Offline Micropayments without Trusted Hardware
نویسندگان
چکیده
We introduce a new micropayment scheme, suitable for certain kinds of transactions, that requires neither online transactions nor trusted hardware for either the payer or payee. Each payer is periodically issued certified credentials that encode the type of transactions and circumstances under which payment can be guaranteed. A risk management strategy, taking into account the payers’ history, and other factors, can be used to generate these credentials in a way that limits the aggregated risk of uncollectable or fraudulent transactions to an acceptable level. These credentials can also permit or restrict types of purchases. We show a practical architecture for such a system that uses a Trust Management System to encode the credentials and policies. We describe a prototype implementation of the system in which vending machine purchases are made using consumer PDAs.
منابع مشابه
Pasture: Secure Offline Data Access Using Commodity Trusted Hardware
This paper presents Pasture, a secure messaging and logging library that enables rich mobile experiences by providing secure offline data access. Without trusting users, applications, operating systems, or hypervisors, Pasture leverages commodity trusted hardware to provide two important safety properties: accessundeniability (a user cannot deny any offline data access obtained by his device wi...
متن کاملO ine Micropayments without Trusted Hardware
We introduce a new micropayment scheme, suitable for certain kinds of transactions, that requires neither online transactions nor trusted hardware for either the payer or payee. Each payer is periodically issued certi ed credentials that encode the type of transactions and circumstances under which payment can be guaranteed. A risk management strategy, taking into account the payers' history, a...
متن کاملDecentralized Anonymous Micropayments
Micropayments (payments worth a few pennies) have numerous potential applications. A challenge in achieving them is that payment networks charge fees that are high compared to “micro” sums of money. Wheeler (1996) and Rivest (1997) proposed probabilistic payments as a technique to achieve micropayments: a merchant receives a macro-value payment with a given probability so that, in expectation, ...
متن کاملAn Efficient PIR Construction Using Trusted Hardware
For a private information retrieval (PIR) scheme to be deployed in practice, low communication complexity and low computation complexity are two fundamental requirements it must meet. Most existing PIR schemes only focus on the communication complexity. The reduction on the computational complexity did not receive the due treatment mainly because of its O(n) lower bound. By using the trusted ha...
متن کاملOffline dictionary attack on TCG TPM weak authorisation data, and solution
The Trusted Platform Module (TPM) is a hardware chip designed to enable PCs achieve greater security. Proof of possession of values known as authData is required by user processes in order to use TPM keys. We show that in certain circumstances dictionary attacks can be performed offline on authdata. In this way, an attacker can circumvent some crucial operations of the TPM, and impersonate the ...
متن کامل