e-coupons: An Efficient, Secure and Delegable Micro-Payment System

In this paper, we propose a new efficient and secure micro-payment scheme, named e-coupons, which can provide the users the facility of delegating their spending capability to other users or their own devices like Laptop, PDA, Mobile Phone, and such service access points. The scheme has the promise of becoming an enabler for various Internet-based services involving unit-wise payment. It gives flexibility to the users to manage their spending capability across various access points for a particular service without obtaining an authorization for each and every access point from a facilitating bank. This flexibility which is not present in the existing micro-payment schemes is essential for accessing ubiquitous e-services and other Internet-based applications. The facility of delegation introduces a slight overhead in respect of the proof or verification of the delegated authorization and security provided to the payments. The payoff from the facility of delegation takes away the burden of the overhead. The paper discusses the design of the protocol and provides a basic analysis of the performance of the system. e-coupons is based on PayWord, a single-seed one-way hash chain for unit-wise payment, TESLA for payment security and SPKI/SDSI as underlying PKI framework for its unique delegation feature. The results obtained from the implementation of e-coupons are quite acceptable and show near real-time response. Our scheme uses multi-seed one-way hash chains for unit-wise payment. Furthermore, it allows an ordered transfer of the portions of payment chains to others. Because of this user's spending capability can be used from different service access points to access the subscribed service, concurrently. This work is supported by grants from Ministry of Information and Technology, Government of India. Vishwas Patil is a PhD student at Dipartimento di Informatica, Università degli Studi di Roma “La Sapienza”, with a fellowship from the Italian MIUR under FIRB program. He was associated with School of Technology and Computer Science at TIFR-Tata Institute of Fundamental Research, Mumbai (India), as a Scientific Officer from 2000–2004. He received his Bachlor of Engineering in Computer Science from NIT-National Institute of Technology, Surat (India), in year 2000. His current research interests include access control and enforcement, trust management, facilitating incomplete contracts, e-commerce technologies, PKIs, information and system security, privacy. RK Shyamasundar is Professor and Dean, Faculty of Technology and Computer Science at Tata Institute of Fundamental Research, Mumbai, India. He has been on the faculty/staff of IBM TJ Watson Research Center, Pennsylvania state University, Utrecht University, Eindhoven University of Technology, University of Illinois at Urbana Champaigne, Max-Planck Institute of Informatiks etc. He is Fellow of IEEE, Fellow of Indian Academy of Sciences, Fellow Indian National Science Academy, Fellow Indian National Academy of Engineering. He received his PhD in Computer Science from IISc Bangalore and his research interests include modeling and verification of safety-critical reactive and real-time systems, synchronous languages, compiler verification, deductive techniques, logics of programs, formal methods for industrial applications, computer and network security, e-commerce, grid computing, wireless technologies etc.