Verifying the SET purchase protocols

G. Bella; F. Massacci; L.C. Paulson

doi:10.1007/s10817-005-9018-6

Verifying the SET purchase protocols

G. Bella, F. Massacci, L.C. Paulson

Research output: Contribution to Journal › Article › Academic › peer-review

Abstract

SET (Secure Electronic Transaction) is a suite of protocols proposed by a consortium of credit card companies and software corporations to secure e-commerce transactions. The Purchase part of the suite is intended to guarantee the integrity and authenticity of the payment transaction while keeping the Cardholder's account details secret from the Merchant and his choice of goods secret from the Bank. This paper details the first verification results for the complete Purchase protocols of SET. Using Isabelle and the inductive method, we show that their primary goal is indeed met. However, a lack of explicitness in the dual signature makes some agreement properties fail: it is impossible to prove that the Cardholder meant to send his credit card details to the very payment gateway that receives them. A major effort in the verification went into digesting the SET documentation to produce a realistic model. The protocol's complexity and size make verification difficult, compared with other protocols. However, our effort has yielded significant insights. © Springer Science+Business Media, Inc. 2006.

Original language	English
Pages (from-to)	5-37
Journal	Journal of Automated Reasoning
Volume	36
Issue number	1-2
DOIs	https://doi.org/10.1007/s10817-005-9018-6
Publication status	Published - Jan 2006
Externally published	Yes

Access to Document

10.1007/s10817-005-9018-6

Persistent URL (handle)

Persistent link

Cite this

@article{421908bb3b2c4512a93f00c2547f585a,

title = "Verifying the SET purchase protocols",

abstract = "SET (Secure Electronic Transaction) is a suite of protocols proposed by a consortium of credit card companies and software corporations to secure e-commerce transactions. The Purchase part of the suite is intended to guarantee the integrity and authenticity of the payment transaction while keeping the Cardholder's account details secret from the Merchant and his choice of goods secret from the Bank. This paper details the first verification results for the complete Purchase protocols of SET. Using Isabelle and the inductive method, we show that their primary goal is indeed met. However, a lack of explicitness in the dual signature makes some agreement properties fail: it is impossible to prove that the Cardholder meant to send his credit card details to the very payment gateway that receives them. A major effort in the verification went into digesting the SET documentation to produce a realistic model. The protocol's complexity and size make verification difficult, compared with other protocols. However, our effort has yielded significant insights. {\textcopyright} Springer Science+Business Media, Inc. 2006.",

author = "G. Bella and F. Massacci and L.C. Paulson",

year = "2006",

month = jan,

doi = "10.1007/s10817-005-9018-6",

language = "English",

volume = "36",

pages = "5--37",

journal = "Journal of Automated Reasoning",

issn = "0168-7433",

publisher = "Springer Netherlands",

number = "1-2",

}

TY - JOUR

T1 - Verifying the SET purchase protocols

AU - Bella, G.

AU - Massacci, F.

AU - Paulson, L.C.

PY - 2006/1

Y1 - 2006/1

N2 - SET (Secure Electronic Transaction) is a suite of protocols proposed by a consortium of credit card companies and software corporations to secure e-commerce transactions. The Purchase part of the suite is intended to guarantee the integrity and authenticity of the payment transaction while keeping the Cardholder's account details secret from the Merchant and his choice of goods secret from the Bank. This paper details the first verification results for the complete Purchase protocols of SET. Using Isabelle and the inductive method, we show that their primary goal is indeed met. However, a lack of explicitness in the dual signature makes some agreement properties fail: it is impossible to prove that the Cardholder meant to send his credit card details to the very payment gateway that receives them. A major effort in the verification went into digesting the SET documentation to produce a realistic model. The protocol's complexity and size make verification difficult, compared with other protocols. However, our effort has yielded significant insights. © Springer Science+Business Media, Inc. 2006.

AB - SET (Secure Electronic Transaction) is a suite of protocols proposed by a consortium of credit card companies and software corporations to secure e-commerce transactions. The Purchase part of the suite is intended to guarantee the integrity and authenticity of the payment transaction while keeping the Cardholder's account details secret from the Merchant and his choice of goods secret from the Bank. This paper details the first verification results for the complete Purchase protocols of SET. Using Isabelle and the inductive method, we show that their primary goal is indeed met. However, a lack of explicitness in the dual signature makes some agreement properties fail: it is impossible to prove that the Cardholder meant to send his credit card details to the very payment gateway that receives them. A major effort in the verification went into digesting the SET documentation to produce a realistic model. The protocol's complexity and size make verification difficult, compared with other protocols. However, our effort has yielded significant insights. © Springer Science+Business Media, Inc. 2006.

UR - https://www.scopus.com/pages/publications/33750247207

UR - https://www.scopus.com/inward/citedby.url?scp=33750247207&partnerID=8YFLogxK

U2 - 10.1007/s10817-005-9018-6

DO - 10.1007/s10817-005-9018-6

M3 - Article

SN - 0168-7433

VL - 36

SP - 5

EP - 37

JO - Journal of Automated Reasoning

JF - Journal of Automated Reasoning

IS - 1-2

ER -

Verifying the SET purchase protocols

Abstract

Access to Document

Persistent URL (handle)

Other files and links

Fingerprint

Cite this