论文信息 - Verifying the Payment Authorization in SET Protocol

Verifying the Payment Authorization in SET Protocol

The Secure Electronic Transaction (SET) protocol is a protocol designed to conduct safe business over Internet. We present formal verification of the Payment Authorization in SET by using ENDL (extension of non-monotonic logic) [1]. The analysis uncovers some subtle defects that may incur malicious attacks. To overcome these vulnerabilities, some feasible countermeasures are proposed accordingly.

Chengqi Zhang | Shichao Zhang | Qingfeng Chen

[1] Giovanni Maria Sacco,et al. Timestamps in key distribution protocols , 1981, CACM.

[2] Fabio Massacci,et al. Formal Verification of Cardholder Registration in SET , 2000, ESORICS.

[3] Roger M. Needham,et al. Using encryption for authentication in large networks of computers , 1978, CACM.

[4] Chengqi Zhang,et al. ENDL: A Logical Framework for Verifying Secure Transaction Protocols , 2003, Knowledge and Information Systems.

[5] Diomidis Spinellis,et al. Security protocols over open networks and distributed systems: formal methods for their analysis, design, and verification , 1999, Comput. Commun..