A MEP (Mobile Electronic Payment) and IntCA protocol design

Abstract

This paper proposes an MEP (Mobile Secure Electronic Payment) protocol, which uses ECC (Elliptic Curve Cryptosystem with F2m not Fp) [1, 2, 3], SHA (Secure Hash Algorithm) and BSB instead of RSA and DES. To improve the strength of encryption and the speed of processing under mobile environment, the public key and the private key of ECC are used for BSB [5, 6] algorithm, which generates session keys for the data encryption. In particular, when ECC is combined with BSB, the strength of security is improved significantly. As the process of the digital envelope used in the existing SET protocol is removed by the BSB algorithm in this paper, the processing time is substantially reduced. In particular, when authenticating each other, instead of using external CA, MEP uses IntCA (IntraCA), which is more suitable for mobile environment. In addition, the use of multiple signatures has some advantages of reducing the size of transmission data as an intermediate payment agent and avoiding the danger of eavesdropping of private keys. © Springer-Verlag Berlin Heidelberg 2005.