01-08-2012, 01:26 PM
Basic Security of the ecash Payment System
Basic Security of the ecash Payment System.pdf (Size: 225.81 KB / Downloads: 92)
Introduction
Behind the scenes banks, credit-card companies, and other financial institutions
have been processing transactions electronically for several decades now. Two
important developments that will open up the field of electronic payment systems
are now taking place. First, the prospect of electronic commerce over the
Internet is creating a large demand for electronic payment methods for open
networks. Second, the introduction of nation-wide electronic purse schemes is
creating many more places and situations where smart cards can be used for
cost-effective off-line payments.
In this paper we will describe several aspects of the ecash system, mostly
security related, and discuss its place among other payment technologies. Ecash
finds its roots in the work by Chaum (see, e.g., [Cha83,Cha90]), who invented
the notion of electronic (or digital) coins as well as the basic protocols for electronic
cash. Electronic coins possess similar properties as metal coins, among
which is the unique feature that a payment transaction leaves no trace about
the identity of the payer. Currently, ecash technology (as provided by DigiCash,
see is used by a number of banks
around the globe. These banks issue ecash to their customers, who can then
spend it at affiliated merchants on the Internet.
Characteristics of Electronic Payment Systems
Although more and more consensus is building up as to which properties are required
of a payment system, we are not going to list and describe these properties
one by one in this paper. Instead, we take a bottom up approach, and describe
some of the basic characteristics of payment systems. From these characteristics
one can then infer the possibilities and impossibilities for the numerous variations,
and what their impact is on the performance and flexibility of the system.
Payment by instruction vs prepaid electronic cash In so-called payment
by instruction type of systems, a payer basically orders the bank to move a sum
of money from her account into a payee’s account. Examples in this category are
credit and debit cards as well as many forms of cheques. The moment at which
the money is actually moved from the payer’s account into the payee’s account
depends on the system, but at all times banks and credit card companies will
try to prevent discrepancies between accounts.
Money Flow
We briefly describe the money flow in the ecash system. Where appropriate we
will distinguish between the ecash bank (or issuer/acquirer) and the ecash mint.
The mint is the component of the ecash system where coins are created and where
the databases of spent coins are held. So-called ecash accounts form the interface
between the bank and the mint. In practice, several ways will be provided to
transfer money to and from an ecash account. For example, an ecash issuer may
provide a home-banking application that allows its customers to move money
between their bank accounts and their ecash accounts.
Ecash Coins
We will now have a closer look at the internal structure of ecash coins. For each
coinage (short for a “generation of coins”), the mint will randomly generate a
fresh RSA modulus N = pq, keeping the primes p, q secret by storing them in a
safe place. Preferably the mint’s private keys are only used within the boundaries
of tamper-resistant devices, while backups are kept between several entities using
secret-sharing techniques. In this way, it is prevented as much as possible that
private keys are compromised through attacks by insiders.