摘要
针对现有复合型支付协议AECPP的单向身份认证中易受匿名攻击、支付子协议的完整性不能有效保证这些不足,提出一种新的复合型电子支付协议。新协议实现了用户与服务供应商之间的双向认证,通过引入Hash函数和经由第三方信息的转发进一步提高了支付子协议的完整性和保密性。通过SVO逻辑和Kailar逻辑形式化分析验证可知,新的复合电子支付协议满足双向认证性、可追究性和公平性。
In view of the fact that the one-way identity authentication of the existing composite payment protocol AECPP is vulnerable to anonymous attacks and the integrity of the payment sub-protocol cannot effectively guarantee these deficiencies,a new compound electronic payment protocol was proposed. The new protocol realized two-way certification between users and service providers,and further improved the integrity and confidentiality of payment subprotocols by introducing Hash functions and forwarding via third-party information. Through SVO logic and Kailar logic formal analysis and verification shows that the new composite electronic payment protocol meets two-way certification,accountability and fairness.
作者
丁月
汪学明
Ding Yue;Wang Xuenjing(College of Computer Science and Technology, Guizhou University, Guiyang 550025, Guizhou, China)
出处
《计算机应用与软件》
北大核心
2018年第6期319-324,共6页
Computer Applications and Software