Professional Documents
Culture Documents
www.elsevier.com/locate/ipl
Received 27 April 2005; received in revised form 3 September 2005; accepted 6 October 2005
Available online 28 October 2005
Communicated by D. Basin
Abstract
The Secure Electronic Transaction (SET) protocol has been developed by the major credit card companies in association with
some of the top software corporations to secure e-commerce transactions. This paper recalls the basics of the SET protocol and
presents a new flaw: a dishonest client may purchase goods from an honest merchant (with the help of another merchant) for which
he does not pay. Fortunately, by checking his balance sheet, the merchant may trace with the help of his bank the client and his
accomplice. We also propose a modification to fix the flaw.
2005 Elsevier B.V. All rights reserved.
We describe our attack in Section 3. Finally, we con- way (G). A secret session key generated by the principal
clude in Section 4 by a brief review of the related works. X is denoted by KX and his public encryption key by
PK X . The cryptogram {m}K is obtained by encrypting
2. The SET protocol the message m with the key K, and H (m) is the hashing
of m. The signature of a message m by the principal X is
In order to ensure the security of electronic transac- denoted by SX (m) and the signature only by SOX (m) (it
tions involving credit cards, the major players Visa and does not include the message m). We suppose, as stated
MasterCard, in association with some of the top corpo- in SET’s specification, that certificates are implicit; that
rations, have implemented a security standard for such is, a signed message always contains the certificate of
transactions: Secure Electronic Transaction (SET) [9]. the public key needed to verify the signature. ChallX de-
SET has a global scope and its main security objec- notes a random fresh challenge (a nonce) generated by
tives are to ensure the confidentiality and integrity of X. Finally, CertEX (Y ) and CertSX (Y ) denote, respec-
the transaction’s data as well as the authentication of tively, the certificates of encryption and public signature
the different involved entities. SET consists of the fol- keys of Y signed by X.
lowing five sub-protocols: The purchase phase is complex and involves three
parties: the Cardholder (C), the Merchant (M) and a
• Cardholder registration: the Cardholder or client Payment Gateway (G). SET uses many optional data
(C) transmits to a trusted Certificate Authority (CA) and, depending on which are taken into account, we
his card number (called the primary account num- may obtain different alternative versions of the purchase
ber or PAN), a secret nonce (called CardSecret) and phase. The most difficult task is to find a version that is
his public signature key. Upon validation, the CA both simple and relatively close to reality. Following an
issues a public key certificate (digital ID) including idea in [3] we consider a single transaction involving
the hash code of the PAN and the PANSecret—a se- no optional data. We suppose that when a transaction is
cret nonce which is the result of an exclusive-or of authorized, the Merchant does not need to request a pay-
the CardSecret and a random nonce chosen by the ment capture to be paid. Therefore the payment capture
CA—that plays the role of the PIN for the physical is not included in our version. To simplify the analysis,
card. we use public key encryption as an abstraction of digi-
• Merchant and Payment Gateway registration: it is tal envelopes. Fig. 1 illustrates SET’s purchase protocol
similar to the client registration. They register both where a transaction is processed as follows.
their public encryption and signature keys, and ob-
tain two certificates. Initialization request. Before the purchase begins, the
• Purchase request: it enables the client to securely Cardholder and the Merchant agree upon the order
send payment instructions to the Merchant, but the description and the purchase amount. This shopping
latter does not have access to the client’s card data. step is out of the SET protocol. The Cardholder then
• Payment authorization: it enables the Merchant to sends to the Merchant his local ID (LIDC ) and a
check with the Payment Gateway the client’s card fresh random challenge.
clearance and to validate the transaction. Initialization response. The Merchant generates a
• Transaction payment: the Merchant issues a pay- transaction ID (XID), a 20 bytes random number,
ment request to the Gateway. serving as a unique transaction ID and sends it to
the customer together with the Gateway’s public
The first two protocols constitute the SET’s regis- encryption key certificate. The purpose of this step
tration phase and its main goal is to provide the cus- is to provide the Cardholder with the Merchant’s
tomer, Merchant and Payment Gateway with certificates signature certificate and the Gateway’s encryption
signed by a trusted Certificate Authority that associate certificate (recall that certificates are implicit).
their public keys to their identities. The issued certifi- Order request. After validating both certificates, the
cates are then used for their mutual authentication in any Cardholder sends an order request which contains
subsequent transaction. The last three protocols, usually the Payment Instruction (PI), the Order Informa-
called the SET purchase protocols, constitute the elec- tion (OI) and the Dual Signature (DualSign) to the
tronic transaction itself. Merchant. The OI carries information to link the
purchase request to prior shopping and ordering di-
Cryptographic notations. The agents are the Card- alogue between the Cardholder and the Merchant.
holder (C), the Merchant (M) and a Payment Gate- PI is the most central and sensitive data structure
106 S. Brlek et al. / Information Processing Letters 97 (2006) 104–108
Initialization
(1) InitReq C → M: LIDC , ChallC
(2) InitRes C ← M: SM (LIDM , LIDC , XID, ChallC , ChallM , CertECA (G))
Purchase
(3) PurchReq C → M: OI, DualSign, {PI}PK G
Authorization
(4) AuthReq M → G: {SM (AuthData, LinkOIPI)}PK G , DualSign, {PI}PK G
where AuthReqData = H (OIData), HOD, LIDM , LIDC , XID, AuthRRTags
and LinkOIPI = H (AuthReqData, DualSign, {PI}PK G )
(5) AuthRes M ← G: {SG (LIDM , LIDC , XID, AuthRRTags, PurchAmt, AuthCode)}PK M
Purchase continued
(6) PurchRes C ← M: SM (LIDM , LIDC , XID, ChallC , AuthCode)
in SET. It is used to pass the data required to au- purchases. MerID is the Merchant ID (assigned by
thorize a payment card from the Cardholder to the his bank) copied by the Cardholder from the Mer-
Payment Gateway, which uses the data to initiate chant’s certificate. The Merchant verifies the OI and
a payment card transaction through the traditional the Dual Signature using the hash code H (PIData)
payment card financial network. The data is en- included in the OI.
crypted by the Cardholder using the Gateway’s pub- Authorization request. It contains the PI and the Du-
lic key and sent via the Merchant so that it is hidden alSign sent by the Cardholder, the hash codes
from the Merchant. The purpose of the Dual Signa- H (OIData) and HOD, which enable the Gate-
ture (DualSign) is to link the two messages—OI and way to verify the Dual Signature, the different
PI—that are intended for two different recipients. IDs involved in the transaction, and the autho-
The link ensures the Gateway that the Cardholder rization request/response tags (AuthRRTags) that
and the Merchant agree on the same order and it can the Gateway must include in the authorization re-
be used to resolve disputes. The OI, PI and Dual- sponse. The purpose of AuthRRTags is to match
Sign are computed as follows. the request/response paired messages; it contains
(MerID) the Merchant’s financial ID and some op-
HOD := H (OrderDesc, PurchAmt) tional data that may be used by the Merchant’s bank
PIHead := LIDM , LIDC , XID, HOD, PurchAmt, to authorize the transaction.
Authorization response. If both PI and OI agree, the
MerID, H (XID, CardSecret) Gateway proceeds to the transaction authoriza-
OIData := LIDM , LIDC , XID, ChallM , tion with the Acquirer using the existing financial
networks. If authorization is allowed, the Gate-
ChallC , HOD
way sends the authorization response containing
PANData := PAN, PANSecret AuthRRTags copied from AuthReq, the purchase
PIData := PIHead, PANData amount and the transaction status (a boolean value).
Purchase response. The Merchant verifies the Gate-
DualSign := SOC (H (PIData), H (OIData)) way’s signature and that the IDs and AuthRRTags
PI := PIHead, H (OIData), PANData included in the response match those sent in his re-
OI := OIData, H (PIData) quest message. Then he forwards to the Cardholder
the authorization status combined with the different
where OrderDesc is the description of the cus- IDs and challenges involved in the transaction.
tomer’s detailed order and PurchAmt the total
amount of the purchase order. PAN is the Cardhold- We analyzed the SET’s purchase phases using ASPIC
er’s primary account number (his credit card num- [1], a model-checker for cryptographic protocols under
ber) and PANSecret a secret number known to the development and discovered a design flaw that can be
Cardholder used to prove his identity when making exploited by dishonest customers to cheat the Merchant.
S. Brlek et al. / Information Processing Letters 97 (2006) 104–108 107
3. The attack and destroys it. The Gateway proceeds with the Intrud-
er’s
We exploit now a weakness in the purchase autho-
rization process by the Gateway to develop an attack (4) AuthReq I → G:
against SET. The attack is similar to the Lowe’s [7] at- {SI (AuthReqData, ILinkOIPI)}PK G , DualSign4I, {PI4I}PK G
tack against the Needham–Schröder protocol and other
where
published attacks such as the Gürgens and Rudolph’s
attack [5] on the Zhou–Gollmann non-repudiation pro- AuthReqData = H (OIData), HOD, LIDM , LIDC , XID, AuthRRTags
tocol; it involves the deliberate re-use of a supposedly and
“unique” session identifier. It is also similar to the at-
ILinkOIPI = H (AuthReqData, DualSign4I, {PI4I}PK G )
tack against SET found by Bella et al. [3]: the attack is
possible because signed SET messages contain too little and validates it. Note that the AuthRRTags in the Intrud-
contextual information (so-called explicitness). Both at- er’s authorization request contains MerID, the honest
tacks involve a dishonest person re-encrypting received Merchant’s ID (not the Intruder’s one), but the Gateway
information by using another person’s public encryption does not verify this value ([9], book 3, p. 354). There-
key. But unlike the attack in [3], requiring the existence fore it is not a real lack of explicitness, but rather a bad
of a corrupted Payment Gateway—who has more lucra- verification process. Indeed, the message contains all
tive crimes to commit—our attack requires only a collu- that is necessary to detect the attack but a weak process
sion between a dishonest merchant and the client. Note verification makes it possible in SET. The Gateway au-
that SET defines the local IDs as follows ([9], book 2, thorizes the transaction and sends the authorization re-
p. 267): sponse
“LIDC and LIDM are identifiers which are assigned by (5) AuthRes I ← G:
the Cardholder, Merchant, and/or payment system in-
{SG (LIDM , LIDC , XID, AuthRRTags, PurchAmt, AuthCode)}PK I
frastructure to tag transactions in a manner convenient
for each of them; however, other parties may not assume to the Intruder. As in the Lowe’s attack [7], he re-
characteristics of these labels. LIDM may often be used encrypts it using the Merchant’s public key. When the
to hold the Merchant’s order number associated with the Merchant receives this authorization response
transaction.”
(5 ) AuthRes M ← I(G):
Therefore the LIDM cannot identify the Merchant
and any other Merchant could possibly use the same {SG (LIDM , LIDC , XID, AuthRRTags, PurchAmt, AuthCode)}PK M
LIDM . Our attack is based on the way the authorization containing the right transaction IDs and AuthRRTags,
request message (AuthReq) (Fig. 1) is processed by the signed by the Gateway, he believes that he will receive
Gateway. It proceeds as follows. The customer decides payment and delivers the goods; so the customer pur-
to purchase goods but does not want to pay the Mer- chased goods from the honest Merchant but pays his ac-
chant. With the help of his accomplice (the Intruder), complice. Fortunately when the Merchant realizes that
who must be a Merchant, the customer purchases the sales do not balance in his account, he may request the
same goods from both the honest Merchant and his ac- necessary information from his bank in order to trace
complice using the same supposedly “unique” transac- the faulty transactions and identify the client and his ac-
tion IDs (LIDM , LIDC , XID). This is possible in SET complice.
since neither LIDM nor XID (a random number) identify It would be sufficient that the Gateway compares the
the Merchant. The Cardholder sends them the purchase Merchant’s ID in the AuthRRTags and the one included
requests in the customer’s PI to detect the attack. But a more re-
(3) PurchReq C → M: OI, DualSign, {PI}PK G alistic solution which can guarantee non-repudiation is
to bind under the Gateway signature the merchant’s and
(3 ) PurchReq C → I: OI, DualSign4I, {PI4I}PK G the client’s identities.
These two messages differ only in the PIHead which
appears in both DualSign and PI. In the first message it 4. Related works and conclusion
contains the honest Merchant’s ID (MerID) and in the
second one the Intruder’s one. Both Merchants generate Before concluding, let us briefly review some previ-
their authorization requests and send them to the Gate- ous works on the verification of SET. In [10] Meadows
way, but the Intruder intercepts the Merchant’s request and Syverson use the temporal language NPATRL to
108 S. Brlek et al. / Information Processing Letters 97 (2006) 104–108