You are on page 1of 8

www.jntuworld.

com

www.jwjobs.net

CS0106

Electronic Payment System An Implementation through Cryptography


1.

Ms M.NIKITHA

2.

Ms. PRAGNYA

Abstract:
The modern world of computers and networking demands the use of an Electronic payment system instead of paper cash. The type of electronic payment system focused on this paper is digital cash. The digital cash system has several features like security, maintenance of security, portability, divisibility, wide acceptability etc. The main advantage of digital cash is that it is convenient to use and takes less time for transaction. The various key features, advantages and disadvantages of digital cash are discussed in this paper. The implementation of digital cash system can be done either offline or online. It can be done in a traceable or untraceable fashion. A traceable digital cash system is the one in which the path of transaction is known to the bank. Where as untraceable digital cash system is the one, which is like paper money that cant be traced by the bank. Categories of digital cash are also discussed here. The general modes of digital cash like online and offline with their pros and cons are disused here. The public key cryptography is the basic concept used in providing the security. This paper also discuses the way in which the digital cash can be made possible, and the protocols that are required for it.

Keywords: Elimination, barriers, substantial, laundering. Conclusion:


The elimination of physical cash from our economy is already feasible from a purely technological perspective. The economic barriers are also disappearing, though a substantial additional investment in equipment and cards would be needed to permit even purchases such soft drinks to be made..But transactional privacy will be at the heart of the government's attack on digital cash. Because its untraceable, the government concerns about money laundering, offshore banking and tax havens, and has been closely monitoring developments of digital cash. 1.III/IV, C.S.E nikita_chinnu@yahoo.co.in P.R.R.M Engg College 2.III/IV, C.S.E pragnya_Gemini@yahoo.co.in

www.jntuworld.com

www.jntuworld.com

www.jwjobs.net

Introduction
With the onset of the information age, the world is becoming a global village. This is possible by the use of network communications. Among the uses of this technology the ecommerce is the most important one. E-commerce is an application that performs financial transactions through electronic information exchanged over telephone lines. The important requirement of this e-commerce is security and efficient electronic payment system. What is Digital Cash? As the name implies, digital cash is an attempt to construct an electronic payment system modeled after our paper cash system. Paper cash has several features like portability, easily transferable, readily acceptable, untraceable and anonymous. The designers of digital cash focused on preserving the features of intractability and anonymity. To meet the needs of privacy and security, particularly over the internet, the concept of cryptography is used. Cryptography is defined as the science and study of secret writing that concerns the ways in which communication and data can be encoded to prevent disclosure of their contents through eavesdropping or message interception, using codes, ciphers and other methods. The message that we want to transfer is called plain text and encrypted text is called cipher text. The process of converting the plain text to cipher is called encryption. Where as cipher to plain text is called decryption. Both of the methods require a key to do so. Categorization of Digital Cash It is apparent that various authors have different specifications for e-cash. There are a number of categories in which these descriptions may be distinguished. Anonymous or Identified. Anonymous e-cash works just like real paper cash. Once anonymous e-cash is withdrawn from an account, it can be spent or given away without leaving a

1.

transaction trail. Identified e-cash contains the information revealing the identity of the person who withdrew money from bank. Online or Offline. Online means you need to interact with a bank (via modem or network) to conduct a transaction with a third party. Offline means you can conduct a transaction without having to directly involve a bank. Smart Cards or Purely Electronic. Smart cards are similar to credit cards, but store money-related information on a chip within the card. They may be used in digital cash applications. Again, there is ambivalence as to whether smart cards represent "true" digital cash. Critics claim smart cards encumber peer-to-peer transactions and are not purely electronic as the digital cash protocols related to networks and the internet.

2.

3.

Key Properties of a Digital Cash System The use of digital cash is not dependent on any physical location, and can be transferred between the physical world and virtual world of the Internet Smart card integration with computer networks have been proposed to offer this functionality. Real cash is limited by its physical form .Cash represented by streams of 0's and 1's can take advantage of its electronic nature, and permeate through networks and digital sale devices at light-speed, worldwide. Ideal properties There are ten key elements for a successful digital cash system. They are 1. It should be Secure. 2. It should be Anonymous.

www.jntuworld.com

www.jntuworld.com

www.jwjobs.net

3. 4. 5. 6. 7. 8. 9. 10.

It should be Portable. The Transaction should be two-way. The system is off-line capable. Wide acceptability. User-friendly. It should have unit-value-of freedom It should not expire for infinite period. It should be subdivided and should be used in smaller amounts.

There are a number of electronic cash protocols. To a degree, all digital cash schemes operate in the following manner: A user installs a "cyber wallet" onto computer. Money can be put in the wallet by deciding how much is needed and then sending an encrypted message to the bank asking for this amount to be deducted from the user's account. The bank reads the message with private key decryption and verifies if it has been digitally signed in order to identify the user. The bank then generates "serial numbers", encrypts the message, signs it with its digital signature and returns it. The user is now entitled to use the message (coin or token) to spend it at merchant sites. Merchants receive e-cash during a transaction and see that it has been authorized by a bank. They then contact the bank to make sure the coins have not been spent somewhere else, and the amount is credited to the merchant's account.

What does the coin contain? A coin will contain the following:

Serial number a unique number that identifies the coin Denomination the actual value of the coin Validity Period Transaction list has an arbitrary number of transaction items

Role of cryptography in making digital cash possible:

www.jntuworld.com

www.jntuworld.com

www.jwjobs.net

The digital cash makes use of public key cryptography and digital signatures to ensure security. The basic gist of the two is as follows: Public key Cryptography In public key cryptography, each party has two sets of keys. One is published to the public called public key and the other is kept secret and only known by the owner. This key is called private key. Anyone wishing to communicate with certain party securely will encrypt the communicated data with the recipients public key which is available and on the other side only the party that holds the matching private key can decrypt the cipher text. Public key schemes are based on one-way or tap door functions, which are useful for transformation of text which is easy to apply, but cannot be easily reversed. The most important public key algorithms are RSA and Merkle-Hellman. Digital signatures: A digital signature is a small amount of data that was created using some secret key, and here is a public key that can be used to verify that the signature was really generated using the corresponding private key. Digital signatures are used to verify that the message really comes from the claimed sender. If the signature decrypts properly and the information matches with that of the message, the signature is accepted as valid. Banks and customers use their keys to encrypt and sign blocks of digital data that represent money orders. Bank signs money orders using its private key and customers & merchants verify the signed money orders using the banks widely published public key. Customers sign deposits and withdraw using their private key and the bank uses the customers public key to verify the signed withdraws and deposits. Bank may be a credit card company or the overall banking system. General models for Digital Cash: There are two types of system for digital cash, namely, the online system and offline system. In the following, systems structure, advantages and disadvantages are discussed. Online Digital Cash

The diagram above shows the structure of the online digital cash system, the structure is indeed very similar to the one which is being used in the existing paper cash system. In

www.jntuworld.com

www.jntuworld.com

www.jwjobs.net

this system, we have got three main components; the bank, customers and merchants, the user withdraw coins from the back, spend in the shop and the shop deposit the coin back to the bank. The user ID in this online digital cash system is fully anonymous and it is done by using a protocol called Blind Signature Protocol. This protocol simply eliminates the association between the user ID and the serial number of the coin. Pros and Cons of the online digital cash system Pros Cons Communications overhead between merchant and the bank Huge database of coin records. Coins are not reusable. Provides fully anonymous and untraceable digital cash No double spending problems Don't require additional secure hardware

www.jntuworld.com

www.jntuworld.com

www.jwjobs.net

Offline Digital Cash

In the off-line scheme, the withdrawal and disposal of the coins are very similar to the one in the on-line scheme; the main difference is in the transaction part of the model. Instead of verifying coins during every transaction, the security of each entity in the system is guaranteed without a direct involvement with the bank. This is achieved by adding an additional component in the model called the Temper Resistant Device. Pros and Cons of the offline digital cash system Pros: User is fully anonymous unless double spend Banks dont need to synchronize database in each transaction Coins could be reusable Cons: Might not prevent double spending immediately More expensive to implement Problems faced using digital cash: Several problems come into mind while considering the usage of digital cash. The main problems are Counterfeiting and Double spending. Counterfeiting It seems to be much easier with electronic coins than paper cash as they are merely electronic signals. How ever the development of public key cryptography provided a means of eliminating this problem. In public key cryptography an entity generates two keys such that a message encrypted with one key can be decrypted through another. This system can be used to send encrypted mail which can be decrypted by the recipient only. Double spending If a user makes a copy of a coin before they spend it, they have the possibility to spend that coin again. However, when the coin is finally returned to the issuer, it will be possible to discover the culprit. This is achieved by combining a particular part of the identity from the original coin with its corresponding part from the copied coin. Note that the corresponding part will have been blanked out in the original coin. For example, lets assume user with id 2510 makes a copy of a coin and spends it twice. The diagram below shows exactly how double spending is detected:

www.jntuworld.com

www.jntuworld.com

www.jwjobs.net

At transaction 2 the user made a copy of the coin and spent it elsewhere. Once the coin finally reached the issuer, they can match up pair of corresponding P1 and P2 to reveal the identity of the user who has spent the coin twice. 1500 XOR 3090 = 2510 or 7033 XOR 4791 = 2510 (Notice that 2510 was the id of the user) The protocol for Untraceable digital cash The bank doest just signs something that without knowing what it was; this is where the protocol comes in. This protocol preserves the anonymity by using blind signatures and a cut-andchoose method. The protocol for withdrawal goes: The customer would create k units of money coins. The customer would then blind each of them with a different binding factors He then sends the blinded coin to bank for withdrawal request. The bank can now check the content to make sure the customer has not tried to cheat.

www.jntuworld.com

www.jntuworld.com

www.jwjobs.net

After checking with all keys, bank would sign the remaining unit with its private key and send it back to the customer. The bank then debits the customers account according to the amount requested. The customer would un-blind it and uses for his purposes. The protocol for payment/deposit: The customer gives the coin to the merchant to buy the goods. The merchant contacts the bank by sending the coin which he received from the customer. Bank verifies the digital signature of it. It also verifies weather the coin is already spent or not by using the spent-coin database. If not spent it enters the coin serial number in spent database. It credits the amount into merchants account and informs about the credit to the merchant. Then the merchant gives the customer goods. The main difference between untraceable and traceable digital cash is that in traceable online system the customer doest blind the e-coin after creating it. It is the responsibility of the bank to keep track of the coins usage in the system. Overall advantages of digital cash: E-cash is basically software; it can be programmed to do things that paper money could never do. This ability opens up a whole range of exciting functionality that money may offer. Besides this, there are many other advantages on offer. For the Users: One of the most apparent benefits of digital cash is convenience. Users may access funds, pay for items or be paid from the comfort of their home. It provides security to the user when compared to a credit card transition. True anonymous digital cash would also provide unconditional intractability. The blinding carried out by the user's own device makes it impossible for anyone to link payment to payer. For the Bank: It greatly reduces processing effort by saving time and the employees required for this process is also very less. With the security measures built into the electronic wallet, fraud costs and costs for clarifying disputed transactions could be reduced Handling costs for paper cash are exorbitant. This includes guarding, transporting, counting, storing etc...With weightless cash bereft of any volume, these massive savings will be made. For the Retailer: The instantaneous quality of electronic transactions, means retailers accounts will be credited for immediate use if necessary. Retailers must pay a fee of 2 to 7 percent of the purchased amount to the credit card company. The fees for digital cash transactions are likely to be smaller than for today's cards because of smaller operating costs for the issuer. In spite of several advantages there are disadvantages like of awareness on the system, Legal problems that loosens the government's control on finance.

www.jntuworld.com

You might also like