Removal of Certificates from Set Protocol Using Certificateless Public Key Cryptography

摘要

Secure Electronic Transaction (SET) is a standard e-commerceprotocolfor securingcredit cardtransactions over insecure networks. In a transaction using SET, all the members need public keycertificates in order to authenticate their public key. Certificates are created by certificate authorities(CAs), The process of getting certificates from a certificate authority(CA) for any SET participantsinvolves a large number of procedures like sending request to issue a certificates, getting approval orrejection of request and finally obtain the certificates, which is essentially time consuming as becausethese are associated with certificate management, including renew, revocation ,storage and distributionand the computational cost of certificate verification, also the chain of verification can be quite long,depending on thecertificate hierarchy. So, the issues associated with certificate management are quitecomplex and costly.The present paper attempts the removal of the certificates using the 'certificatelesspublic key cryptography (CL-PKC)' . The basic idea of CL-PKC is to generate a public/private key pairfor a user by using a master key of a Key Generation Center (KGC) with a random secret value selectedby the user. Hence, CL-PKC eliminates the use of certificates in traditional PKC and solves the keyescrow problem in ID-PKC.The comparison with existing SET implementation is also addressed in thepaper that shows the effectiveness of the proposal