南京财经大学电子商务双语版Chapter5electronicpaym.pptVIP

Chapter 5 electronic payment systems 5.1 Security In Electronic Payment systems 5.2 Electronic Payment methods 5.3 Case of E-banking 5.1Security In Electronic Payment systems 5.1.1Requirement of Secure payment ? Authenticity: the sender (either client or server) of a message is who he, she or it claims to be. ? Privacy: the contents of a message are secret and only known to the sender and receiver. ? Integrity: the contents of a message are not modified (intentionally or accidentally) during transmission. ? Non-repudiation: the sender of a message cannot deny that he, she or it actually sent the message. 5.1.2Public Key Infrastructure PKI has become the cornerstone for secure e-payments. At the heart of PKI is encryption. Encryption : The process of scrambling (encrypting) a message in such a way that it is difficult , expensive , or time-consuming for an unauthorized person to unscramble (decrypt ) it. Encryption has four basic parts ? Plaintext ? Ciphertext ? Encryption algorithm ? key The two major classes of encryption : ? Symmetric systems( with one secret key), ? Asymmetric systems (with two keys) 密码学是关于应用加密算法对信息进行加密的科 学。 加密算法就是用基于数学计算方法与一串数 字（密钥）对普通的文本（信息）进行编码，产 生不可理解的密文的一系列步骤。 发送方将消息在发送到公共网络或互联网之 前进行加密，接收方收到消息后对其解码或称为 解密，所用的程序称为解密程序，这是加密的逆 过 程。 密码学原理 字母 A B C … Z 空格 ， . / : ? 明文 01 02 03 … 26 27 28 29 30 31 32 密文 18 19 20 … 43 44 45 46 47 48 49 加密与解密示例 例如 ： 把英文 26 个字母表的顺序编号作为明文，将密钥定 为 17 ，将明文的编号加上 17 ，就可以得到一个密码表： 一个简单的密码表 1.Symmetric (private) key syste DES: standard symmetric encryption algorithm Plaintext message Cipher text Plaintext message Encryption private key Decryption private key sender receiver 2.Asymmetric (public) key system RSA: the most common public key encryption algorithm Plaintext message Cipher text Plaintext message Encryp