Cryptography Reference
In-Depth Information
Purchase Request and Response
Background Assumptions : Alice is assumed to have already shopped
online, chosen her goods or services, and placed an order with Bob. Bob is
assumed to have sent a completed order to Alice. This is all done outside the
purview of SET. It accounts for the order reference mentioned in mechanism 1
of background assumptions in the SET dual signature scheme described above.
The CA, in what follows, is assumed to be trusted to issue X.509V3 certifi-
cates to all participants. We assume a secure PKI is in place (typically with
interdomain cross-certification; see Section 6.2).
Protocol Messages
1. Initiate Request Message : In this message, Alice includes a request for
certificates, and information provided in this request are: (1) the type of
credit card; (2) Alice's ID; (3) a nonce, used as a form of timestamp.
2. Initiate Response Message : Bobresponds with: (1) Alice's nonce that
she sent to him; (2) another nonce for her to return in the next message;
(3) a transaction ID for this particular purchase, denoted by TID; (4)
Bob's signature certificate; (5) Trent's key exchange certificate.
Then Bobsigns the aove response with his private signature key and
sends it to Alice.
3. Purchase Request Message : Alice verifies both Bob and Trent's cer-
tificates via their respective CA signatures. Then she creates the OI and
the PI, and to both of these she a7xes the TID. For the sole purpose
of sending the purchase request information, Alice generates a one-time
symmetric encryption key k A . The block of data that Alice forwards to
Bobso that he can pass it on to Trent consists of the following:
(1) The PI.
(2) The dual signature calculated over the OI and the PI as defined in
step 4 of the dual signature protocol steps on page 244.
(3) The OIMD as defined in step 1 of the dual signature protocol steps
on page 244. This is needed by Trent to verify the dual signature, as
we will describe in detail below.
All of the items in (1)-(3) are encrypted with k A to form the Trent-
encrypted part of the message, denoted by TE . Then, the following
is added:
(4) The digital-envelope , which is formed by encrypting k A with Trent's
public key-exchange key, e T . (The term “digital-envelope” is used
here in a different sense than that given on page 163, where we talked
about hybrid cryptosystems. Here we have an “envelope” digitally
locked by Trent's key, which must be unlocked, or decrypted, before
any data in the envelope can be viewed.) k A is not made available
to Bob, who therefore cannot read any of this part of the message.
He merely passes it to Trent.
Search WWH ::




Custom Search