SecureClick: A Web Payment System with Disposable Credit Card Numbers
FC '01 Proceedings of the 5th International Conference on Financial Cryptography
Off-Line Generation of Limited-Use Credit Card Numbers
FC '01 Proceedings of the 5th International Conference on Financial Cryptography
Blinding of Credit Card Numbers in the SET Protocol
FC '99 Proceedings of the Third International Conference on Financial Cryptography
A Security-Enhanced One-Time Payment Scheme for Credit Card
RIDE '04 Proceedings of the 14th International Workshop on Research Issues on Data Engineering: Web Services for E-Commerce and E-Government Applications (RIDE'04)
Accountability in centralized payment environments
ISCIT'09 Proceedings of the 9th international conference on Communications and information technologies
| Hi-index | 0.00 |
Traditionally, the security of symmetric-key based systems heavily relies on the security of shared keys. In this paper, we present a new session key generation technique for internet transactions that eliminates the need of storing long-term shared key which makes the system insecure against key compromise during transactions. The generation of each set of session keys is based on randomly chosen preference keys. The higher number the transactions have been performed, the less chance the system is being compromised. We show that the proposed technique is secure against various kinds of attacks. Finally, the proposed technique can be applied to any kind of internet applications that deploy shared secrets. We demonstrate the practical usefulness of our technique by applying it to credit-card payment systems. The results show that our technique enhance their security considerably.