1 / 11

Experimenting with Electronic Commerce on the PalmPilot

This study by Neil Daswani and Dan Boneh from Stanford University delves into the trade-offs of electronic commerce on PalmPilot versus SmartCards and Desktops. It examines the use of cryptographic primitives like DES, SHA-1, RSA, and ECC-DSA for secure transactions. Focusing on E-Commerce on a PDA, particularly for small payments in applications like Pony Vending Machine, the implementation of PayWord on PalmPilot is detailed. The study emphasizes minimizing cryptographic operations and storage requirements. It concludes that PDAs are suitable for small payments, adaptable commerce protocols like PDA-PayWord, and leverage the best of ECC and RSA.

ling
Télécharger la présentation

Experimenting with Electronic Commerce on the PalmPilot

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Experimenting with Electronic Commerce on the PalmPilot Neil Daswani, Dan Boneh, Stanford University

  2. Trade-offs • Vs. SmartCards • no tamper resistance • no cryptographic accelerators • direct line of communication with user • more processing power • more memory

  3. Trade-offs • Vs. Desktops • less memory • less processing power • portable

  4. Cryptographic Primitives * DES, SHA-1, RSA figures obtained with SSLeay * ECC-DSA figures obtained with Certicom Security Builder Toolkit

  5. E-Commerce on a PDA • Small payments ($5 -> $50) • Target Application: Pony Vending Machine • Pre-pay • Vendor-specific • Where to start? • PayWord (Rivest, Shamir)

  6. PDA-PayWord • PalmPilot implementation of PayWord • Minimize cryptographic operations • Minimize storage requirements

  7. User’s Wallet Bank {Yk, k, d, vid}SECC-DSA(User) Yk Pre-Paid? Yes HCC= {Yk, k, d, exp,vid}SRSA (Bank) Y1 Y0 PDA-PayWord: Withdrawal

  8. PDA-PayWord: Purchase Yk User’s Wallet Yk-i+1 Yk-i Yk-i, i, HCC Yk-i Vendor Y1 Y0

  9. PDA-PayWord: Withdrawal Timings Note: d = 5

  10. PDA-PayWord: Purchase Timings (First time $1.50 buy)

  11. Conclusions / Summary • PDA = portable commerce device w/o tamper resistance • Suitable for small payments • Commerce protocols can be adapted • Example: PDA-PayWord • leverages best of ECC and RSA Acknowledgements: Andrew Toy & Certicom

More Related