200 likes | 216 Views
Experimenting with Electronic Commerce on the PalmPilot. Neil Daswani Dan Boneh daswani@cs.stanford.edu dabo@cs.stanford.edu. Public Key Solutions ‘99 April 12 - 14. Overview. Security Applications on a PDA (advantages / disadvantages?)
E N D
Experimenting with Electronic Commerce on the PalmPilot Neil Daswani Dan Boneh daswani@cs.stanford.edu dabo@cs.stanford.edu Public Key Solutions ‘99April 12 - 14
Overview • Security Applications on a PDA(advantages / disadvantages?) • How about a payment system?(wide-deployment of PDAs?) • Is this feasible with existing PDA technology?
Outline • Trade-offs • E-Commerce on the PalmPilot • PDA-PayWord • Performance • Conclusions
Trade-offs • Vs. SmartCards • no tamper resistance • no cryptographic accelerators • direct line of communication with user • more processing power • more memory
Trade-offs • Vs. Desktops • less memory • less processing power • portable
E-Commerce on the PalmPilot • Security Features (Lack of?) • Cryptographic Primitives • Authentication • Memory Mgmt. & Backups • Prototypical Application
Security Features (Lack of?) • Databases -- No Access Control • non-volatile • creatorID • “secret” attribute (just a suggestion) • Password Entry
Cryptographic Primitives * DES, SHA-1, RSA figures obtained with SSLeay * ECC-DSA figures obtained with Certicom Security Builder Toolkit
E-Commerce on the PalmPilot • Authentication • Pro: direct line of communication with owner • Con: entering passwords • Memory Management & Backups • Encrypted Storage (Instrument Manager) • PalmPilot Databases (deletion, double spending)
E-Commerce on the PalmPilot • Small payments ($5 -> $50) • Target Application: Pony Vending Machine
E-Commerce on the PalmPilot • Where to start? • PayWord (Rivest, Shamir) • Why PayWord? • amortize cost of signatures • coins = hash tokens
PDA-PayWord • PalmPilot implementation of PayWord • Minimize cryptographic operations • Minimize storage requirements
PDA-PayWord Characteristics • Vendor-Specific • Pre-Pay (Debit-Based) • Vendor = Bank • Hash Chain Based
User’s Wallet Bank {Yk, k, d, vid}SECC-DSA(User) Yk Pre-Paid? Yes HCC= {Yk, k, d, exp,vid}SRSA (Bank) Y1 Y0 PDA-PayWord: Withdrawal
PDA-PayWord: Purchase Yk User’s Wallet Yk-i+1 Yk-i Yk-i, i, HCC Yk-i Vendor Y1 Y0
PDA-PayWord: Withdrawal Timings Note: d = 5
PDA-PayWord: Purchase Timings (First time $1.50 buy)
PDA-PayWord Variations • Multiple hash chains / Multiple denominations • Storing “sentinel” values • Multiple Vendors (Introduce Online Broker)
Conclusions / Summary • PDA = portable commerce device w/o tamper resistance • Suitable for small payments • Commerce protocols can be adapted • Example: PDA-PayWord • leverages best of ECC and RSA
Acknowledements • Certicom • Andrew Toy