Efficient Certificate Path Validation and Its Application in Mobile Payment Protocols

Martínez-Peláez, Rafael; Satizábal, Cristina; Rico-Novella, Francisco; Forné, Jordi

doi:10.1109/ares.2008.101

Cited by 9 publications

(4 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…The cryptographic operations computed during the WTLS protocol are not considered in this evaluation. We suggest to readers review related works [36,41,[44][45][46][47][48]. Table 3 shows the number and size of messages exchanged by each participant during the different phases.…”

Section: Performance Evaluationmentioning

confidence: 99%

See 1 more Smart Citation

P2PM-pay: Person to Person Mobile Payment Scheme Controlled by Expiration Date

Martínez-Peláez

Toral-Cruz

Ruiz

et al. 2015

Wireless Pers Commun

View full text Add to dashboard Cite

In this paper, we propose P2PM-pay scheme which provides two key points. The first key point is related with the mobile cash. In P2PM-pay scheme, the mobile cash is controlled by the expiration date. The expiration date is embedded into the mobile cash by partial blind signature during the withdrawal date, and the bank does not hold information about the operation. Moreover, we have considered the effective date and deposit date for administrative purposes. The effective date is when customers use their mobile cash to pay for products, and the deposit date is when merchants receive the funds in their bank account. The other key point is related with the authentication process among participants. Although P2PM-pay uses WTLS protocol, we propose a wireless public key infrastructure with an efficient certificate path validation. Furthermore, the design of the proposed scheme achieves successfully the security requirements described in previous works. Consequently, P2PM-pay is secure against well-known attacks and efficient in terms of processing time.

show abstract

Section: Performance Evaluationmentioning

confidence: 99%

“…Based on previous research [36,41,42], we design a WPKI in where the mobile devices require low computational power to perform the mutual-authentication process using WTLS. Figure 1 describes the structure of the WPKI.…”

Section: Wireless Public Key Infrastructure (Wpki)mentioning

confidence: 99%

P2PM-pay: Person to Person Mobile Payment Scheme Controlled by Expiration Date

Martínez-Peláez

Toral-Cruz

Ruiz

et al. 2015

Wireless Pers Commun

View full text Add to dashboard Cite

show abstract

“…The amount of protection data is proportional to the length of a certification path [Martinez-Pel et al 2008]. In that sense, Nested Certificates [Levi et al 2004] address Problem 2 by reducing certification paths.…”

Section: Related Workmentioning

confidence: 99%

Cleaning up the PKI for Long-Term Signatures

Vigil¹,

Custódio²

2012

Anais Do XII Simpósio Brasileiro De Segurança Da Informação E De Sistemas Computacionais (SBSeg 2012)

View full text Add to dashboard Cite

In this paper we present a new approach for the conventional X.509 Public Key Infrastructures (PKI). Our goal is to reduce the effort to handle signatures in the long term. The novelty is that a Root CA reissues subordinate certificates of final users, but adjusting validity periods to exclude the periods after a revocation. The Root CA also authenticates timestamps. The result is the cleaned PKI, which is simpler than the conventional PKI because: a) there is no revocation; b) there is no intermediary Certification Authority; c) signatures are trustworthy as long as the used cryptographic algorithms remain secure. As benefits, we reduce the need of timestamps and consequently the demand for storage space and processing time to use signed documents.

show abstract

“…Em resumo, é evidente que a validac ¸ão do caminho de certificac ¸ão é um procedimento complexo cujo esforc ¸o computacional envolvido é intensificado pela presenc ¸a de esquemas de revogac ¸ão, além de ser proporcional ao comprimento do caminho de certificac ¸ão [Martinez-Peláez et al 2008]. Conclui-se, então, que o caminho de certificac ¸ão ideal deveria ser livre de revogac ¸ão de certificados e o mais curto possível -por exemplo, uma ICP hierárquica em que a AC Raiz emite certificados para usuários finais.…”

Section: Validac ¸ãO De Assinaturaunclassified

Infra-estrutura de Chaves Públicas Otimizada: Uma ICP de Suporte a Assinaturas Eficientes para Documentos Eletrônicos

Vigil

Silva

Moraes

et al. 2009

Anais Do IX Simpósio Brasileiro De Segurança Da Informação E De Sistemas Computacionais (SBSeg 2009)

View full text Add to dashboard Cite

Neste trabalho estendem-se as idéias sobre a Infra-estrutura de Chaves Públicas Otimizada (ICPO) e os Certificados Otimizados (CO) em vários aspectos: (1) propõe-se a entidade Crypto Time, responsável pela publicação das provas Novomodo, reduzindo assim o custo operacional da AC Raiz da ICPO, (2) apresenta-se uma modificação para a semântica da validade do CO, (3) aborda-se uma solução de Carimbo do Tempo Relativo, (4) descreve-se a confiança dos usuários na Autoridade Certificadora de Certificados Otimizados e (5) mostra-se, através de um novo comparativo de custos, por que o CO é uma atraente alternativa para arquivamento a longo prazo.

show abstract

Efficient Certificate Path Validation and Its Application in Mobile Payment Protocols

Cited by 9 publications

References 12 publications

P2PM-pay: Person to Person Mobile Payment Scheme Controlled by Expiration Date

P2PM-pay: Person to Person Mobile Payment Scheme Controlled by Expiration Date

Cleaning up the PKI for Long-Term Signatures

Infra-estrutura de Chaves Públicas Otimizada: Uma ICP de Suporte a Assinaturas Eficientes para Documentos Eletrônicos

Contact Info

Product

Resources

About