The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. ex. Some numerals are expressed as "XNUMX".
Copyrights notice
The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. Copyrights notice
Pada tahun 2006, Yeh dan Tsai mencadangkan mekanisme keselamatan perdagangan mudah alih. Walau bagaimanapun, pada tahun 2008, Yum et al. menegaskan bahawa mekanisme keselamatan Yeh-Tsai tidak selamat terhadap gerbang WAP yang berniat jahat dan kemudian mencadangkan langkah balas mudah terhadap serangan itu ialah menggunakan fungsi cincang kriptografi dan bukannya operasi penambahan. Namun begitu, kertas kerja ini menunjukkan bahawa kedua-dua mekanisme keselamatan Yeh-Tsai dan Yum et al. masih tidak memberikan kerahsiaan hadapan yang sempurna dan terdedah kepada serangan meneka luar talian dan serangan Denning-Sacco. Di samping itu, kami mencadangkan mekanisme keselamatan baharu untuk mengatasi kelemahan mekanisme keselamatan yang berkaitan sebelum ini.
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Salinan
Eun-Jun YOON, Kee-Young YOO, "A Robust Security Mechanism for Mobile Commerce Transactions" in IEICE TRANSACTIONS on Information,
vol. E93-D, no. 11, pp. 2898-2906, November 2010, doi: 10.1587/transinf.E93.D.2898.
Abstract: In 2006, Yeh and Tsai proposed a mobile commerce security mechanism. However, in 2008, Yum et al. pointed out that Yeh-Tsai security mechanism is not secure against malicious WAP gateways and then proposed a simple countermeasure against the attack is to use a cryptographic hash function instead of the addition operation. Nevertheless, this paper shows that both Yeh-Tsai's and Yum et al.'s security mechanisms still do not provide perfect forward secrecy and are susceptible to an off-line guessing attack and Denning-Sacco attack. In addition, we propose a new security mechanism to overcome the weaknesses of the previous related security mechanisms.
URL: https://global.ieice.org/en_transactions/information/10.1587/transinf.E93.D.2898/_p
Salinan
@ARTICLE{e93-d_11_2898,
author={Eun-Jun YOON, Kee-Young YOO, },
journal={IEICE TRANSACTIONS on Information},
title={A Robust Security Mechanism for Mobile Commerce Transactions},
year={2010},
volume={E93-D},
number={11},
pages={2898-2906},
abstract={In 2006, Yeh and Tsai proposed a mobile commerce security mechanism. However, in 2008, Yum et al. pointed out that Yeh-Tsai security mechanism is not secure against malicious WAP gateways and then proposed a simple countermeasure against the attack is to use a cryptographic hash function instead of the addition operation. Nevertheless, this paper shows that both Yeh-Tsai's and Yum et al.'s security mechanisms still do not provide perfect forward secrecy and are susceptible to an off-line guessing attack and Denning-Sacco attack. In addition, we propose a new security mechanism to overcome the weaknesses of the previous related security mechanisms.},
keywords={},
doi={10.1587/transinf.E93.D.2898},
ISSN={1745-1361},
month={November},}
Salinan
TY - JOUR
TI - A Robust Security Mechanism for Mobile Commerce Transactions
T2 - IEICE TRANSACTIONS on Information
SP - 2898
EP - 2906
AU - Eun-Jun YOON
AU - Kee-Young YOO
PY - 2010
DO - 10.1587/transinf.E93.D.2898
JO - IEICE TRANSACTIONS on Information
SN - 1745-1361
VL - E93-D
IS - 11
JA - IEICE TRANSACTIONS on Information
Y1 - November 2010
AB - In 2006, Yeh and Tsai proposed a mobile commerce security mechanism. However, in 2008, Yum et al. pointed out that Yeh-Tsai security mechanism is not secure against malicious WAP gateways and then proposed a simple countermeasure against the attack is to use a cryptographic hash function instead of the addition operation. Nevertheless, this paper shows that both Yeh-Tsai's and Yum et al.'s security mechanisms still do not provide perfect forward secrecy and are susceptible to an off-line guessing attack and Denning-Sacco attack. In addition, we propose a new security mechanism to overcome the weaknesses of the previous related security mechanisms.
ER -