Skip to main content
SpringerLink
Log in

An improved hybrid scheme for e-payment security using elliptic curve cryptography

  • Original Research
  • Published:
International Journal of Information Technology Aims and scope Submit manuscript

Abstract

This paper presents an improved security scheme using a hybrid of elliptic curve integrated encryption and provably secure elliptic curve with cyclotomic points. The proposed scheme uses Weierstrass form of an elliptic curve and cyclotomic polynomial, by creating a relationship to uniquely generate a hash function to form a structure from a coordinate in the curve and variable in the polynomial. The scheme was tested using e-payment information for mutual agreement and transaction authentication. The scheme is secured for encryption of information with low computational time and useful to fight against small subgroup, chosen ciphertext attacks and ensures data confidentiality and integrity.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1

Similar content being viewed by others

References

  1. Abdalla M, Benhamouda F, Pointcheval D (2016) Public-key encryption indistinguishable under plaintext-checkable attacks. IET Inf Secur 10(6):288–303. https://doi.org/10.1016/j.ins.2015.02.010

    Article  MATH  Google Scholar 

  2. Adrian D, Bhargavan K, Durumeric Z, Gaudry P, Green M, Halderman JA, Heninger N, Springall D, Thomé E, Valenta L et al (2015) Imperfect forward secrecy: how Diffie–Hellman fails in practice. In: Proceedings of the 22nd ACM SIGSAC conference on computer and communications security. Denver Colorado, USA pp 5–17. https://doi.org/10.1145/2810103.2813707

  3. Ansah R, Boadi R, Obeng-Denteh W, Omari-Sasu A (2016) Review of the birch and swinnerton-dyer conjecture. Am J Math Stat 6(4):182–189. https://doi.org/10.5923/j.ajms.20160604.07

    Article  Google Scholar 

  4. Antipa A, Brown D, Menezes A, Struik R, Vanstone S (2003) Validation of elliptic curve public keys. In: International workshop on public key cryptography. Springer, Berlin, Heidelberg pp 211–223. https://doi.org/10.1007/3-540-36288-616

  5. Arbit A, Livne Y, Oren Y, Wool A (2015) Implementing public-key cryptography on passive rfid tags is practical. Int J Inf Secur 14(1):85–99. https://doi.org/10.1007/s10207-014-0236-y

    Article  Google Scholar 

  6. Baker A (2013) An introduction to galois theory. School of Mathematics & Statistics, University of Glasgow

  7. Bakhtiari S, Baraani A, Khayyambashi MR (2009) Mobicash: a new anonymous mobile payment system implemented by elliptic curve cryptography. In: 2009 WRI world congress on computer science and information engineering, vol 3. IEEE, Los Angeles, California pp 286–290. https://doi.org/10.1109/CSIE.2009.939

  8. Buchanan B (2016) Cryptography and sovereignty. Survival 58(5):95–122. https://doi.org/10.1080/00396338.2016.1231534

    Article  Google Scholar 

  9. Ch SA, Sher M, Ghani A, Naqvi H, Irshad A et al (2015) An efficient signcryption scheme with forward secrecy and public verifiability based on hyper elliptic curve cryptography. Multimed Tools Appl 74(5):1711–1723. https://doi.org/10.1007/s11042-014-2283-9

    Article  Google Scholar 

  10. Chaudhry SA, Farash MS, Naqvi H, Kumari S, Khan MK (2015) An enhanced privacy preserving remote user authentication scheme with provable security. Secur Commun Netw 8(18):3782–3795. https://doi.org/10.1002/sec.1299

    Article  Google Scholar 

  11. Chaudhry SA, Farash MS, Naqvi H, Sher M (2016) A secure and efficient authenticated encryption for electronic payment systems using elliptic curve cryptography. Electron Commer Res 16(1):113–139. https://doi.org/10.1007/s10660-015-9192-5

    Article  Google Scholar 

  12. Chen J, He K, Yuan Q, Xue G, Du R, Wang L (2017) Batch identification game model for invalid signatures in wireless mobile networks. IEEE Trans Mob Comput 16(6):1530–1543. https://doi.org/10.1109/TMC.2016.2604820

    Article  Google Scholar 

  13. Chen J, Lim HW, Ling S, Wang H, Wee H (2014) Shorter identity-based encryption via asymmetric pairings. Des Codes Cryptogr 73(3):911–947. https://doi.org/10.1007/s10623-013-9834-3

    Article  MathSciNet  MATH  Google Scholar 

  14. Choi SG, Dachman-Soled D, Malkin T, Wee H (2017) Improved, black-box, non-malleable encryption from semantic security. Des Codes Cryptogr. https://doi.org/10.1007/s10623-017-0348-2

    Article  MATH  Google Scholar 

  15. Cormen TH (2009) Introduction to algorithms. MIT Press, Cambridge

    MATH  Google Scholar 

  16. Crandall R, Pomerance C (2006) Prime numbers: a computational perspective, vol 182. Springer Science & Business Media, Berlin

    MATH  Google Scholar 

  17. Das AK (2012) A random key establishment scheme for multi-phase deployment in large-scale distributed sensor networks. Int J Inf Secur. https://doi.org/10.1007/s10207-012-0162-9

    Article  Google Scholar 

  18. Dent AW (2010) Choosing key sizes for cryptography. Inf Secur Tech Rep 15(1):21–27. https://doi.org/10.1016/j.istr.2010.10.006

    Article  Google Scholar 

  19. Emura K, Kanaoka A, Ohta S, Takahashi T (2017) Establishing secure and anonymous communication channel: Kem/dem-based construction and its implementation. J Inf Secur Appl. https://doi.org/10.1016/j.jisa.2016.12.001

    Article  Google Scholar 

  20. Farash MS (2016) Security analysis and enhancements of an improved authentication for session initiation protocol with provable security. Peer Peer Netw Appl 9(1):82–91. https://doi.org/10.1007/s12083-014-0315-x

    Article  Google Scholar 

  21. Farash MS, Attari MA (2014) A secure and efficient identity-based authenticated key exchange protocol for mobile client-server networks. J Supercomput 69(1):395–411. https://doi.org/10.1007/s11227-014-1170-5

    Article  Google Scholar 

  22. Farash MS, Chaudhry SA, Heydari M, Sadough S, Mohammad S, Kumari S, Khan MK (2015) A lightweight anonymous authentication scheme for consumer roaming in ubiquitous networks with provable security. Int J Commun Syst. https://doi.org/10.1002/dac.3019

    Article  Google Scholar 

  23. Galindo D, Martín S, Morillo P, Villar JL (2005) Fujisaki-okamoto hybrid encryption revisited. Int J Inf Secur 4(4):228–241. https://doi.org/10.1007/s10207-004-0042-z

    Article  Google Scholar 

  24. Gayoso Martínez V, Hernández Álvarez F, Hernández Encinas L, Sánchez Ávila C (2011) Analysis of ecies and other cryptosystems based on elliptic curves. J Inf Assur Secur 6(4):285–293

    Google Scholar 

  25. Gayoso Martínez V, Hernández Encinas L, Queiruga DA (2015) Security and practical considerations when implementing the elliptic curve integrated encryption scheme. Cryptologia 39(3):244–269. https://doi.org/10.1080/01611194.2014.988363

    Article  Google Scholar 

  26. Goo EH, Lee SD (2015) Reconfigurable real number field elliptic curve cryptography to improve the security. J Comput Virol Hack Tech 11(3):123–128. https://doi.org/10.1007/s11416-014-0233-8

    Article  Google Scholar 

  27. Hall J, Kilbank S, Barbeau M, Kranakis E (2001) Wpp: a secure payment protocol for supporting credit-and debit-card transactions over wireless networks. In: IEEE International conference on telecommunications (ICT). Citeseer, Bucharest, Romania

  28. Hankerson D, Menezes AJ, Vanstone S (2006) Guide to elliptic curve cryptography. Springer Science & Business Media, Berlin. https://doi.org/10.1007/b97644

    Book  MATH  Google Scholar 

  29. He D, Zhang Y, Chen J (2014) Cryptanalysis and improvement of an anonymous authentication protocol for wireless access networks. Wirel Pers Commun 74(2):229–243. https://doi.org/10.1007/s11277-013-1282-x

    Article  Google Scholar 

  30. Huang CT, Zhang YH, Lin LC, Wang WJ, Wang SJ (2016) Mutual authentications to parties with qr-code applications in mobile systems. Int J Inf Secur. https://doi.org/10.1007/s10207-016-0349-6

    Article  Google Scholar 

  31. Islam SH, Biswas G (2011) A more efficient and secure id-based remote mutual authentication with key agreement scheme for mobile devices on elliptic curve cryptosystem. J Syst Softw 84(11):1892–1898. https://doi.org/10.1016/j.jss.2011.06.061

    Article  Google Scholar 

  32. Kim M, Jung Y, Song J (2017) A modified exhaustive search on a password system using sha-1. Int J Inf Secur 16(3):263–269. https://doi.org/10.1007/s10207-016-0332-2

    Article  Google Scholar 

  33. Kumari S, Karuppiah M, Das AK, Li X, Wu F, Kumar N (2017) A secure authentication scheme based on elliptic curve cryptography for Iot and cloud servers. J Supercomput. https://doi.org/10.1007/s11227-017-2048-0

    Article  Google Scholar 

  34. Le XH, Khalid M, Sankar R, Lee S (2011) An efficient mutual authentication and access control scheme for wireless sensor networks in healthcare. J Netw 6(3):355. https://doi.org/10.4304/jnw.6.3.355-364

    Article  Google Scholar 

  35. Lin P, Chen HY, Fang Y, Jeng JY, Lu FS (2008) A secure mobile electronic payment architecture platform for wireless mobile networks. IEEE Trans Wirel Commun 7(7):2705–2713. https://doi.org/10.1109/TWC.2008.070111

    Article  Google Scholar 

  36. Mandal S, Mohanty S, Majhi B (2016) Design of electronic payment system based on authenticated key exchange. Electron Commer Res. https://doi.org/10.1007/s10660-016-9246-3

    Article  Google Scholar 

  37. Martínez VG, Encinas LH (2013) Implementing the ecc brainpool curve generation procedure using open source software. In: Proceedings of the international conference on security and management (SAM). The Steering Committee of the world congress in computer science, computer engineering and applied computing (WorldComp), pp 1

  38. Mir O, van der Weide T, Lee CC (2015) A secure user anonymity and authentication scheme using avispa for telecare medical information systems. J Med Syst 39(9):89. https://doi.org/10.1007/s10916-015-0265-8

    Article  Google Scholar 

  39. Nateghizad M, Erkin Z, Lagendijk RL (2016) An efficient privacy-preserving comparison protocol in smart metering systems. EURASIP J Inf Secur 1:11. https://doi.org/10.1186/s13635-016-0033-4

    Article  Google Scholar 

  40. Rivest RL, Shamir A, Adleman L (1978) A method for obtaining digital signatures and public-key cryptosystems. Commun ACM 21(2):120–126. https://doi.org/10.1145/359340.359342

    Article  MathSciNet  MATH  Google Scholar 

  41. Shen H, Kumar N, He D, Shen J, Chilamkurti N (2016) A security-enhanced authentication with key agreement scheme for wireless mobile communications using elliptic curve cryptosystem. J Supercomput 72(9):3588–3600. https://doi.org/10.1007/s11227-015-1614-6

    Article  Google Scholar 

  42. Sowjanya K, Dasgupta M, Ray S (2019) An elliptic curve cryptography based enhanced anonymous authentication protocol for wearable health monitoring systems. Int J Inf Secur. https://doi.org/10.1007/s10207-019-00464-9

    Article  Google Scholar 

  43. Stallings W, Tahiliani MP (2014) Cryptography and network security: principles and practice, vol 6. Pearson, London

    Google Scholar 

  44. Tian Y, Li Q, Hu J, Lin H (2020) Secure limitation analysis of public-key cryptography for smart card settings. World Wide Web 23(2):1423–1440. https://doi.org/10.1007/s11280-019-00715-8

    Article  Google Scholar 

  45. Tu H, Kumar N, Chilamkurti N, Rho S (2015) An improved authentication protocol for session initiation protocol using smart card. Peer Peer Netw Appl 8(5):903–910. https://doi.org/10.1007/s12083-014-0248-4

    Article  Google Scholar 

  46. Vincent OR, Folorunso O, Akinde A (2010) Improving e-payment security using elliptic curve cryptosystem. Electron Commer Res 10(1):27–41. https://doi.org/10.1007/s10660-010-9047-z

    Article  MATH  Google Scholar 

  47. Vincent OR, Lawal OM (2018) A key agreement authentication protocol using an improved parallel pollard rho for electronic payment system. J Supercomput 74(5):1973–1993. https://doi.org/10.1007/s11227-017-2204-6

    Article  Google Scholar 

  48. Vincent OR, Okediran TM, Abayomi-Alli AA, Adeniran OJ (2020) An identity-based elliptic curve cryptography for mobile payment security. J SN Comput Sci 1(112):1–12. https://doi.org/10.1007/s11227-017-2204-6

    Article  Google Scholar 

  49. Xue K, Ma C, Hong P, Ding R (2013) A temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks. J Netw Comput Appl 36(1):316–323. https://doi.org/10.1016/j.jnca.2012.05.010

    Article  Google Scholar 

  50. Yang JH, Chang YF, Chen YH (2013) An efficient authenticated encryption scheme based on ECC and its application for electronic payment. Inf Technol Control 42(4):315–324. https://doi.org/10.5755/j01.itc.42.4.2150

    Article  Google Scholar 

  51. Yang X, Ma W, Zhang C (2017) Efficient chosen ciphertext secure key encapsulation mechanism in standard model over ideal lattices. Int J Comput Math 94(5):866–883. https://doi.org/10.1080/00207160.2016.1149578

    Article  MathSciNet  MATH  Google Scholar 

  52. Zhang L, Tang S, Cai Z (2014) Efficient and flexible password authenticated key agreement for voice over internet protocol session initiation protocol using smart card. Int J Commun Syst 27(11):2691–2702. https://doi.org/10.1002/dac.2499

    Article  Google Scholar 

  53. Zhu BB, Yan J, Bao G, Yang M, Xu N et al (2014) Captcha as graphical passwords-a new security primitive based on hard AI problems. IEEE Trans Inf Forensics Secur 9(6):891–904. https://doi.org/10.1109/TIFS.2014.2312547

    Article  Google Scholar 

Download references

Acknowledgements

The authors acknowledge the Department of Mathematics of the Federal University of Agriculture Abeokuta for the contributions.

Author information

Authors and Affiliations

  1. Department of Computer Science, College of Physical Sciences, Federal University of Agriculture, Abeokuta, Nigeria

    O. M. Lawal, O. R. Vincent & O. Folorunso

  2. Department of Mathematics, College of Physical Sciences, Federal University of Agriculture, Abeokuta, Nigeria

    A. A. A. Agboola

Authors
  1. O. M. Lawal
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. O. R. Vincent
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. A. A. A. Agboola
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. O. Folorunso
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to O. R. Vincent.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Lawal, O.M., Vincent, O.R., Agboola, A.A.A. et al. An improved hybrid scheme for e-payment security using elliptic curve cryptography. Int. j. inf. tecnol. 13, 139–153 (2021). https://doi.org/10.1007/s41870-020-00517-6

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s41870-020-00517-6

Keywords

Search

Navigation