Cryptography Reference
In-Depth Information
Diagram 6.4 shows the balance of the purchase request/response protocol
with Bob's actions, after which Alice verifies and updates as described above.
Diagram 6.4 Bob's Purchase Verification/Response
✞
✝
✆
✄
✂
✁
✄
✂
✁
✄
✂
✁
✄
✂
✁
✄
✂
✁
OI
→
H
→
OIMD
→
(OIMD,PIMD)
→
H
→
POMD
✞
✝
✆
✞
✝
✆
Bob Compares
Purchase Response
←−−−−
✞
✝
✆
✄
✂
✁
✄
✂
✁
C
A
→
✄
✁
s
A
→
DS
→
POMD
✂
Authorization Request and Response
Background Assumptions
: Bob, during the processing of Alice's order,
must authorize the transaction with Trent via an authorization request, which
results in a guarantee that Bobwill be paid or the transaction is rejected. This
is included in Trent's authorization response.
Protocol Messages
1.
Authorization Request Message
: Bobforwards the message from Alice
contained in the
TE
and digital envelope as outlined in part 3 (Purchase
Request Message) of Protocol Messages on page 245 and as illustrated in
Diagram 6.3 on page 246.
The data generated by Bob, which is sent with the above, includes the
following items:
(i) TID signed with Bob's private signature key and encrypted with a
one-time symmetric key
k
B
, generated by Bob.
(ii)
k
B
is enciphered by Bob using
e
T
to create another digital envelope
BE
.
(iii) Alice's signature key certificate, needed to verify the dual signature.
(iv) Bob's signature key certificate, required to verify Bob's signature.
(v) Bob's key-exchange certificate, required for Trent's response.
2.
Authorization Response Message
: Trent, upon receipt of Bob's request,
executes the following:
(1) Verifies all certificates.
(2) Deciphers
BE
to obtain
k
B
, which he uses to decrypt the TID and
verify Bob's signature.
Search WWH ::
Custom Search