|
|
For Full-Text PDF, please login, if you are a member of IEICE,
or go to Pay Per View on menu list, if you are a nonmember of IEICE.
|
A Robust Security Mechanism for Mobile Commerce Transactions
Eun-Jun YOON Kee-Young YOO
Publication
IEICE TRANSACTIONS on Information and Systems
Vol.E93-D
No.11
pp.2898-2906
Publication Date: 2010/11/01
Online ISSN: 1745-1361
DOI: 10.1587/transinf.E93.D.2898
Print ISSN: 0916-8532
Type of Manuscript: Special Section PAPER (Special Section on Architectures, Protocols, and Applications for the Future Internet)
Category:
Keyword:
cryptography, security analysis, security protocol, mobile commerce, WAP, authentication,
Full Text: PDF>>
Summary:
In 2006, Yeh and Tsai proposed a mobile commerce security mechanism. However, in 2008, Yum et al. pointed out that Yeh-Tsai security mechanism is not secure against malicious WAP gateways and then proposed a simple countermeasure against the attack is to use a cryptographic hash function instead of the addition operation. Nevertheless, this paper shows that both Yeh-Tsai's and Yum et al.'s security mechanisms still do not provide perfect forward secrecy and are susceptible to an off-line guessing attack and Denning-Sacco attack. In addition, we propose a new security mechanism to overcome the weaknesses of the previous related security mechanisms.
|
|
