Research Article
BibTex RIS Cite

Determining the Cryptography Algorithm and Model for Mobile Payment Systems

Year 2020, Volume: 4 Issue: 1, 21 - 33, 10.08.2020

Abstract

Mobile payment systems are becoming one of the most popular technologies nowadays. A mobile payment system is an application that provides a payment channel easily and quickly without credit card information. All payments can be either over GSM bill or from your phone application account. Each mobile application has different requirements. The main requirements of mobile payment systems are functionality, security and speed. The cryptography model and algorithm are very important to make all transactions securely on mobile payment applications. The speed factor is also very important during payment on mobile payment applications. If security does not provide a minimum time consumption on application, this system becomes not preferable. Therefore, we analyzed the time consumption of the cryptographic algorithms to specify the best model and algorithm for mobile payment applications. In this study, we tried to find most suitable cryptographic model and algorithm for mobile payment systems. We compared Rivest-Shamir-Adleman, which is a well-known asymmetric key algorithm, with well-known symmetric algorithms such as Data Encryption Standard, Triple Data Encryption Standard, and Advanced Encryption Standard in terms of time consumption of the algorithm over encryption and decryption processes. As a result of this study, Advanced Encryption Standard was found to be approximately three times fast than among all algorithms.

References

  • Barker, E., & Mouha, N. (2017). Recommendation for the Triple Data Encryption Algorithm (TDEA) block cipher. doi:10.6028/nist.sp.800-67r2
  • Beunardeau, M., Connolly, A., Geraud, R., & Naccache, D. (2016). White-Box Cryptography: Security in an Insecure Environment. IEEE Security & Privacy, 14(5), 88-92. doi:10.1109/msp.2016.100
  • Billet, O., Gilbert, H., & Ech-Chatbi, C. (2004). Cryptanalysis of a White Box AES Implementation. Selected Areas in Cryptography Lecture Notes in Computer Science, 3357, 227-240. doi:10.1007/978-3-540-30564-4_16
  • Chow, S., Eisen, P., Johnson, H., & Oorschot, P. C. (2003). A White-Box DES Implementation for DRM Applications. Lecture Notes in Computer Science Digital Rights Management, 2696, 1-15. doi:10.1007/978-3-540-44993-5_1
  • Chow, S., Eisen, P., Johnson, H., & Oorschot, P. C. (2003). White-Box Cryptography and an AES Implementation. Selected Areas in Cryptography Lecture Notes in Computer Science, 2595, 250-270. doi:10.1007/3-540-36492-7_17
  • Delerablée, C., Lepoint, T., Paillier, P., & Rivain, M. (2014). White-Box Security Notions for Symmetric Encryption Schemes. Selected Areas in Cryptography -- SAC 2013 Lecture Notes in Computer Science, 8282, 247-264. doi:10.1007/978-3-662-43414-7_13
  • Federal Information Processing Standards Publication: Advanced encryption standard (AES). (2001). doi:10.6028/nist.fips.197
  • Federal Information Processing Standards Publication: Data encryption standard (DES). (1993). doi:10.6028/nist.fips.46-2
  • Jonsson, J., & Kaliski, B. (2003). Public-Key Cryptography Standards (PKCS) #1: RSA Cryptography Specifications Version 2.1. doi:10.17487/rfc3447
  • Lepoint, T., Rivain, M., Mulder, Y. D., Roelse, P., & Preneel, B. (2014). Two Attacks on a White-Box AES Implementation. Selected Areas in Cryptography -- SAC 2013 Lecture Notes in Computer Science, 8282, 265-285. doi:10.1007/978-3-662-43414-7_14
  • Mahajan, P., & Sachdeva, A. (2013). A study of encryption algorithms AES, DES and RSA for security. Global Journal of Computer Science and Technology, 13(15).
  • Mathur, M., & Kesarwani, A. (2013). Comparison between Des, 3des, Rc2, Rc6, Blowfish And Aes. In Proceedings of National Conference on New Horizons in IT-NCNHIT, 3, 143-148
  • Michiels, W., Gorissen, P., & Hollmann, H. D. (2009). Cryptanalysis of a Generic Class of White-Box Implementations. Selected Areas in Cryptography Lecture Notes in Computer Science, 5381, 414-428. doi:10.1007/978-3-642-04159-4_27
  • Padmavathi, B., & Kumari, S. R. (2013). A survey on performance analysis of DES, AES and RSA algorithm along with LSB substitution. International Journal of Science and Research (IJSR), India, 2(4).
  • Saxena, A., Wyseur, B., & Preneel, B. (2009). Towards Security Notions for White-Box Cryptography. Lecture Notes in Computer Science Information Security, 49-58. doi:10.1007/978-3-642-04474-8_4
  • Singhal, S., & Singhal, N. (2016). A Comparative Analysis of AES and RSA Algorithms. International Journal of Scientific & Engineering Research, 7(5), 149-151.
  • Şengel, Ö., Aydin, M. A., & Sertbaş, A. (2018). A Survey on White Box Cryptography Model for Mobile Payment Systems. Lecture Notes in Electrical Engineering International Telecommunications Conference, 504, 215-225. doi:10.1007/978-981-13-0408-8_18
  • Wyseur, B., Michiels, W., Gorissen, P., & Preneel, B. (2007). Cryptanalysis of White-Box DES Implementations with Arbitrary External Encodings. Selected Areas in Cryptography Lecture Notes in Computer Science, 264-277. doi:10.1007/978-3-540-77360-3_17

Mobil Ödeme Sistemleri için Şifreleme Algoritmasının ve Modelinin Belirlenmesi

Year 2020, Volume: 4 Issue: 1, 21 - 33, 10.08.2020

Abstract

Mobil ödeme sistemi son zamanlarda en yeni ve en popüler teknoloji olmaktadır. Mobil ödeme sistemi kredi kartı bilgileri olmaksızın hızlı ve güvenli ödeme kanalı sağlayan bir uygulamadır. Tüm ödemeler ya tanımlı olan operatör hattının faturasından ya da telefondaki uygulama hesabından yapılabilmektedir. Her uygulamanın farklı gereksinimleri vardır. Mobil ödeme sistemlerinin ana gereksinimleri fonksiyonellik, güvenlik ve hızdır. Mobile ödeme sistemlerinde ödeme esnasında en önemlisi hız etkenidir. Eğer güvenlik uygulamada en az zaman tüketimini sağlamıyorsa bu sistem tercih edilmemektedir. Bu yüzden mobil ödeme uygulamalarına en uygun modeli ve algoritmayı belirlemek için bu çalışmada şifreleme algoritmalarının zaman tüketimini kontrol ettik. Bu çalışmada mobil ödeme sistemleri için en uygun şifreleme modeli ve algoritmayı bulmaya çalışmaktayız. En çok bilinen asimetrik anahtarlı şifreleme olan Rivest-SahmirAdleman ile en çok bilinen simetrik algoritmaları olan Veri Şifreleme Standardı, Üçlü Veri Şifreleme Standardı, Geliştirilmiş Şifreleme Standardını şifreleme ve deşifreleme işlemleri esnasında tükettikleri zamanlara göre karşılaştırdık. Çalışmanın sonucu olarak Geliştirilmiş Şifreleme Standardı diğer algoritmalardan yaklaşık olarak üç kat daha hızlı olduğu gözlenmiştir.

References

  • Barker, E., & Mouha, N. (2017). Recommendation for the Triple Data Encryption Algorithm (TDEA) block cipher. doi:10.6028/nist.sp.800-67r2
  • Beunardeau, M., Connolly, A., Geraud, R., & Naccache, D. (2016). White-Box Cryptography: Security in an Insecure Environment. IEEE Security & Privacy, 14(5), 88-92. doi:10.1109/msp.2016.100
  • Billet, O., Gilbert, H., & Ech-Chatbi, C. (2004). Cryptanalysis of a White Box AES Implementation. Selected Areas in Cryptography Lecture Notes in Computer Science, 3357, 227-240. doi:10.1007/978-3-540-30564-4_16
  • Chow, S., Eisen, P., Johnson, H., & Oorschot, P. C. (2003). A White-Box DES Implementation for DRM Applications. Lecture Notes in Computer Science Digital Rights Management, 2696, 1-15. doi:10.1007/978-3-540-44993-5_1
  • Chow, S., Eisen, P., Johnson, H., & Oorschot, P. C. (2003). White-Box Cryptography and an AES Implementation. Selected Areas in Cryptography Lecture Notes in Computer Science, 2595, 250-270. doi:10.1007/3-540-36492-7_17
  • Delerablée, C., Lepoint, T., Paillier, P., & Rivain, M. (2014). White-Box Security Notions for Symmetric Encryption Schemes. Selected Areas in Cryptography -- SAC 2013 Lecture Notes in Computer Science, 8282, 247-264. doi:10.1007/978-3-662-43414-7_13
  • Federal Information Processing Standards Publication: Advanced encryption standard (AES). (2001). doi:10.6028/nist.fips.197
  • Federal Information Processing Standards Publication: Data encryption standard (DES). (1993). doi:10.6028/nist.fips.46-2
  • Jonsson, J., & Kaliski, B. (2003). Public-Key Cryptography Standards (PKCS) #1: RSA Cryptography Specifications Version 2.1. doi:10.17487/rfc3447
  • Lepoint, T., Rivain, M., Mulder, Y. D., Roelse, P., & Preneel, B. (2014). Two Attacks on a White-Box AES Implementation. Selected Areas in Cryptography -- SAC 2013 Lecture Notes in Computer Science, 8282, 265-285. doi:10.1007/978-3-662-43414-7_14
  • Mahajan, P., & Sachdeva, A. (2013). A study of encryption algorithms AES, DES and RSA for security. Global Journal of Computer Science and Technology, 13(15).
  • Mathur, M., & Kesarwani, A. (2013). Comparison between Des, 3des, Rc2, Rc6, Blowfish And Aes. In Proceedings of National Conference on New Horizons in IT-NCNHIT, 3, 143-148
  • Michiels, W., Gorissen, P., & Hollmann, H. D. (2009). Cryptanalysis of a Generic Class of White-Box Implementations. Selected Areas in Cryptography Lecture Notes in Computer Science, 5381, 414-428. doi:10.1007/978-3-642-04159-4_27
  • Padmavathi, B., & Kumari, S. R. (2013). A survey on performance analysis of DES, AES and RSA algorithm along with LSB substitution. International Journal of Science and Research (IJSR), India, 2(4).
  • Saxena, A., Wyseur, B., & Preneel, B. (2009). Towards Security Notions for White-Box Cryptography. Lecture Notes in Computer Science Information Security, 49-58. doi:10.1007/978-3-642-04474-8_4
  • Singhal, S., & Singhal, N. (2016). A Comparative Analysis of AES and RSA Algorithms. International Journal of Scientific & Engineering Research, 7(5), 149-151.
  • Şengel, Ö., Aydin, M. A., & Sertbaş, A. (2018). A Survey on White Box Cryptography Model for Mobile Payment Systems. Lecture Notes in Electrical Engineering International Telecommunications Conference, 504, 215-225. doi:10.1007/978-981-13-0408-8_18
  • Wyseur, B., Michiels, W., Gorissen, P., & Preneel, B. (2007). Cryptanalysis of White-Box DES Implementations with Arbitrary External Encodings. Selected Areas in Cryptography Lecture Notes in Computer Science, 264-277. doi:10.1007/978-3-540-77360-3_17
There are 18 citations in total.

Details

Primary Language English
Subjects Computer Software
Journal Section Research Article
Authors

Öznur Şengel 0000-0002-2186-927X

Muhammed Ali Aydın This is me 0000-0002-1846-6090

Ahmet Sertbaş This is me 0000-0001-8166-1211

Publication Date August 10, 2020
Submission Date April 10, 2019
Published in Issue Year 2020 Volume: 4 Issue: 1

Cite

APA Şengel, Ö., Aydın, M. A., & Sertbaş, A. (2020). Determining the Cryptography Algorithm and Model for Mobile Payment Systems. Acta Infologica, 4(1), 21-33.
AMA Şengel Ö, Aydın MA, Sertbaş A. Determining the Cryptography Algorithm and Model for Mobile Payment Systems. ACIN. August 2020;4(1):21-33.
Chicago Şengel, Öznur, Muhammed Ali Aydın, and Ahmet Sertbaş. “Determining the Cryptography Algorithm and Model for Mobile Payment Systems”. Acta Infologica 4, no. 1 (August 2020): 21-33.
EndNote Şengel Ö, Aydın MA, Sertbaş A (August 1, 2020) Determining the Cryptography Algorithm and Model for Mobile Payment Systems. Acta Infologica 4 1 21–33.
IEEE Ö. Şengel, M. A. Aydın, and A. Sertbaş, “Determining the Cryptography Algorithm and Model for Mobile Payment Systems”, ACIN, vol. 4, no. 1, pp. 21–33, 2020.
ISNAD Şengel, Öznur et al. “Determining the Cryptography Algorithm and Model for Mobile Payment Systems”. Acta Infologica 4/1 (August 2020), 21-33.
JAMA Şengel Ö, Aydın MA, Sertbaş A. Determining the Cryptography Algorithm and Model for Mobile Payment Systems. ACIN. 2020;4:21–33.
MLA Şengel, Öznur et al. “Determining the Cryptography Algorithm and Model for Mobile Payment Systems”. Acta Infologica, vol. 4, no. 1, 2020, pp. 21-33.
Vancouver Şengel Ö, Aydın MA, Sertbaş A. Determining the Cryptography Algorithm and Model for Mobile Payment Systems. ACIN. 2020;4(1):21-33.