Design of smart card enabled protocols for micro-payment and rapid application development builder for e-commerce.

by Tsang Hin Chung.Thesis (M.Phil.)--Chinese University of Hong Kong, 2001.Includes bibliographical references (leaves 118-124).Abstracts in English and Chinese.Chapter 1 --- Introduction --- p.1Chapter 1.1 --- Authentication and Transaction Protocol --- p.2Chapter 1.2 --- E-Commerce Enabler --- p.3Chapter 2 --- Literature Review --- p.4Chapter 2.1 --- Cryptographic Preliminaries --- p.4Chapter 2.1.1 --- One-Way Hash Function --- p.4Chapter 2.1.2 --- Triple DES --- p.5Chapter 2.1.3 --- RSA --- p.7Chapter 2.1.4 --- Elliptic Curve --- p.8Chapter 2.2 --- Smart Cards --- p.8Chapter 2.2.1 --- Smart Card Operating Systems --- p.11Chapter 2.2.2 --- Java Card --- p.12Chapter 2.3 --- Authentication Protocol --- p.14Chapter 2.3.1 --- Properties --- p.15Chapter 2.3.2 --- Survey --- p.16Chapter 2.4 --- Transaction Protocol --- p.19Chapter 2.5 --- BAN Logic --- p.20Chapter 2.5.1 --- Notation --- p.20Chapter 2.5.2 --- Logical Postulates --- p.22Chapter 2.5.3 --- Protocol Analysis --- p.25Chapter 3 --- Authentication Protocol --- p.26Chapter 3.1 --- Formulation of Problem --- p.26Chapter 3.2 --- The New Idea --- p.27Chapter 3.3 --- Assumptions --- p.29Chapter 3.4 --- Trust Model --- p.29Chapter 3.5 --- Protocol --- p.30Chapter 3.5.1 --- Registration --- p.30Chapter 3.5.2 --- Local Authentication --- p.31Chapter 3.5.3 --- Remote Authentication --- p.33Chapter 3.5.4 --- Silent Key Distribution Scheme --- p.35Chapter 3.5.5 --- Advantages --- p.37Chapter 3.6 --- BAN Logic Analysis --- p.38Chapter 3.7 --- Experimental Evaluation --- p.43Chapter 3.7.1 --- Configuration --- p.44Chapter 3.7.2 --- Performance Analysis --- p.45Chapter 4 --- Transaction Protocol --- p.51Chapter 4.1 --- Assumptions --- p.52Chapter 4.2 --- Protocol --- p.55Chapter 4.3 --- Conflict Resolution Policy --- p.58Chapter 4.4 --- Justifications --- p.58Chapter 4.5 --- Experimental Evaluation --- p.59Chapter 4.5.1 --- Configuration --- p.59Chapter 4.5.2 --- Performance Analysis --- p.60Chapter 5 --- E-Commerce Builder --- p.65Chapter 5.1 --- Overview --- p.66Chapter 5.2 --- Design of Smart RAD --- p.68Chapter 5.2.1 --- Mechanism --- p.68Chapter 5.2.2 --- Java Card Layer --- p.69Chapter 5.2.3 --- Host Layer --- p.71Chapter 5.2.4 --- Server Layer --- p.72Chapter 5.3 --- Implementation --- p.73Chapter 5.3.1 --- Implementation Reflection --- p.73Chapter 5.3.2 --- Implementation Issues --- p.76Chapter 5.4 --- Evaluation --- p.77Chapter 5.5 --- An Application Example: Multi-MAX --- p.79Chapter 5.5.1 --- System Model --- p.79Chapter 5.5.2 --- Design Issues --- p.80Chapter 5.5.3 --- Implementation Issues --- p.80Chapter 5.5.4 --- Evaluation --- p.84Chapter 5.6 --- Future Work --- p.89Chapter 6 --- Conclusion --- p.91Chapter A --- Detail Experimental Result --- p.93Chapter A.1 --- Authentication Time Measurement --- p.94Chapter A.2 --- On-Card and Off-Card Computation Time in Authentication --- p.95Chapter A.3 --- Authentication Time with Different Servers --- p.96Chapter A.4 --- Transaction Time Measurement --- p.97Chapter A.5 --- On-card and Off-card Computation Time in Transaction --- p.97Chapter B --- UML Diagram --- p.99Chapter B.1 --- Package cuhk.cse.demo.applet --- p.99Chapter B.2 --- Package cuhk.cse.demo.client --- p.105Chapter B.3 --- Package server --- p.110Chapter C --- Glossary and Abbreviation --- p.115Bibliography --- p.11

Using Smartcards to Secure a Personalized Gambling Device

We introduce a technique for using an untrusted device, such as a hand-held personal digital assistant or a laptop to perform real financial transactions without a network. We utilize the tamper-resistant nature of smartcards to store value on them and perform probabilistic computations based on user input. We discuss an application of this to gambling. The technique has the properties that the user is guaranteed to make money when he wins and the house is guaranteed to make money when the user loses. 1 Introduction We are currently experiencing a proliferation of lightweight handheld devices, such as the 3Com palm pilot, windows CE devices, and even laptops that weigh under three pounds. Many of these devices are so portable that people have them in their pockets and use them at all times. Our goal is to enable people to utilize these devices during otherwise dead time perhaps at the doctor's office, or in line at the supermarket. We are interested in utilizing the time when the us..