Scribd
Upload
42 views27 pages

Transport Layer Security: - The Same Record Format As The SSL Record Format. - Similar To Sslv3. - Differences in The

Transport Layer Security (TLS) is a cryptographic protocol that provides secure communication over the internet. It is based on the SSL protocol but has some differences, including updated cryptographic computations and algorithms. Secure Electronic Transaction (SET) is a standard developed to secure credit card transactions online through encryption and digital signatures. It involves certificates, symmetric/asymmetric encryption, hashing, and other cryptographic techniques to provide privacy, integrity, authentication and non-repudiation for e-commerce payments.

Uploaded by

Himani Jain
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
42 views27 pages

Transport Layer Security: - The Same Record Format As The SSL Record Format. - Similar To Sslv3. - Differences in The

Transport Layer Security (TLS) is a cryptographic protocol that provides secure communication over the internet. It is based on the SSL protocol but has some differences, including updated cryptographic computations and algorithms. Secure Electronic Transaction (SET) is a standard developed to secure credit card transactions online through encryption and digital signatures. It involves certificates, symmetric/asymmetric encryption, hashing, and other cryptographic techniques to provide privacy, integrity, authentication and non-repudiation for e-commerce payments.

Uploaded by

Himani Jain
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd

Transport Layer Security

• The same record format as the SSL record format.


• Similar to SSLv3.
• Differences in the:
– version number
– message authentication code
– pseudorandom function
– alert codes
– cipher suites
– client certificate types
– certificate_verify and finished message
– cryptographic computations
– padding
Definition
• Secure Electronic Transaction (SET) is a
standard developed for protecting the privacy
and ensuring the authenticity of electronic
transactions. i.e. for securing credit-card
transactions over the Internet.
• It was jointly developed by Visa and
MasterCard in collaboration with computer
vendors such as IBM, Microsoft and
Netscape.
Secure Electronic Transactions
• An open encryption and security specification.
• Protect credit card transaction on the Internet.
• Companies involved:
– MasterCard, Visa, IBM, Microsoft, Netscape, RSA,
Terisa and Verisign
• Not a payment system.
• Set of security protocols and formats.
SET Services
• Provides a secure communication channel
in a transaction.
• Provides tust by the use of X.509v3 digital
certificates.
• Ensures privacy.
SET Overview
• Key Features of SET:
– Confidentiality of information: Cardholder account and
payment information is secured as it travels across the network

– Integrity of data
– Cardholder account authentication
– Merchant authentication
SET Participants
Sequence of events for
transactions
1. The customer opens an account.
2. The customer receives a certificate.
3. Merchants have their own certificates.
4. The customer places an order.
5. The merchant is verified.
6. The order and payment are sent.
7. The merchant request payment authorization.
8. The merchant confirm the order.
9. The merchant provides the goods or service.
10. The merchant requests payments.
Dual Signature
DS  E KRc [ H ( H ( PI ) || H(OI))]
Payment processing

Cardholder sends Purchase Request


Payment processing

Merchant Verifies Customer Purchase Request


Payment processing
• Payment Authorization:
– Authorization Request
– Authorization Response
• Payment Capture:
– Capture Request
– Capture Response
How SETS Works
• SETS works through the use of public key encryption.
• This involves two keys
– a private key which is kept secret and
– a public key which can be distributed to others.

• If a message is encrypted using one key then it can


only be decrypted using the other.
– When the customer encrypts his credit card details with the
public key of the retailer’s bank these details can only be
decrypted by the bank using its private key. This standard
effectively prevents the retailer having access to the
consumer’s credit card number at any stage in the process.
How SETS Works
ADVANTAGES
The SET protocol provides three main advantages,
that put together, make it safer than other payment
methods. These advantages are:
• Privacy, via cryptography that renders intercepted
messages unreadable.
• Integrity, via hashing and signing assures that
messages sent are received without alteration.
• Authentication, via digital certificates which
assures that the parties involved in the transaction
are who they claim to be, and prevents them from
denying that they sent a message (i.e. non-
repudiation).
Starring
• Alice as the Cardholder
• Bob’s Beer Delivery as the Merchant
• Visa as the Issuer

SET
Wachovia as the Acquirer/Payment
Gateway
Dual Signature

How Bob can prove Alice paid for


Natural Light and not Samuel
Adams
Dual Signature Creation

PI H PIMD

E kra
POMD DS
H
||

OI H OIMD
How Bob Uses the DS
DS = Ekra[ H( H(PI) || H(OI) ) ]
• DS
Ekua [ Ekra[ H( H(PI) || H(OI) ) ] ]
• PIMD
• OI
H( H(PI) || H(OI) )
!=
H( PIMD || H(OI) )
How Wachovia Uses the DS
DS = Ekra[ H( H(PI) || H(OI) ) ]
• DS
Ekua [ Ekra[ H( H(PI) || H(OI) ) ] ]
• PI
• OIMD
H( H(PI) || H(OI) )
!=
H( H(PI) || OIMD )
Payment Processing
• Purchase Request
Alice to Bob’s Beer Delivery

• Payment Authorization
Bob’s Beer Delivery to Wachovia
Wachovia to Visa
From Alice To Bob’s Beer
PIMD

+
Order
Info Used by Bob’s Beer Delivery
(Order Related)
+
Dual Sig
+
Alice’s
Cert. Contains Key To Decrypt Dual Sig
(KPUB-Alice )
+

Sent on by Bob’s Beer Delivery to


+
Dig Envelope Wachovia (Money Related)
Payment Processing
• Purchase Request
Alice to Bob’s Beer Delivery

• Payment Authorization
Bob’s Beer Delivery to Wachovia
Wachovia to Visa
From Alice To Bob’s Beer
PIMD

+
Order
Info Used by Bob’s Beer Delivery
(Order Related)
+
Dual Sig
+
Alice’s
Cert. Contains Key To Decrypt Dual Sig
(KPUB-Alice )
+

Sent on by Bob’s Beer Delivery to


+
Dig Envelope Wachovia (Money Related)
From Alice Through Bob To
Wachovia

Money Info Encrypted Using


Symmetric Key

Dig Envelope
Symmetric Key Encrypted Using
Wachovia’s Public Key
Bob’s Beer To Wachovia
Payment
Info

Dual Sig E

OIMD
KS

Temporary Symmetric Key Generated by Alice


Digital Envelope

KS E Dig Envelope

KPUB-Wachovia
Obtaining The Payment Info
Dig Envelope D KS

KPRI-Wachovia
Payment
Info

KS

Dual Sig
D

OIMD

You might also like