How to construct random functions
Journal of the ACM (JACM)
Random oracles are practical: a paradigm for designing efficient protocols
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
On the existence of statistically hiding bit commitment schemes and fail-stop signatures
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Bit Commitment Using Pseudo-Randomness
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
Practical and Provably-Secure Commitment Schemes from Collision-Free Hashing
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
Keying Hash Functions for Message Authentication
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
Pseudorandom functions revisited: the cascade construction and its concrete security
FOCS '96 Proceedings of the 37th Annual Symposium on Foundations of Computer Science
iKP: a family of secure electronic payment protocols
WOEC'95 Proceedings of the 1st conference on USENIX Workshop on Electronic Commerce - Volume 1
An Anonymous Credit Card System
TrustBus '09 Proceedings of the 6th International Conference on Trust, Privacy and Security in Digital Business
A limited-used key generation scheme for internet transactions
WISA'04 Proceedings of the 5th international conference on Information Security Applications
Double-spending fast payments in bitcoin
Proceedings of the 2012 ACM conference on Computer and communications security
Hi-index | 0.00 |
We present and analyze the cryptographic techniques used in the SET protocol to implement the blinding of credit card numbers in SET certificates. This blinding is essential to protect credit card numbers from eavesdroppers in the network, and even from some merchants, as required by SET. Without these measures, bulk credit card information could be easily collected thus significantly increasing the risk and amount of credit card fraud. We first present the security requirements from this blinding operation, which include aspects of secrecy and fraud protection, then show a solution to the problem (implemented in SET) and analyze its security based on well-defined cryptographic assumptions. Interestingly, we show that the requirements for blinding in SET are equivalent to the requirements of non-interactive commitment schemes in cryptography. Thus, our solution for SET represents an efficient implementation of a commitment function and as such may be suitable for use in other practical contexts as well.