CS 161 E commerce Stages in E commerce purchase October 24 2005 2005 by J D Tygar cs 161 org 24 Oct 2005 1 2005 by J D Tygar cs 161 org 24 Oct 2005 Stages in e commerce purchase 2 Credit cards as an enabler Advertising Solicitation Negotiation Purchase Payment Delivery Ordering support Standard purchase model reveals credit information Overhead costs can be high for microtransactions Acquiring Bank vs Consumer Bank Payment processors 2005 by J D Tygar cs 161 org 24 Oct 2005 3 2005 by J D Tygar cs 161 org 24 Oct 2005 Why is a credit card transaction 50 Overlimit collections Information goods Consider the purchase of an information good or service Issuer fraud investigations Cardholder authorizations Account acquisition credit processing Issuer center administration Cardholder servicing promotion Payment processing 2005 by J D Tygar cs 161 org 24 Oct 2005 4 Library information Search services Software Video clips These transactions may be large value or microtransactions Card issuing Incoming Cardholder interchange billing In either case atomicity is crucial 5 2005 by J D Tygar cs 161 org 24 Oct 2005 6 What Is atomicity I won t try to give a formal definition 3 types of atomicity Money atomicity Payment methods Atomicity All money transfers complete with non ambiguous results Money is neither destroyed nor created Goods atomicity One receives goods if and only if one pays Example Cash On Delivery parcels Certified delivery Both buyer and seller can prove the delivered content If you get bogus goods you can prove it 2005 by J D Tygar cs 161 org 24 Oct 2005 7 2005 by J D Tygar cs 161 org 24 Oct 2005 First Virtual Merchant Netscape SSL model User pays after receiving goods Money atomicity only Messages sent in clear Uses expensive credit card transactions Internet 8 Merchant Private Line Encrypted tunnel through the Internet First Virtual Internet Credit Card Acquirer Consumer 9 2005 by J D Tygar cs 161 org 24 Oct 2005 Third party intermediary model Cybercash Encrypted tunnel through the Internet Consumer sends card direct to merchant Similar to today s phone order Must trust merchant with card info Weak atomicity High transaction costs Consumer 2005 by J D Tygar cs 161 org 24 Oct 2005 Merchant Credit Card Acquirer 10 Mastercard Visa SET Protects consumer s card info Use Internet for reaching Cybercash gateway to acquirers Adds to credit card card cost Merchant Encrypted tunnels through the Internet Protects consumer s card info by cryptography Money atomicity only Use net to reach acquirer Uses expensive credit card transactions high commission Credit Card Acquirer Internet Internet Cybercash Credit Card Acquirer Consumer 2005 by J D Tygar cs 161 org 24 Oct 2005 Consumer 11 2005 by J D Tygar cs 161 org 24 Oct 2005 12 Digicash Merchant 5 4 3 Bank NetBill goals 1 Consumer asks bank for anonymous digicash 2 Bank sends anonymous digicash bits to consumer 3 Consumer sends digicash to merchant in payment 4 Merchant checks that digicash has not been double spent 5 Bank verifies that digicash is valid Real service Highly atomic transactions Micro transactions Full security and privacy 2 Problems 1 No atomicity Anonymity restricted in US Interrupt transaction ambiguous state Detecting double spending is expensive Consumer 2005 by J D Tygar cs 161 org 24 Oct 2005 13 2005 by J D Tygar cs 161 org 24 Oct 2005 NetBill features 14 NetBill model An electronic credit card to enable network based commerce Provides billing services on behalf of network attached merchants Focus on info goods services journal articles Microtransaction 10 purchase 1 overhead Variable pricing Fully integrated access control DES RSA DSA combo for best performance Electronic statements account creation Certified delivery proof of purchase content Network Merchant Consumer Bank 2005 by J D Tygar cs 161 org 24 Oct 2005 15 NetBill protocol 1 Consumer 3 5 2 Merchant 4 8 7 NetBill 1 2 3 4 5 6 6 7 8 2005 by J D Tygar cs 161 org 24 Oct 2005 NetBill 2005 by J D Tygar cs 161 org 24 Oct 2005 16 NetBill protocol low level All messages are encrypted with shared key S Buyer requests price Seller makes offer Buyer accepts offer Goods delivered encrypted with K Buyer signs EPO electronic purchase order price crypto checksum timeout Seller countersigns EPO and signs K NetBill checks account timeout stores K crypto checksum transfers price money sends signed receipt including K K received goods decrypted 17 2005 by J D Tygar cs 161 org 24 Oct 2005 18 NetBill protocol low level NetBill protocol low level Purchase Request 2005 by J D Tygar cs 161 org 24 Oct 2005 19 2005 by J D Tygar cs 161 org 24 Oct 2005 20 Why atomic Money atomicity Accounts are held at a single server and are modified with local atomic ACID transactions Role of Anonymity in EC Goods atomicity Customer receives decryption key for goods only if she pays If customer pays decryption key available from multiple sources merchant and NetBill server Key can be delivered by alternative network such as telephone if necessary Certified delivery If customer receives junk or bogus goods can prove the contents to a judge Crypto checksum of goods signed by both customer and merchant are stored at NetBill server Signed copy of decryption key stored by all parties 2005 by J D Tygar cs 161 org 24 Oct 2005 21 2005 by J D Tygar cs 161 org 24 Oct 2005 A puzzle 22 Why study anonymity Suppose Berkeley grads want to find their average salary But of course no participant wants to reveal his her salary How can we compute the average without giving away information about any participant s salary Later I will give several solutions to this puzzle Privacy concerns individual corporate national Technology for collecting private statistics Understand theoretical limits countermeasures Understanding semi anonymity Allows government search in exceptional circumstances Insights 2005 by J D Tygar cs 161 org 24 Oct 2005 23 e commerce distributed protocols cryptography survivability 2005 by J D Tygar cs 161 org 24 Oct 2005 24 Is anonymous computation feasible Anonymous computation There is extensive work on anonymous and secret communication cryptography Good news In theory any computation can be anonymized Bad news But what if we want to compute a function of the secure values In puzzle we want to add encrypted values Examples In general constructions are complicated Most constructions multiply number of messages by a factor of at least 1000 and often much higher like 1020 Usually simple IP location tracing
View Full Document
Unlocking...