|
|
Please login using the form on menu list.
It is required to login for Full-Text PDF.
|
Solutions to Security Problems of Rivest and Shamir's PayWord Scheme
Norio ADACHI
Satoshi AOKI
Yuichi KOMANO
Kazuo OHTA
Publication
IEICE TRANSACTIONS on Fundamentals of Electronics, Communications and Computer Sciences Vol.E88-A No.1 pp.195-202
Publication Date: 2005/01/01
Online ISSN:
Print ISSN: 0916-8508
Type of Manuscript: Special Section PAPER (Special Section on Cryptography and Information Security)
Category: Application
Keyword:
micropayment,
PayWord Scheme,
digital signature,
hash chain,
Full Text: PDF(241.3KB)
Summary:
The PayWord Scheme, invented by Rivest and Shamir, is an efficient micropayment scheme utilizing a hash function. We point out that the scheme has the following problem: a malicious customer can damage the bank by purchasing in excess of the customer's credit which the bank has guaranteed by issuing a certificate. Generally, there are two positions of the bank with regard to the certificate. Position 1: the bank takes full responsibility for the certificate and compensates all payments created by the customer's purchases; and Position 2: the bank does not redeem payments exceeding a limit set for the customer and shares the loss with the shop if trouble occurs. In the PayWord Scheme, the bank can reduce its risk by adopting Position 2 rather than Position 1. However, this paper points out that the bank can damage the shop in Position 2 by impersonating an imaginary customer and making the shop share the loss with the bank. We propose a micropayment scheme (countermeasure) that overcomes these problems.
|
|
