Verifying the purchase request in SET protocol

Authors:
Qingfeng Chen;Chengqi Zhang;Shichao Zhang;Chunsheng Li
Affiliations:
Faculty of Information Technology, University of Technology, Sydney, Australia;Faculty of Information Technology, University of Technology, Sydney, Australia;Faculty of Information Technology, University of Technology, Sydney, Australia;Faculty of Information Technology, University of Technology, Sydney, Australia
Venue:
APWeb'03 Proceedings of the 5th Asia-Pacific web conference on Web technologies and applications
Year:
2003

Citing 6
Cited 0

A logic of authentication

ACM Transactions on Computer Systems (TOCS)
Timestamps in key distribution protocols

Communications of the ACM
Using encryption for authentication in large networks of computers

Communications of the ACM
A Formal Specification of Requirements for Payment Transactions in the SET Protocol

FC '98 Proceedings of the Second International Conference on Financial Cryptography
ENDL: A Logical Framework for Verifying Secure Transaction Protocols

Knowledge and Information Systems
Security protocols over open networks and distributed systems: formal methods for their analysis, design, and verification

Computer Communications

Quantified Score

Hi-index	0.00

Visualization

Abstract

The Secure Electronic Transaction (SET) protocol has been jointly developed by Visa and Master Card toward achieving secure online-transactions. This paper presents formal verification of the Purchase Request phase of SET, by using ENDL (extension of nonmonotonic logic). The analysis unveils some potential flaws. To overcome these vulnerabilities, some feasible countermeasures are proposed accordingly during the validation. Also, the modelling of Purchase Request is described to implement the mechanically model checking instead of manual verification.