2. The Security Analysis
The authors analyze the security of proposed scheme as follows.
4.2.1. Prevent Impersonation Attack
Assume that an attacker makes an attempt to modify the response information returned to [13–15]. Obviously, the attacker needs to forge a set of data, including , . After receiving the forged information, will naturally enter into the verification mode by computing (11) and (12).
If is not equal to , discovers the user is illegal and then rejects the transaction. The same authentication mechanism also occurs between user and . The proposed scheme makes full use of this authentication mechanism to prevent impersonation attack.
4.2.2. User Anonymity
It does not contain identity information about user; service providers’ judgment of the source information is based on the validity of . Subsequent transactions are based on ; as long as the total price of the purchased goods does not exceed , the entire transaction can continue proceeding. redeems the from based on in the depositing phase. In the process of the whole system, vender has no access to the user’s identity information.
Through the analysis of the concrete transaction process, information of the transaction between entities is held by pairwise symmetric key to encrypt/decrypt. Concrete example is as follows.
Equations (20) and (21) achieve the secure transfer of information between and . However, compared to the asymmetric keys, symmetric keys are easy to crack [18, 19]. Thus during the transaction phase, the symmetric key between the user and the service provider is continuously updated, which can also prevent the Man-in-the-Middle attack.
4.2.4. User Confirmation Mechanism
In fact, the operation of a whole system is not isolated, and the attack also exists. In order to improve the system security and protect the lawful rights and interests of customers, the proposed scheme particularly introduces this mechanism. First of all, symmetric key is generated between and in the withdrawing phase. In the depositing phase, obtains , , , and and computes (25).
After receiving from , can decrypt it and generate a feedback (agree on or reject the transaction). Finally, according to the user’s feedback information, completes/terminates the depositing process.
This scheme is based on the self-verified mechanism, the application of ECC, key agreement mechanism, prepayment mechanism, and other technologies to guarantee security and high efficiency of this proposed scheme. The proposed scheme does not need certificate management, which avoids the burden of network node storage certificate in CBCS and the communication overhead due to transferring certificate at the same time. The use of the self-verified mechanism avoids the defects of key escrow of IDBCS and no longer requires KDC to maintain a set of large user authentication tables, which can greatly reduce the system burden. The proposed scheme also takes advantage of updated symmetric key and user confirmation mechanism to guarantee the security. In a word, this scheme possesses the advantages of the current trading system which ensures the real time and user anonymity and further improves efficiency and security of system.
Conflict of Interests
The authors declare that they have no conflict of interests regarding the publication of this paper.
This research is partially supported by the National Natural Science Foundation of China (no. 61101224) and Natural Science Foundation of Tianjin (no. 12jcqnjc00500) and supported by Program for New Century Excellent Talents in University (NCET-12-0400) and Postdoctoral Fund in China (2012M520574).
- P. Lin, H.-Y. Chen, Y. Fang, J.-Y. Jeng, and F.-S. Lu, “A secure mobile electronic payment architecture platform for wireless mobile networks,” IEEE Transactions on Wireless Communications, vol. 7, no. 7, pp. 2705–2713, 2008.
- J.-H. Yang and C.-C. Chang, “A low computational-cost electronic payment scheme for mobile commerce with large-scale mobile users,” Wireless Personal Communications, vol. 63, no. 1, pp. 83–99, 2012.
- Y.-J. Chen, W.-C. Hsieh, W. Chen, and Z.-Y. Meng, “An efficient and secure micro-payment protocol for mobile commerce,” in Proceedings of the 9th World Multi-Conference on Systemics, Cybernetics and Informatics (WMSCI '05), pp. 7–12, Orlando, Fla, USA, July 2005.
- D. He, Y. Chen, and J. Chen, “An id-based three-party authenticated key exchange protocol using elliptic curve cryptography for mobile-commerce environments,” Arabian Journal for Science and Engineering, vol. 38, no. 8, pp. 2055–2061, 2013.
- X. Zhu, X. Shang, C. Wang, and R. Zhang, “MOTP: an identity authentication scheme for M-commerce,” Chinese Journal of Electronics, vol. 22, no. 1, pp. 146–150, 2013.
- W.-J. Tsaur, “Several security schemes constructed using ECC-based self-certified public key cryptosystems,” Applied Mathematics and Computation, vol. 168, no. 1, pp. 447–464, 2005.
- Y.-P. Liao and C.-M. Hsiao, “A novel multi-server remote user authentication scheme using self-certified public keys for mobile clients,” Future Generation Computer Systems, vol. 29, no. 3, pp. 886–900, 2013.
- J.-H. Yang, Y.-F. Chang, and Y.-H. Chen, “An efficient authenticated encryption scheme based on ECC and its application for electronic payment,” Information Technology and Control, vol. 42, no. 4, pp. 315–324, 2013.
- A. Zakerolhosseini and M. Nikooghadam, “Secure transmission of mobile agent in dynamic distributed environments,” Wireless Personal Communications, vol. 70, no. 2, pp. 641–656, 2013.
- Z. Li, Y. Zhuang, B. Zhang, and C. Zhang, “Novel frequency hopping sequences generator based on AES algorithm,” Transactions of Tianjin University, vol. 16, no. 1, pp. 22–27, 2010.
- C.-H. Chou, K.-Y. Tsai, T.-C. Wu, and K.-H. Yeh, “Efficient and secure three-party authenticated key exchange protocol for mobile environments,” Journal of Zhejiang University: Science C, vol. 14, no. 5, pp. 347–355, 2013.
- S. Chatterjee, A. K. Das, and J. K. Sing, “An enhanced access control scheme in wireless sensor networks,” Ad-Hoc and Sensor Wireless Networks, vol. 21, no. 1-2, pp. 121–149, 2014.
- J. Wei, W. Liu, and X. Hu, “Cryptanalysis and improvement of a robust smart card authentication scheme for multi-server architecture,” Wireless Personal Communications, vol. 77, no. 3, pp. 2255–2269, 2014.
- F. Wen, D. Guo, and X. Li, “Cryptanalysis of a new dynamic ID-based user authentication scheme to resist smart-card-theft attack,” Applied Mathematics and Information Sciences, vol. 8, no. 4, pp. 1855–1858, 2014.
- S. U. Rehman, K. W. Sowerby, and C. Coghill, “Analysis of impersonation attacks on systems using RF fingerprinting and low-end receivers,” Journal of Computer and System Sciences, vol. 80, no. 3, pp. 591–601, 2014.
- Y. Choi, D. Lee, J. Kim et al., “Security enhanced user authentication protocol for wireless sensor networks using elliptic curves cryptography,” Sensors, vol. 14, no. 6, pp. 10081–10106, 2014.
- W.-B. Hsieh and J.-S. Leu, “Anonymous authentication protocol based on elliptic curve Diffie-Hellman for wireless access networks,” Wireless Communications and Mobile Computing, vol. 14, no. 10, pp. 995–1006, 2014.
- W.-J. Liu, C. Liu, H.-B. Wang, J.-F. Liu, F. Wang, and X.-M. Yuan, “Secure quantum private comparison of equality based on asymmetric W state,” International Journal of Theoretical Physics, vol. 53, no. 6, pp. 1804–1813, 2014.
- C.-Y. Lin and T. Hwang, “CNOT extraction attack on ‘quantum asymmetric cryptography with symmetric keys’,” Science China: Physics, Mechanics and Astronomy, vol. 57, no. 5, pp. 1001–1003, 2014.
Copyright © 2014 Jiachen Yang et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.