Card Payment Systems and Security Using

AES(Advance Encryption Standard)

Submitted in partial fulfillment of the requirement of the

degree of
BACHELOR OF TECHNOLOGY
In
Under the supervision of
Computer Science and
Engineering
Mrs. Neha Batra
 by
Ajay Kumar (1/18/FET/BCS/182)
Professor/Associate
Professor/Assistant
Priyanshu Ojha (1/18/FET/BCS/183)
Professor ,
Nishant Kundu (1/18/FET/BCS/173)
Faculty of Engineering &
Shashank Ranjan (1/18/FET/BCS/180)
Technology
Pappu Kumar (1/18/FET/BCS/170)
Manav Rachna International
Institute of Research and
Studies
Learning Objectives

 Describe typical electronic payment systems for EC

 Identify the security requirements for safe electronic
payments
 Describe the typical security schemes used to meet the
security requirements
 Identify the players and procedures of the electronic
credit card system on the Internet
 Discuss the relationship between SSL and SET protocols
Learning Objectives (cont.)

 Discuss the relationship between electronic fund

transfer and debit card
 Describe the characteristics of a stored value card
 Classify and describe the types of IC cards used for
payments
 Discuss the characteristics of electronic check
systems
SSL Vs. SET: Who Will Win?
 A part of SSL (Secure Socket Layer) is available on customers’ browsers
 it is basically an encryption mechanism for order taking,
queries and other applications
 it does not protect against all security hazards
 it is mature, simple, and widely use
 SET ( Secure Electronic Transaction) is a very comprehensive security protocol
 it provides for privacy, authenticity, integrity, and, or
repudiation
 it is used very infrequently due to its complexity and the need
for a special card reader by the user
 it may be abandoned if it is not simplified/improved
Payments, Protocols and Related Issues

 SET Protocol is for Credit Card Payments

 Electronic Cash and Micropayments

 Electronic Fund Transfer on the Internet

 Stored Value Cards and Electronic Cash

 Electronic Check Systems

Payments, Protocols and Related Issues (cont.)
 Security requirements

• Authentication: A way to verify the buyer’s identity before

payments are made
• Integrity: Ensuring that information will not be accidentally or
maliciously altered or destroyed, usually during transmission
• Encryption: A process of making messages indecipherable except
by those who have an authorized decryption key
• Non-repudiation: Merchants need protection against the
customer’s unjustifiable denial of placed orders, and customers need
protection against the merchants’ unjustifiable denial of past payment
 Security Schemes

 Secret Key Cryptography (symmetric)

Keysender (= Keyreceiver) Keyreceiver

Original Scrambled Scrambled Original

Internet
Message Message Message Message

Sender Receiver
Encryption Decryption
 Security Schemes (cont.)

 Public Key Cryptography

Public Keyreceiver Private Keyreceiver

Message Original Scrambled Internet

Scrambled Original
Message Message Message Message
Sender Receiver

Private Keysender Public Keysender

Digital Original Scrambled Internet

Scrambled Original
Signature Message Message Message Message
Sender Receiver
Security Schemes (cont.)

 Digital Signature

• Analogous to handwritten signature

Sender encrypts a
Any receiver with senders
message with her
public key can read it
private key

The receiver is the only one that

A digital signature is attached
can read the message and at the
by a sender to a message
same time he is assured that the
encrypted in the receiver’s
message was indeed sent by the
public key
sender
Security Schemes (cont.)

 Certificate

• Identifying the holder of a public key (Key-

Exchange)
• Issued by a trusted certificate authority (CA)

Name : “Richard”
key-Exchange Key :
Signature Key :
Serial # : 29483756
Other Data : 10236283025273
Expires : 6/18/96
Signed : CA’s Signature
Security Schemes (cont.)
 Certificate Authority -
e.g. VeriSign
• Public or private, comes in levels (hierarchy)
• A trusted third party services
• Issuer of digital certificates
• Verifying that a public key indeed belongs to a
certain individual
RCA RCA : Root Certificate Authority
BCA : Brand Certificate Authority
BCA GCA : Geo-political Certificate Authority
CCA : Cardholder Certificate Authority
GCA MCA : Merchant Certificate Authority
PCA : Payment Gateway
CCA MCA PCA Certificate Authority
Hierarchy of Certificate Authorities
Certificate authority needs to be verified by a government or well trusted entity ( e.g., post office)
Security Schemes (cont.)

 Advanced Encryption Standard

(AES)
 the US "standard" secret key cryptosystem, replacing DES (Data
Encryption Standard, adopted in 1977)
 AES is the result of a three year competition. This competition was
announced in September 1997 and had entries from 12 different
countries
 The one submission that eventually won was called "Rijndael" and
was invented by two Belgians, Joan Daemen and Vincent Rijmen.
 Requirements for AES

 AES had to be a private key algorithm. It had to use a shared

secret key.
 It had to support the following key sizes:
38
 128 bits ( = 3.4 x 10 keys, equivalent to 2560-bit RSA)
57
 192 bits ( = 6.2 x 10 keys)
77
 256 bits ( = 1.1 x 10 keys)
16  DES uses only 56-bit keys, giving a key space of 7.2 x 10
keys
 If you were able to search half the DES key space in 1 second,
then on average, it would take 149 trillion years to crack a
128-bit AES key.
Requirements for AES

 AES is also an instance of a Feistel cipher, a special case of a block cipher.

 The input to such a cipher consists of 2t bits.
 The input is first divided into 2 parts:
 L and0R 0
 The cipher then proceeds in rounds.
 In the i-th round,
Li := Ri-1
Ri := Li-1 XOR f(Ri-1, ki),

 where f isi some function, and k i is some number derived from the key, to be used in round
i.
 It had to be a block cipher
 an encryption algorithm structured in terms of an internal function and runs that
function repeatedly on the input.
 Each iteration is called a round;
 AES uses 10 rounds.
 The AES Cipher

 Block length is limited to 128 bit

 The key size can be independently specified to 128, 192 or 256
bits

Key size (words/bytes/bits) 4/16/128 6/24/192 8/32/256

Number of rounds 10 12 14
Expanded key size (words/byte) 44/176 52/208 60/240
 The AES Cipher

 Key received as input array of 4 rows and Nk columns

 Nk = 4,6, or 8, parameter which depends key size
 Input key is expanded into an array of 44/52/60 words of 32
bits each
 4 different words serve as a key for each round

k0 k4 k8 k12

k1 k5 k9 k13 w0 w1 w2 …… w42 w43

k2 k6 k10 k14

k3 k7 k11 k15
 The AES Cipher

 Single 128 bit block as input

 Copied to a State array with Nb columns (Nb=4)

Input State array Output

in0 in4 in8 in12 S00 S01 S02 S03 o0 o4 o8 o12

in1 in5 in9 in13 S10 S11 S12 S13 o1 o5 o9 o13

in2 in6 in10 in14 S20 S21 S22 S23 o2 o6 o10 o14

in3 in7 in11 in15 S30 S31 S32 S33 o3 o7 o11 o15
The AES Cipher

 Number of rounds, Nr, depends on key size

 Each round is a repetition of functions that perform a
transformation over State array
 Consists of 4 main functions: one permutation and three
substitutions

Substitute bytes, Shift rows, Mix columns, Add

round key
The AES Cipher

 AddRoundKey() – round key is added to the

State using XOR operation
 MixColumns() – takes all the columns of the
State and mixes their data, independently of one
another, making use of arithmetic over GF(2^8)
 ShiftRows() – processes the State by cyclically
shifting the last three rows of the State by
different offsets
 SubBytes() – uses S-box to perform a byte-by-
byte substitution of State
 The AES Cipher
plaintext

Add round key

Substitute bytes Substitute bytes

Substitute bytes

Shift rows Shift rows Shift rows

Round 1

Round 9
Mix columns Mix columns Add round key

Add Round key Add round key Cipher text

W[4,7] W[36,39] W[40,43]

key
The AES Cipher

Cipher(byte in[4*Nb], byte out[4*Nb], word w[Nb*(Nr+1)])

Begin
byte state[4,Nb]
state = in
AddRoundKey(state, w[0, Nb-1])

for round=1 to Nr-1

SubBytes(state)
ShiftRows(state)
MixColumns(state)
AddRoundKey(state, w[round*Nb, round+1)*Nb-1])
end for

SubBytes(state)
ShiftRows(state)
AddRoundKey(state, w[Nr*Nb, (Nr+1)*Nb-1)

Out = state
end
The AES Cipher

 Only Add round key makes use of the key

 Other three functions are used for diffusion and confusion
 Final round consists of only three stages
 The AES Inverse Cipher
ciphertext

Add round key

Inv. Shift rows Inv. Shift rows

Inv. Shift rows

Inv. Sub bytes Inv. Sub bytes Inv. Sub bytes

Round 1

Round 9
Add round key Add round key Add round key

Inv. Mix Columns Inv. Mix columns plaintext

W[36,39] W[4,7] W[0,3]

key
The AES Inverse Cipher
InvCipher(byte in[4*Nb], byte out[4*Nb], word w[Nb*(Nr+1)])
Begin
byte state[4,Nb]
state = in
AddRoundKey(state, w[Nr*Nb, (Nr+1)*Nb-1)

for round=1 to Nr-1

InvShiftRows(state)
InvSubBytes(state)
AddRoundKey(state, w[round*Nb, round+1)*Nb-1])
InvMixColumns(state)
end for

InvShiftRows(state)
InvSubBytes(state)
AddRoundKey(state, w[0, Nb-1])

Out = state
end
The AES Inverse Cipher

 Decryption algorithm uses the expanded key in reverse order

 All functions are easily reversible and their inverse form is used
in decryption
 Decryption algorithm is not identical to the encryption algorithm
 Again, final round consists of only three stages
Electronic Credit Card System
on the Internet

 The Players

 Cardholder
 Merchant (seller)
 Issuer (your bank)
 Acquirer (merchant’s financial institution,
acquires the sales slips)
 Brand (VISA, Master Card)
 Electronic Credit Card System
on the Internet (cont.)
 The process of using credit cards offline
A cardholder requests the issuance of a
card brand (like Visa and MasterCard) to
an issuer bank in which the cardholder
may have an account.
A plastic card is physically delivered
to the customer’s address by mail.
The cardholder shows the card to a
merchant to pay a requested amount.
Then the merchant asks for approval
from the brand company.
The acquirer bank requests the issuer
bank to pay for the credit amount.
The authorization of card issuance by
the issuer bank, or its designated brand
company, may require customer’s
physical visit to an office.
The card can be in effect as the
cardholder calls the bank for
initiation and signs on the back of the
card.
Upon the approval, the merchant
requests payment to the merchant’s
acquirer bank, and pays fee for the
service. This process is called a
“capturing process”
Cardholder Merchant
credit
card Payment authorization,
payment data
Card Brand Company
account debit data payment data

payment data

amount transfer
Issuer Bank Acquirer Bank

Cardholder Merchant
Account Account

Credit Card Procedure (offline and online)

© Prentice Hall, 2000 28
Secure Electronic Transaction (SET) Protocol

• Sender’s Computer
1. The message is hashed to a prefixed length of message digest.
2. The message digest is encrypted with the sender’s private signature
key, and a digital signature is created.
3. The composition of message, digital signature, and Sender’s certificate
is encrypted with the symmetric key which is generated at sender’s
computer for every transaction. The result is an encrypted message.
SET protocol uses the DES algorithm instead of RSA for encryption
because DES can be executed much faster than RSA.
4. The Symmetric key itself is encrypted with the receiver’s public key
which was sent to the sender in advance. The result is a digital
envelope.

© Prentice Hall, 2000 29

 Sender’s Computer
Sender’s Private
 
Message Signature Key

Message Digest Digital Signature

+
Message


+
Encrypt

+ Symmetric
Key

Sender’s Encrypted
Certificate Message


Receiver’s
Encrypt
Certificate
Receiver’s Digital
Key-Exchange Key Envelope

© Prentice Hall, 2000 30

Secure Electronic Transaction (SET)
Protocol (cont.)
• Receiver’s Computer
5. The encrypted message and digital envelope are transmitted to receiver’s
computer via the Internet.
6. The digital envelope is decrypted with receiver’s private exchange key.
7. Using the restored symmetric key, the encrypted message can be restored
to the message, digital signature, and sender’s certificate.
8. To confirm the integrity, the digital signature is decrypted by sender’s
public key, obtaining the message digest.
9. The delivered message is hashed to generate message digest.
10. The message digests obtained by steps 8 and 9 respectively, are
compared by the receiver to confirm whether there was any change
during the transmission. This step confirms the integrity.

© Prentice Hall, 2000 31

 Receiver’s Computer
Receiver’s Private
Key-Exchange Key
Decrypt

Digital
Envelope

Message

Message Digest
Decrypt +
Symmetric
Key
+

Encrypted Sender’s compare
Message Certificate

Decrypt
Sender’s Public
Digital Signature Message Digest
Signature Key
32
 IC Card
Reader Customer y
Customer x
With Digital Wallets
Certificate
Authority

Electronic Shopping Mall

Merchant A Merchant B Payment Gateway

Protocol
X.25

Credit Card
Brand

Entities of SET Protocol in Cyber Shopping

33
 SET Vs. SSL
Secure Electronic Transaction (SET)
Complex
SET is tailored to the credit card
payment to the merchants.
SET protocol hides the customer’s
credit card information from
merchants, and also hides the order
information to banks, to protect
privacy. This scheme is called dual
signature.
Secure Socket Layer (SSL)
Simple
SSL is a protocol for general-
purpose secure message
exchanges (encryption).
SSL protocol may use a
certificate, but there is no payment
gateway. So, the merchants need
to receive both the ordering
information and credit card
information, because the capturing
process should be initiated by the
merchants.
Electronic Fund Transfer (EFT)
on the Internet
Internet

Payer Payee

Cyber Bank Cyber Bank

Payment Payment
Gateway Gateway

Bank Bank
VAN VAN
Automated
Clearinghouse
An Architecture of Electronic Fund Transfer on the Internet
Debit Cards

 A delivery vehicle of cash in an electronic form

 Mondex, VisaCash applied this approach
 Either anonymous or onymous
 CyberCash has commercialized a debit card named CyberCoin as a medium of
micropayments on the Internet
 Financial EDI
 It is an EDI used for financial transactions
 EDI is a standardized way of exchanging messages between businesses
 EFT can be implemented using a Financial EDI system
 Safe Financial EDI needs to adopt a security scheme used for the SSL protocol
 Extranet encrypts the packets exchanged between senders and receivers using the public key
cryptography
Electronic Cash and Micropayments
 Smart Cards

• The concept of e-cash is used in the non-Internet

environment
• Plastic cards with magnetic stripes (old technology)
• Includes IC chips with programmable functions on
them which makes cards “smart”
• One e-cash card for one application
• Recharge the card only at designated locations,
such as bank office or a kiosk. Future: recharge at
your PC
• e.g. Mondex & VisaCash
Electronic Money

 DigiCash

• The analogy of paper money or coins

• Expensive, as each payment transaction must be
reported to the bank and recorded
• Conflict with the role of central bank’s bill
issuance
• Legally, DigiCash is not supposed to issue more
than an electronic gift certificate even though it
may be accepted by a wide number of member
stores
Electronic Money (cont.)

 Stored Value Cards

• No issuance of money
• Debit card — a delivering vehicle of cash in an
electronic form
• Either anonymous or onymous
• Advantage of an anonymous card
• the card may be given from one person to another
• Also implemented on the Internet without
employment of an IC card
Electronic Money (cont.)

 Smart card-based e-cash

 Can be recharged at home through the Internet
 Can be used on the Internet as well as in a non-Internet environment
 Ceiling of Stored Values
 To prevent the abuse of stored values in money laundry
 S$500 in Singapore; HK$3,000 in Hong Kong
 Multiple Currencies
 Can be used for cross border payments
 Electronic Check Systems
Procedure of Financial Service Technology Consortium Prototype

Remittance Account
Payer Invoice
Payee Receivable
E- Mail
WWW

Signature Signature “Card”

“Card” Remittance
Workstation Remittance
Check
Check
Signature
Signature E-mail
Certificate
Certificate
Mall statement Certificate
Certificate
E-Check line item Endorsement
Secure Envelope Certificate
Certificate
ACH
Secure Envelope
ECP

Payer’s Bank Clear Check Payee’s Bank Deposit check

Debit account Credit account
Electronic Check Systems (cont.)

 Electronic Checkbook

• Counterpart of electronic wallet

• To be integrated with the accounting information
system of business buyers and with the payment
server of sellers
• To save the electronic invoice and receipt of
payment in the buyers and sellers computers for
future retrieval
• Example : SafeCheck
• Used mainly in B2B
 Payer’s Payee’s check-
checkbook agent receipt agent
Issue a check

Payer Receipt Payee

Checkbook,
report
screened result
Request of Internet
screening check present
issuance
control control
agent of agent of
payer’s clearing payee’s
bank bank
A/C A/C
DB DB
payer’s bank payee’s bank

The Architecture of SafeCheck 44

Integrating Payment Methods
 Two potential consolidations:
 The on-line electronic check is merging with EFT
 The electronic check with a designated settlement date is merging with electronic credit
cards
 Security First Network Bank (SFNB)
 First cyberbank
 Lower service charges to challenge the service fees of traditional banks
 Visa
 VisaCash is a debit card
 ePay is an EFT service
How Many Cards are Appropriate?

An Aonymous card
is necessary to
keep the certificates for
credit cards, EFT, and
electronic checkbooks
The stored value in
IC card can be delivered
in an anonymous mode

Malaysia’s Multimedia Supper Corridor project

pursues a One-Card system
Relationship Card by Visa is also attempting
a one card system
Managerial Issues
 Security solution providers can cultivate the opportunity of providing
solutions for the secure electronic payment systems
 Electronic payment system solution providers can offer various types of
electronic payment systems to electronic stores and banks
 Electronic stores should select an appropriate set of electronic payment systems
 Banks need to develop cyberbank services to be compatible with the various
electronic payment system
 Credit card brand companies need to develop an EC standard like SET, and
watch the acceptance by customers
 Smart card brand should develop a business model in cooperation with
application sectors and banks
 Certificate authority needs to identify the types of certificate to provide

© Prentice Hall, 2000 47

Five Security Tips
 Don’t reveal your online Passcode to anyone. If you think your online
Passcode has been compromised, change it immediately.
 Don’t walk away from your computer if you are in the middle of a
session.
 Once you have finished conducting your banking on the Internet, always
sign off before visiting other Internet sites.
 If anyone else is likely to use your computer, clear your cache or turn off
and re-initiate your browser in order to eliminate copies of Web pages
that have been stored in your hard drive.
 Bank of America strongly recommends that you use a browser with 128-
bit encryption to conduct secure financial transactions over the Internet.