Elliptic curve based authenticated encryption scheme and its application for electronic payment system

Abstract

The use of e-payment system for e-commerce is making our day to day life more easy and convenient. In existing e-payment schemes, there are a number of security and efficiency issues to be addressed. To address such issues Yang et al. (2013) proposed an authenticated encryption scheme and an e-payment system based on this encryption scheme. Their scheme excluded the need of digital signature for authentication. They claimed that the computation costs can be greatly reduced. But recently Chaudhry et al. (2015) exposed the weaknesses of Yang et al.'s (2013) scheme. To overcome the weaknesses of Yang et al.'s (2013) scheme, they proposed improved authenticated encryption and e-payment schemes. However, our analysis shows that there are few security issues in their scheme. Direct use of private key in product with standard key size gives an opportunity to adversary. Based on these observations we propose an improved scheme for authenticated encryption. We also propose e-payment system using our encryption scheme. We give the security proof and performance analysis of our scheme.