CLT prevent over-spending problem. At this stage, the

CLT CLM , the bank calculates the client’s remaining credits CLTR, where CLTR = CLT ? CLM . It then maintains the list of CLTR to prevent over-spending problem. At this stage, the bank transfers CLM to the merchant’s account. Then, the bank sends the following messages to the merchant and the client, respectively:

B?M : {c0, Ttt, SN, CLM , h(IDM , SN, CLTR, TTR, Yi)}Zj ,
h(c0, Ttt, CLM , s, Xi), s, t


B?C : h(IDM , SN, CLTR, TTR, Yi), TTR (9.5)

where TTR stands for the timestamp while the bank updates CLTR. Note that TT is updated to TTR after calculating CLTR. t stands for a random number used to generate the set of Zj (referred to section 8.3.3). The mes- sage 9.4 is considered as a Credit response sent from the bank to the merchant. The merchant retrieves c0 and CLM from the encrypted message. The mer- chant also knows that the client has requested to make the payment to her from h(c0, Ttt, CLM , s, Xi), and the client’s request has been authorized by the bank from the message encrypted with Zj shared between the bank and herself. After receiving the message 9.5, later on, the client can use {CLTR, TTR} to make a payment to another merchant. Note that the message 9.5 is considered as a Debit response sent from the bank to the client.
In this protocol, the merchant or the bank cannot impersonate as the client because they communicate to one another with different sets of secret keys and those keys are not revealed during the transaction.

Payment Protocol

After completing the Payment Initialization Protocol, the client can make a payment to the merchant by sending the coins as follows.

C?M : cj where j = 1, …, m (9.6)

Note that the combination of cj and h(IDM , SN, CLTR, TTR, Yi) from the messages 9.4 or 9.5 represents the Payment Ordering request from the client. The merchant verifies the requested amount by comparing cj with c0. After the verification, she delivers goods or services to the client. At the completion of each payment, the amount in the merchant coupon CLM is deducted. The client is allowed to make the payment up to CLM without any payment autho- rization required by the bank. If the remaining credits are insufficient to make another payment, the client can request the bank for extra credits by running Extra Credit Request Protocol which will be presented in the next section.

Extra Credit Request Protocol

Normally, when the client spends the credits up to CLM , she needs to run the Setup Protocol to issue a new bank coupon. In our protocol, we reduce the frequency of performing this process by running Extra Credit Request (ECR) Protocol instead. With the ECR Protocol, the number of message passes in the entire transaction is reduced. Before the next transaction, the client checks whether j ; CLM . If so, the client still can purchase the goods, but she needs to request for extra credits from the bank. The client realizes that, if her request for the extra credits has been approved, her total credits CLTR will be deducted by CLM . To request for the extra credits, the client sends the following message to the merchant:

C?M : cj, CLM , h(IDM , CLM , Ttt, SN, CLTR, TTR, Yi) (9.7)

At this stage, CLM stands for the new credits to spend with the mer- chant whose identity is IDM . The merchant retrieves CLM and forwards the following message to the bank:

M?B : IDM , h(IDM , CLM , Ttt, SN, CLTR, TTR, Yi) (9.8)

The bank retrieves CLTR and CLM , and then calculates a new CLTR, where newCLTR = currentCLTR ? CLM . The bank transfers CLM to the merchant’s account, and sends the response to the merchant as follows:

B?M : h(IDM , SN, CLTR, TTR, Yi), TTR, Y es,
h(Y es, CLM , TTR, Zj) if approved

(or Rejected if client has insufficient credits)


The merchant then checks whether or not the authorized CLM in h(Y ES, CLM , TTR, Zj) is equal to CLM received from the client in the message 9.7. If so, the merchant sends the client the following message:

M?C : h(IDM , SN, CLTR, TTR, Yi), TTR (9.10)

The client expects to receive the updated CLTR, where updatedCLTR = current CLTR ? CLM . She calculates CLTR and compares with the received CLTR. If they are matched, the client can infer the remaining credits in the

updated bank coupon from CLTR. The above message is considered as a noti- fication of the client’s remaining total credits. Note that, to make the payment to a new merchant, the client repeats the Payment Initialization Protocol with the updated bank coupon with the current CLTR without running the Setup Protocol as that in existing protocols RS96, Yen01.

Coupon Cancellation Protocol

In our protocol, the client is able to refund any un-used bank coupon previously purchased from the bank by sending the following message to the bank:

C?B : SN, TCR, h(SN, CLT , TT , TCR, Yi) (9.11)

where TCR is timestamp while requesting for the coupon cancellation. The bank removes the coupon with the serial number SN from its database. Then, the bank transfers the amount CLT to the client’s account and sends the response of the client’s request to the client as follows:

B?C : CancelOK, h(CancelOK, SN, TCR, Yi) (9.12)

After receiving the message, the client is notified that the coupon with the serial number SN is no longer valid in the system. To make a payment to a merchant, the client needs to purchase a new bank coupon from the bank.

Coin Return Protocol

In some situation, the client may want to end the transaction with the mer- c


I'm Mary!

Would you like to get a custom essay? How about receiving a customized one?

Check it out