Authors:
Isa Sertkaya
and
Oznur Kalkar
Affiliation:
MCS Labs & BCLabs, T ÜBİTAK BİLGEM UEKAE, PK. 74, 41470, Gebze, Kocaeli, Turkey
Keyword(s):
Electronic Checkbook, e-Checkbook, e-Check, Cryptanalysis, Security, Privacy.
Abstract:
Paper-based check is the second mostly used payment method. Accordingly, efforts are underway to improve electronic checkbook (shortly, e-checkbook) systems which mimics the paper-based checkbook mechanism, in line with social needs. Considering the cost of paper check procedures and the amount of money transferred using checks, we believe that there should be a properly designed and provably secure e-checkbook scheme. Analyzing the vulnerabilities of the existing systems, and figuring out where they originate is the first step towards a secure e-checkbook mechanism. In this study, we show that the e-checkbook schemes denoted as PEEC, CYLL, CCL, CWL and CCW fail to achieve their claimed security and susceptible to various types of attacks including e-check forgery and manipulation. Particularly, we show that Pasupathinathan et al.’s PEEC scheme does not satisfy the correctness, anonymous identity and payment unlinkability; Chen et al.’s CYLL scheme is not secure against e-check manip
ulation and e-check forgery attacks; Chang et al.’s CCL scheme, Chen et al.’s CWL scheme and Chang et al.’s CCW scheme are susceptible to e-check manipulation attack.
(More)