计算机工程与应用
計算機工程與應用
계산궤공정여응용
COMPUTER ENGINEERING AND APPLICATIONS
2013年
16期
82-85,96
,共5页
移动商务%支付协议%伪随机数%BAN逻辑
移動商務%支付協議%偽隨機數%BAN邏輯
이동상무%지부협의%위수궤수%BAN라집
mobile commerce%payment protocol%pseudo-random number%BAN logic
针对现有移动支付中客户端有限的功耗、处理能力及安全性等问题,提出了一种安全高效的在线移动支付协议。该协议采用客户与银行共享的离线伪随机数作为密钥进行高效认证,能实现高效身份认证及会话密钥协商。客户与商家交易过程中采用共享密钥加密敏感信息,能有效减轻客户端计算开销及实现非否认性。经过效率分析比较及BAN逻辑证明,该协议能以较低的计算及通信量获得较高的安全性,非常适合在移动终端上实现。
針對現有移動支付中客戶耑有限的功耗、處理能力及安全性等問題,提齣瞭一種安全高效的在線移動支付協議。該協議採用客戶與銀行共享的離線偽隨機數作為密鑰進行高效認證,能實現高效身份認證及會話密鑰協商。客戶與商傢交易過程中採用共享密鑰加密敏感信息,能有效減輕客戶耑計算開銷及實現非否認性。經過效率分析比較及BAN邏輯證明,該協議能以較低的計算及通信量穫得較高的安全性,非常適閤在移動終耑上實現。
침대현유이동지부중객호단유한적공모、처리능력급안전성등문제,제출료일충안전고효적재선이동지부협의。해협의채용객호여은행공향적리선위수궤수작위밀약진행고효인증,능실현고효신빈인증급회화밀약협상。객호여상가교역과정중채용공향밀약가밀민감신식,능유효감경객호단계산개소급실현비부인성。경과효솔분석비교급BAN라집증명,해협의능이교저적계산급통신량획득교고적안전성,비상괄합재이동종단상실현。
In the mobile payment protocols, the client works on wireless devices possibly with limited computation capacities, power and security challenges. In order to satisfy the above properties, a new secure efficient mobile payment protocol is pro-posed. In this protocol, client and bank can be mutual efficient authenticated and the session key is established due to the shared offline pseudo-random number. The transaction between merchant and client can be processed quickly with the shared key which is the proof of non-repudiation. On the analysis of BAN logic and efficiency, the proposed protocol minimizes the comput-ing and communication requirement of the client that makes it especially suited for mobile devices.
