The Formal Verification of a Payment System

UEPS, the Universal Electronic Payment System, was an electronic funds transfer product designed for use in developing countries, where poor telecommunications make offline operation necessary. It was built around smartcard-based electronic wallet functions: money is loaded from the bank, via bank cards, to customer cards, to merchant cards, and finally back to the bank through a clearing system (Anderson, 1992).

[1]  Martín Abadi,et al.  A logic of authentication , 1989, Proceedings of the Royal Society of London. A. Mathematical and Physical Sciences.

[2]  Richard Outerbridge,et al.  Des Watch: an Examination of the Sufficiency of the Data Encryption Standard for Financial Institution Information Security in the 1990's , 1991, Cryptologia.

[3]  Ross J. Anderson Why cryptosystems fail , 1994, CACM.

[4]  Li Gong,et al.  Logics for cryptographic protocols-virtues and limitations , 1991, Proceedings Computer Security Foundations Workshop IV.

[5]  Ross J. Anderson,et al.  Programming Satan's Computer , 1995, Computer Science Today.

[6]  Ross J. Anderson,et al.  On the Reliability of Electronic Payment Systems , 1996, IEEE Trans. Software Eng..

[7]  Jon Dorling,et al.  THE STRUCTURE OF SCIENTIFIC INFERENCE* , 1975, The British Journal for the Philosophy of Science.

[8]  Lawrence C. Paulson,et al.  Proving properties of security protocols by induction , 1997, Proceedings 10th Computer Security Foundations Workshop.

[9]  Markus G. Kuhn,et al.  Tamper resistance: a cautionary note , 1996 .

[10]  Ross J. Anderson UEPS - A Second Generation Electronic Wallet , 1992, ESORICS.

[11]  Li Gong,et al.  Reasoning about belief in cryptographic protocols , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.