Hirotsugu, K.; Mamoru, K.; Tetsuya, M.; Kazuhiro, S.; , "An Electronic Money System as Substitute for Banknotes," Applications and the Internet (SAINT), 2010 10th IEEE/IPSJ International Symposium on , vol., no., pp.316-319, 19-23 July 2010
doi: 10.1109/SAINT.2010.41
Abstract: Electronic cash is the most fundamental element in electronic commerce. The finance administration authorities must consider controlling the flow of electronic money differently from the flow of conventional cash. The central bank coordinates the quantity of currency to be printed and coordinates money supply so that inflation does not occur. The money has three functions: information to show its value, evidence to show it is validly issued, and a symbol to show who can use it. The symbolic function is important to prevent duplicate reuse of money. We have been studying an electronic cash system using distributed database of a central bank to develop a new settlement method. In this system, the central bank issues money, and its value is not stored in users hardware such as IC cards. Money and a user are linked by public key cryptography that implements the symbolic function. In this paper, we discuss the conditions for making electronic money a substitute for banknotes. Then we propose an electronic money system with discrete logarithms. In this system, the transactions are less traceable than those in our previous study.
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=5598054&isnumber=5598016


Harb, H.; Farahat, H.; Ezz, M.; , "SecureSMSPay: Secure SMS Mobile Payment model," Anti-counterfeiting, Security and Identification, 2008. ASID 2008. 2nd International Conference on , vol., no., pp.11-17, 20-23 Aug. 2008
doi: 10.1109/IWASID.2008.4688346
Abstract: In this paper, we introduce a secure mobile payment model suitable for macro transactions that compromise cost, simplicity, security, and performance of transaction, with minimum number of cryptography key usages, and less encryption/decryption operations compared to other models. This model can use symmetric and asymmetric cryptography without the need of trusted 3rd parties or even PKI complexity. It is based on SMS as a transport channel which provides the capability to send transactions to payer not to payee; as usually done in most current payment transaction models. The payer receives a secured SMS message (invoice) waiting his/her confirmation (yes/no). Each entity in the payment system payer/payee trusts only his/her bank respectively, so the transaction will always go through trusted nodes. The payer/payee can also use any bank payment instrument (credit card, debit card, or even current account) without revealing confidential data during the payment. This model can be applied on any payment application e.g. e-check, money transfer, e-commerce, and even normal EFTPOS transactions with leverage infrastructure supporting the above mentioned payment applications.
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=4688346&isnumber=4688331


Hegde, C.; Manu, S.; Shenoy, P.D.; Venugopal, K.R.; Patnaik, L.M.; , "Secure Authentication using Image Processing and Visual Cryptography for Banking Applications," Advanced Computing and Communications, 2008. ADCOM 2008. 16th International Conference on , vol., no., pp.65-72, 14-17 Dec. 2008
doi: 10.1109/ADCOM.2008.4760429
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=4760429&isnumber=4760394

Wuping Chen; Bo Qin; Qianhong Wu; Lei Zhang; Huanguo Zhang; , "ID-Based Partially Blind Signatures: A Scalable Solution to Multi-Bank E-Cash," 2009 International Conference on Signal Processing Systems , vol., no., pp.433-437, 15-17 May 2009
doi: 10.1109/ICSPS.2009.121
Abstract: In this paper, we propose a practical ID-based (partially)blind signature scheme. Our scheme combines the already existing notions of blind signatures and identity-based cryptography.The signatures are shown secure in the random oracle model. We show how to use our ID-based PBSs to construct an electronic cash (e-cash) system in which multiple banks can securely distribute untraceable e-cash.
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=5166824&isnumber=5166728

Lizhen Ma; Jingliang Zhang; Shichong Tan; Yumin Wang; , "Dynamic Fair Electronic Cash System without Trustees," Data, Privacy, and E-Commerce, 2007. ISDPE 2007. The First International Symposium on , vol., no., pp.418-420, 1-3 Nov. 2007
doi: 10.1109/ISDPE.2007.54
Abstract: A new fair electronic cash system is proposed based on group blind signature and secret sharing scheme. The proposed system is dynamic: we give the blind Bresson's membership revocation method and apply it to deleting the dishonest banks that maybe attack the system. The proposed scheme does not need a trusted third party to trace users: a shop owning suspicious e- coin and the bank having issued the coin can collaborate to find the user using secret sharing scheme. A novel e-coin tracing method is used to prevent criminal activities and our scheme is constructed for multiple banks as in the real life, thus it is more practical.
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=4402723&isnumber=4402617

Xuanwu Zhou; , "Threshold Cryptosystem Based Fair Off-Line E-cash," Intelligent Information Technology Application, 2008. IITA '08. Second International Symposium on , vol.3, no., pp.692-696, 20-22 Dec. 2008
doi: 10.1109/IITA.2008.87
Abstract: The paper analyzed the security threats and system flaws of present e-cash schemes. Combining (t,n) threshold cryptography and e-cash, we present a threshold fair off-line e-cash scheme based on ECC ( Elliptic Curve Cryptosystem) . The scheme can trace the user identity and e-cash by embedding identity mark in e-cash generating and exchanging, and thus effectively prevents such illegal usage of e-cash as bribery and blackmailing, etc. By utilizing secret key sharing and probabilistic encryption algorithm, the scheme achieves threshold management of private key, avoids the misuse of identity tracing and currency tracing in fair e-cash scheme. The scheme achieves effective supervision on identity and e-cash tracing for fair electronic commerce, it also prevents coalition attack, intruder-in-middle attack and generalized e-cash forgery. Further analyses and comparison with other e-cash schemes also justify the scheme's brevity, security, high efficiency, and thus considerable improvement on system efficiency regarding software and hardware application.
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=4740086&isnumber=4739938

Shakerian, R.; MohammadPour, T.; Kamali, S.H.; Hedayati, M.; , "An identity based public key cryptography blind signature scheme from bilinear pairings," Computer Science and Information Technology (ICCSIT), 2010 3rd IEEE International Conference on , vol.7, no., pp.28-32, 9-11 July 2010
doi: 10.1109/ICCSIT.2010.5563627
Abstract: Blind signatures, introduced by Chaum, allow a user to obtain a signature on a message without revealing any thing about the message to the signer. Blind signatures play an important role in plenty of applications such as e-voting, e-cash system where anonymity is of great concern. Identity based(ID-based) public key cryptography can be a good alternative for certificate based public key setting, especially when efficient key management and moderate security are required. In this paper, we propose an ID-based blind signature scheme from bilinear pairings. The proposed scheme is based on the Hess ID- based digital signature scheme. Also we analyze security and efficiency of the proposed scheme.
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=5563627&isnumber=5563529

Liu Wen-yuan; Luo Yong-an; Si Ya-li; Wang Bao-wen; Li Feng; , "An Off-Line Divisible E-Cash Scheme Based on Smart Card," Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing, 2007. SNPD 2007. Eighth ACIS International Conference on , vol.1, no., pp.799-804, July 30 2007-Aug. 1 2007
doi: 10.1109/SNPD.2007.424
Abstract: The unlinkable (N, K) payment is an important divisible solution, but the double-spending problem of the off-line schemes using this method will cause a great loss to the bank. In order to enhance the security of divisible e-cash systems, this paper presents an offline divisible e-cash scheme based on smart card using the elliptic curve cryptography, and describes the protocols in detail. The scheme solves double-spending effectively with two protective mechanisms: the prior restraint of smart card and the check of bank. Furthermore, security and efficiency of the scheme are analyzed.
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=4287612&isnumber=4287453

Li Chen; Xiaoxue Li; , "Verification method of security protocols and its application," Intelligent Computing and Intelligent Systems (ICIS), 2010 IEEE International Conference on , vol.2, no., pp.483-487, 29-31 Oct. 2010
doi: 10.1109/ICICISYS.2010.5658265
Abstract: The paper researches the typical logic verification methods of security protocols and points out their limitations. Most of them are lack of formal semantics and analysis ability to hybrid cryptography-based primitives. In response on the above-mentioned problems, the paper proposes a new logic verification method, which can analyze most of the known security properties of the e-commerce protocols, such as authentication, secrecy of key, non-repudiation, accountability, fairness and atomicity. The validation of the new logic is verified by analyzing the anonymous e-cash payment protocol and certificated E-mail delivery protocol. The analysis results reveal that the two protocols cannot satisfy the intended security goals.
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=5658265&isnumber=5658255


Sarker, K.M.; Jahan, I.; Rahman, M.Z.; , "Secure e-cash model using Java based smartcard," Computers and Information Technology, 2009. ICCIT '09. 12th International Conference on , vol., no., pp.626-631, 21-23 Dec. 2009
doi: 10.1109/ICCIT.2009.5407312
Abstract: Association of a true observer guaranties electronic cash not to be double-spent by any means. Java card is a smartcard which represents one of the smallest computing platforms. A major challenge influencing the design and implementation of e-cash observer in Java card is the limited availability of computing resources in it. In this paper, we show a new methodology of blending and associating high-level CORBA based bank server, user wallets and resource-constrained Java based observer. We choose a realistic e-cash scheme and show its successful implementation. We also analyze performance of Java card with various lengths of secret keys used for generating electronic coins.
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=5407312&isnumber=5407064

Bin Lian; Gongliang Chen; Jianhua Li; , "A provably secure and practical fair E-cash scheme," Information Theory and Information Security (ICITIS), 2010 IEEE International Conference on , vol., no., pp.251-255, 17-19 Dec. 2010
doi: 10.1109/ICITIS.2010.5689448
Abstract: By analyzing some current fair E-cash schemes, we find they are not always “fair” or “practical”. So we present a new scheme based on group signature with the problems solved. In our improved E-cash system, bank performs “double-spending owner tracing” and trusted authority performs “unconditional owner tracing” and “unconditional coin tracing” when necessary. Then we provide security proofs of our scheme under standard assumptions.
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=5689448&isnumber=5688739

Narendiran, C.; Albert Rabara, S.; Rajendran, N.; , "Public key infrastructure for mobile banking security," Global Mobile Congress 2009 , vol., no., pp.1-6, 12-14 Oct. 2009
doi: 10.1109/GMC.2009.5295898
Abstract: The advantage of mobile penetration enables mobile operators to provide value added service such as mobile banking, GPRS based interactive application and enhanced security in the internet bsanking etc. This however, requires robust End-to-End security solutions. Mobile banking is attractive because it is a convenient approach to perform banking from any where any time, but there are security concerns in the implementation which include problems with GSM network, SMS, GPRS protocols and security problems. In this paper an end-to-end security framework using PKI for mobile banking is proposed. Performance of the proposed model is presented in this paper.
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=5295898&isnumber=5295815

Hiltgen, A.; Kramp, T.; Weigold, T.; , "Secure Internet banking authentication," Security & Privacy, IEEE , vol.4, no.2, pp.21-29, March-April 2006
doi: 10.1109/MSP.2006.50
Abstract: This article classifies common Internet banking authentication methods regarding potential threats and their level of security against common credential stealing and channel breaking attacks, respectively. The authors present two challenge/response Internet banking authentication solutions, one based on short-time passwords and one certificate-based, and relate them to the taxonomy above. There further outline how these solutions can be easily extended for nonrepudiation (that is, transaction signing), should more sophisticated content manipulation attacks become a real problem. Finally, they summarize their view on future requirements for secure Internet banking authentication and conclude by referencing real-live implementations
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=1621056&isnumber=33953

Xing Fang; Zhan, J.; , "Online Banking Authentication Using Mobile Phones," Future Information Technology (FutureTech), 2010 5th International Conference on , vol., no., pp.1-5, 21-23 May 2010
doi: 10.1109/FUTURETECH.2010.5482634
Abstract: Online banking authentication plays an important role in the field of online banking security. In past years, a number of methods, including password token, short message password, and USB token, have been developed for online banking authentication. In this paper, we introduce a new authentication protocol for online banking. Our approach enhances performance and robustness against various attacks by using mobile phones to store digital certificate for clients. We provide attack analysis to illustrate the strength of the protocol.
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=5482634&isnumber=5482630