【作者】 高保胜；

【导师】 彭代渊；

【作者基本信息】 西南交通大学 ， 密码学， 2012， 硕士

【摘要】 随着移动网络基础设施和移动终端设备的快速发展,移动支付正呈现飞速发展的趋势,许多国家都已经开始大力推动移动支付的发展和部署。由于支付环境的复杂和支付终端设备的性能受限,移动支付安全协议的设计和实现就面对更多的困难和挑战。如何设计一个便于统一支付平台的、安全高效的移动支付安全协议具有十分重要意义。考虑到公钥密码体制计算量大、资源耗费高的缺点,加上移动终端设备在电池续航、处理能力等方面相对不足,传统的公钥密码体制并不适合移动支付安全协议的设计。本文的重点工作就是研究如何基于对称密码体制实现安全高效的、易于推广实施的移动支付安全协议。3G移动网络已经大范围部署并投入使用,并且具有较好的安全机制,本文利用3G网络基础设施的安全组件,并通过增加Hash链认证的方式实现了一个安全高效的、易于推广实施的移动支付安全协议。本文的主要工作如下：1)对Hash链认证的出错问题进行了分析,并给出了一种出错控制的方案。由于Hash链认证时验证严格依赖Hash链中结点的前后顺序,当其中一次验证出错时,会导致错误的持续传递,从而导致整个Hash链失效。本文给出了一种能够避免这种错误传递的方案,从而使Hash链认证能够更好的在移动支付环境中应用。2)利用SVO逻辑分析了W.D. Chen等人的移动支付方案存在的安全缺陷,并提出了相应的改进方案。改进的方案既保留了Chen等人方案的简单、高效且容易部署到现有的移动网络基础设施上的优点,同时在安全性上得到了较大的提高。3)根据改进的移动支付安全协议,设计了一个移动支付系统。通过对该移动支付系统的仿真,分析了该系统实际使用时的性能。在仿真系统中,开发了该系统的基于Android手机操作系统的手机支付终端应用程序,经过实际的操作体验,证明系统确实具有较好的易用性和用户体验。更多还原

【Abstract】 Mobile payment developed rapidly along with the development of mobile network infrastructure and terminal devices. Many countries had already begun to vigorously promote the development and deployment of mobile payment. Due to the complexity of mobile payment environment and limited performance of terminal equipment, mobile payment faced more difficulties and challenges in security protocol design and realization. It was very important to design a unified payment platform, and a safe and efficient security protocol. Considering the complex calculation of public-key cryptosystem and high resource consuming, coupled with the disadvantage of terminal devices in terms of battery life and processing capacity, traditional public key cryptography was not suitable for designing mobile payment security protocol. This paper focused on how to get a mobile payment security protocol, which was safe and efficient and easy to be implemented, based on symmetric cryptography.3G mobile networks, which are of good security mechanism, had been widely deployed. Using security component of3G network infrastructure and increasing hash chain authentication, a safe, efficient, and easy to be implemented mobile payment security protocols was accomplished. The main work of this paper is as follows:1) This paper analyzed the error of Hash chain authentication and gave a control scheme. Validation of Hash chain authentication was strictly dependent on the Hash chain node sequence, when one of validation got wrong, would continue to transmit errors, resulting in the entire hash chain failure. This paper gave a way to avoid this error propagation, which can make hash chain more useful in the mobile payment environment.2) The mobile payment program proposed by MR. Chen et al. had been analyzed, using SVO, about the security flaw. This paper also gives a corresponding improved scheme. The improved scheme not only retained the advantages of the Chen’s scheme, such as simple, efficient and easy to deploy to the existing mobile network infrastructure, at the same time the security was improved.3) According to the improved mobile payment secure protocol, a mobile payment system is designed. Based on the simulation of the system, the performance of the actual system is analyzed. In the simulation system, a mobile phone terminal application program based on Android system is developed. Through the actual operation experience, it has proved that the system has good usability and user experience.更多还原