Cryptography Reference
In-Depth Information
(3) Decrypts
TE
to obtain
k
A
, which is used to verify the PI by compar-
ing the TID in it with the TID obtained in step (2) above.
(4) If the above are all valid, he sends an authorization response to Bob
(requested and received from actions of an issuer and acquirer).
Included in the message sent by Trent are:
(i) An authorization block signed with Trent's private key and en-
crypted with a one-time symmetric key
k
T
, generated by Trent.
(ii) A digital envelope
AE
, created by Trent via enciphering
k
T
with
e
B
, Bob's public key-exchange key.
(iii) Some information for later payment capture, namely a dig-
ital envelope called a capture token, denoted by
CT
, not to
be opened by Bob, rather returned with Bob's payment request
later.
(iv) Trent's signature key certificate.
Upon receipt, Bobdecrypts
AE
with
d
B
, his private key-exchange key to
get
k
T
which he uses to decrypt the authorization block. If the payment
is authorized, he can provide Alice with the goods and/or services.
In Diagram 6.5,
d
T
is Trent's private key-exchange key. All other acronyms
are as in the above protocol descriptions. We assume that Trent has verified all
certificates and signatures in the illustration as well.
Diagram 6.5 Trent's Authorization/Response
✄
✂
✞
✝
✆
✞
✝
✆
✁
✄
✂
✁
BE
→
d
T
→
k
B
→
TID
✞
✝
✆
✞
✝
✆
Authorization Response
Trent Compares
←−−−−
✄
✂
✁
✞
✝
✆
✞
✝
✆
✄
✂
✁
TE
→
d
T
→
k
A
→
TID
Diagram 6.6 Bob's Verification
☛
✟
✞
✝
✆
✄
✂
✁
✞
✝
✆
✞
✝
✆
Payment
Authorized
k
T
→
✄
✁
AE
→
d
B
→
e
T
→
→
Goods/Services Sent
✡
✠
✂
☛
✟
Payment
Declined
✄
✂
✁
→
Transaction Declined
✡
✠
Search WWH ::
Custom Search