Model Checking a Client-Side Micro Payment Protocol

Kaylash Chaudhary; Ansgar  Fehnker

doi:10.1109/APWC-on-CSE.2016.026

Model Checking a Client-Side Micro Payment Protocol

Kaylash Chaudhary, Ansgar Fehnker

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

Abstract

Virtual payment systems overcome the drawbacks such as processing and operational cost of the traditional payment system. The main aim of the virtual payment system is to provide efficient services in terms of cost. Online payment using credit card is one of the most expensive of all payment means. This gives advantage to micropayment systems where only small amounts are used for e-commerce. Payment which are small will be costly if paid through credit card. Therefore, there are several micropayment systems that exist and some have been proposed. One of the proposed micropayment system that this paper will talk about is Netpay. We will do model checking to check the correctness of this payment system and to see whether the protocol designers property claim is valid. Correctness is important in payment systems because money is involved in it, therefore the protocol needs to be validated. This paper examines the client-side version of the Netpay protocol and provides its formalization as a CSP model. The PAT model checker is used to prove three properties essential for correctness: impossibility of double spending, validity of an ecoin during the execution and the absence of deadlock. We prove that the protocol is executing according to its description based on the assumption that the customers and vendors are cooperative. This is a very strong assumption for system built to prevent abuse, but further analysis suggests that without it the protocol does no longer guarantee all correctness properties. We compare the two variation of the protocol with each other and with the properties claimed by the protocol designers.

Original language	English
Title of host publication	3rd Asia-Pacific World Congress on Computer Science and Engineering (APWC on CSE 2016)
Publisher	IEEE
Pages	90-97
Number of pages	8
ISBN (Electronic)	978-1-5090-5753-5
ISBN (Print)	978-1-5090-5754-2
DOIs	https://doi.org/10.1109/APWC-on-CSE.2016.026
Publication status	Published - 1 Dec 2016
Event	3rd Asia-Pacific World Congress on Computer Science and Engineering, APWC on CSE 2016 - Nadi, Fiji Duration: 5 Dec 2016 → 6 Dec 2016 Conference number: 3

Conference

Conference	3rd Asia-Pacific World Congress on Computer Science and Engineering, APWC on CSE 2016
Abbreviated title	APWC on CSE
Country/Territory	Fiji
City	Nadi
Period	5/12/16 → 6/12/16

Keywords

electronic money
formal verification
CSP model
Netpay protocol
PAT model checker
client-side micro payment protocol
correctness checking
credit card
e-commerce
micropayment systems
model checking
online payment
virtual payment systems
Credit cards
Indexes
Model checking
Protocols
Reactive power
Tools
Micropayment
Model
Verification

Access to Document

10.1109/APWC-on-CSE.2016.026

Cite this

@inproceedings{840bfbf36b3940eba3b9b4521e0b08ea,

title = "Model Checking a Client-Side Micro Payment Protocol",

abstract = "Virtual payment systems overcome the drawbacks such as processing and operational cost of the traditional payment system. The main aim of the virtual payment system is to provide efficient services in terms of cost. Online payment using credit card is one of the most expensive of all payment means. This gives advantage to micropayment systems where only small amounts are used for e-commerce. Payment which are small will be costly if paid through credit card. Therefore, there are several micropayment systems that exist and some have been proposed. One of the proposed micropayment system that this paper will talk about is Netpay. We will do model checking to check the correctness of this payment system and to see whether the protocol designers property claim is valid. Correctness is important in payment systems because money is involved in it, therefore the protocol needs to be validated. This paper examines the client-side version of the Netpay protocol and provides its formalization as a CSP model. The PAT model checker is used to prove three properties essential for correctness: impossibility of double spending, validity of an ecoin during the execution and the absence of deadlock. We prove that the protocol is executing according to its description based on the assumption that the customers and vendors are cooperative. This is a very strong assumption for system built to prevent abuse, but further analysis suggests that without it the protocol does no longer guarantee all correctness properties. We compare the two variation of the protocol with each other and with the properties claimed by the protocol designers.",

keywords = "electronic money, formal verification, CSP model, Netpay protocol, PAT model checker, client-side micro payment protocol, correctness checking, credit card, e-commerce, micropayment systems, model checking, online payment, virtual payment systems, Credit cards, Indexes, Model checking, Protocols, Reactive power, Tools, Micropayment, Model, Verification",

author = "Kaylash Chaudhary and Ansgar Fehnker",

year = "2016",

month = dec,

day = "1",

doi = "10.1109/APWC-on-CSE.2016.026",

language = "English",

isbn = "978-1-5090-5754-2",

pages = "90--97",

booktitle = "3rd Asia-Pacific World Congress on Computer Science and Engineering (APWC on CSE 2016)",

publisher = "IEEE",

note = "3rd Asia-Pacific World Congress on Computer Science and Engineering, APWC on CSE 2016, APWC on CSE ; Conference date: 05-12-2016 Through 06-12-2016",

}

TY - GEN

T1 - Model Checking a Client-Side Micro Payment Protocol

AU - Chaudhary, Kaylash

AU - Fehnker, Ansgar

N1 - Conference code: 3

PY - 2016/12/1

Y1 - 2016/12/1

N2 - Virtual payment systems overcome the drawbacks such as processing and operational cost of the traditional payment system. The main aim of the virtual payment system is to provide efficient services in terms of cost. Online payment using credit card is one of the most expensive of all payment means. This gives advantage to micropayment systems where only small amounts are used for e-commerce. Payment which are small will be costly if paid through credit card. Therefore, there are several micropayment systems that exist and some have been proposed. One of the proposed micropayment system that this paper will talk about is Netpay. We will do model checking to check the correctness of this payment system and to see whether the protocol designers property claim is valid. Correctness is important in payment systems because money is involved in it, therefore the protocol needs to be validated. This paper examines the client-side version of the Netpay protocol and provides its formalization as a CSP model. The PAT model checker is used to prove three properties essential for correctness: impossibility of double spending, validity of an ecoin during the execution and the absence of deadlock. We prove that the protocol is executing according to its description based on the assumption that the customers and vendors are cooperative. This is a very strong assumption for system built to prevent abuse, but further analysis suggests that without it the protocol does no longer guarantee all correctness properties. We compare the two variation of the protocol with each other and with the properties claimed by the protocol designers.

AB - Virtual payment systems overcome the drawbacks such as processing and operational cost of the traditional payment system. The main aim of the virtual payment system is to provide efficient services in terms of cost. Online payment using credit card is one of the most expensive of all payment means. This gives advantage to micropayment systems where only small amounts are used for e-commerce. Payment which are small will be costly if paid through credit card. Therefore, there are several micropayment systems that exist and some have been proposed. One of the proposed micropayment system that this paper will talk about is Netpay. We will do model checking to check the correctness of this payment system and to see whether the protocol designers property claim is valid. Correctness is important in payment systems because money is involved in it, therefore the protocol needs to be validated. This paper examines the client-side version of the Netpay protocol and provides its formalization as a CSP model. The PAT model checker is used to prove three properties essential for correctness: impossibility of double spending, validity of an ecoin during the execution and the absence of deadlock. We prove that the protocol is executing according to its description based on the assumption that the customers and vendors are cooperative. This is a very strong assumption for system built to prevent abuse, but further analysis suggests that without it the protocol does no longer guarantee all correctness properties. We compare the two variation of the protocol with each other and with the properties claimed by the protocol designers.

KW - electronic money

KW - formal verification

KW - CSP model

KW - Netpay protocol

KW - PAT model checker

KW - client-side micro payment protocol

KW - correctness checking

KW - credit card

KW - e-commerce

KW - micropayment systems

KW - model checking

KW - online payment

KW - virtual payment systems

KW - Credit cards

KW - Indexes

KW - Model checking

KW - Protocols

KW - Reactive power

KW - Tools

KW - Micropayment

KW - Model

KW - Verification

U2 - 10.1109/APWC-on-CSE.2016.026

DO - 10.1109/APWC-on-CSE.2016.026

M3 - Conference contribution

SN - 978-1-5090-5754-2

SP - 90

EP - 97

BT - 3rd Asia-Pacific World Congress on Computer Science and Engineering (APWC on CSE 2016)

PB - IEEE

T2 - 3rd Asia-Pacific World Congress on Computer Science and Engineering, APWC on CSE 2016

Y2 - 5 December 2016 through 6 December 2016

ER -

Model Checking a Client-Side Micro Payment Protocol

Abstract

Conference

Keywords

Access to Document

Fingerprint

Cite this