LLCPS and SISO: A TLS-based framework with RFID for NFC P2P retail transaction processing

The introduction of smartphones enabled with Near Field Communication (NFC) technology facilitates transformation of processes that involve manual intervention such as payment transaction processing in an automated manner. Although payment for transaction using NFC technology is not new, the possibility to use smartphones for payment either through stored payment information in the smartphone or in the cloud allows for seamless integration of associated processes. We consider advances in identification and communication technologies such as RFID (Radio Frequency IDentification) and smartphones as well as the ability to respond in real-time for automated checkout in a retail shopping environment with NFC-enabled smartphones. Using a recently proposed protocol (LLCPS) as an envelope for communication between the smartphone and the NFC reader, we develop a suite of authentication protocols (SISO) for secure payment processing in a retail store environment.

[1]  Li Gong,et al.  Reasoning about belief in cryptographic protocols , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[2]  Tatsuaki Okamoto,et al.  Provably Secure and Practical Identification Schemes and Corresponding Signature Schemes , 1992, CRYPTO.

[3]  Guy Pujolle,et al.  Security and privacy for the next wireless generation , 2008, Int. J. Netw. Manag..

[4]  Pascal Urien,et al.  Internet card, a smart card as a true Internet node , 2000, Comput. Commun..

[5]  Pascal Urien TLS-Tandem: A Smart Card for WEB Applications , 2009, 2009 6th IEEE Consumer Communications and Networking Conference.

[6]  Michael Hutter RFID Authentication Protocols based on Elliptic Curves - A Top-Down Evaluation Survey , 2009, SECRYPT.

[7]  C. P. Schnorr,et al.  Efficient Identification and Signatures for Smart Cards (Abstract) , 1989, EUROCRYPT.

[8]  Thuy Trang Tran,et al.  Mutual authentication between RFID tag and reader using Elliptic curve cryptography , 2008 .

[9]  Pascal Urien,et al.  A breakthrough for prepaid payment: End to end token exchange and management using secure SSL channels created by EAP-TLS smart cards , 2011, 2011 International Conference on Collaboration Technologies and Systems (CTS).

[10]  Sándor Imre,et al.  Elliptic curve cryptography based authentication protocol for small computational capacity RFID systems , 2010, Q2SWinet '10.

[11]  Pascal Urien,et al.  A new cooperative architecture for sharing services managed by secure elements controlled by android phones with IP objects , 2012, 2012 International Conference on Collaboration Technologies and Systems (CTS).

[12]  Pascal Urien,et al.  A new keying system for RFID lock based on SSL dual interface NFC chips and android mobiles , 2012, 2012 IEEE Consumer Communications and Networking Conference (CCNC).

[13]  Douglas Stebila,et al.  Performance analysis of elliptic curve cryptography for SSL , 2002, WiSE '02.

[14]  Ingrid Verbauwhede,et al.  Elliptic-Curve-Based Security Processor for RFID , 2008, IEEE Transactions on Computers.

[15]  Erwin Hess,et al.  Using Elliptic Curves on RFID Tags , 2008 .

[16]  M. Girault,et al.  The Feasibility of Onthe-Tag Public Key Cryptography , 2007 .

[17]  Pascal Urien,et al.  SIP SecLite: SIP Security Solution All in One , 2010, J. Next Gener. Inf. Technol..

[18]  Josep M. Miret,et al.  A Secure Elliptic Curve-Based RFID Protocol , 2009, Journal of Computer Science and Technology.

[19]  K. Lauter,et al.  The advantages of elliptic curve cryptography for wireless security , 2004, IEEE Wireless Communications.