M. S. Manasse, The Millicent protocols for electronic commerce, in: Proceedings of the First USENIX Workshop on Electronic Commerce, USENIX, 1995. 39  Home/Search   Document Not in Database   Summary   Related Articles   Check

....all of our requirements, but several warrant further research. Digital cash systems [5, 13] provide secure, anonymous, offline payments, but require significant computational overhead. Probabilistic methods [18, 22] amortize communication with a central bank across many transactions. Millicent [19] used symmetric key cryptography to optimize the transaction phase, which required relaxing security goals. 5. Conclusion We have argued for the Replica Management Economy as a robust, flexible solution for large scale replica management. RMEs allow machines a level of autonomy that should be ....

M. Manasse. The millicent protocols for electronic commerce. In USENIX Workshop of Electronic Commerce, 1995.

....protocols, called digital cash protocols, are tailored to small purchases in microcommerce applications. Thus, they are useful in facilitating the selling of content, such as web pages, over the Internet. Examples of digital cash protocols are PayWord and MicroMint [12] Compaq s Millicent [2][9] and IBM s Micropayments [5] These protocols need to be regarded as secure before they can win the approval of customers and vendors alike. In spite of this, none of these protocols have been formally specified and verified. In this paper, we address this issue by formally specifying Compaq s ....

....the above definitions, every protocol satisfies the closure condition. Thus, to prove that a protocol is secure, it is sufficient to show that the protocol satisfies both the convergence and protection conditions. See sections 5, 7, and 9 below. 4 4 Specification of Millicent In Millicent [2][9], there are two types of parties, customers and vendors. Each customer has a scrip from each vendor and can use this scrip over a period of time to purchase content from that vendor. Thus, each scrip is both customer specific and vendor specific, and has the following fields: identity of the ....

M.S. Manasse, "The MilliCent Protocols for Electronic Commerce", First USENIX workshop on Electronic Commerce, July 1995.

....of several micro payment systems below, identifying their key strengths and weaknesses. 4.1. Millicent Millicent, a micropayment system implemented by Digital Equipment Corp, now owned by Compaq, went live in June 1999 in Japan, with wallets starting at 1000 yen and payments as small 5 yen [11]. Millicent does not fall into either the online or the offline category, but rather is a distributed allocation of funds to vendors, who locally authorize payments. Millicent introduces a new kind of currency scrip, which is digital money that is issued by a single vendor. Scrip has a value, ....

Manasse, M. "The Millicent Protocols for Electronic Commerce". First USENIX Workshop on Electronic Commerce, New York, 1995.

....procotols, such as PayWord [RS] PayTree [JY96] micro iKP [HSW96] and others [Tan95] While the double spending possibility is an inherent property of all such systems, none of the above protocols employ any kind of risk management scheme to address it. NetCents [PHS98] and Millicent [Man95] are scrip based off line friendly micropayment protocols. As the monetary unit used in these protocols is vendor specific, double spending is made very difficult (if not impossible) The assumption behind both protocols is that people tend to re use the same merchants repeatedly. If this ....

M. S. Manasse. The Millicent protocols for electronic commerce. In Proceedings of the First USENIX Workshop on Electronic Commerce. USENIX, July 1995. 14

....general require a tradeoff between transaction security and transaction cost. NetCents effectively bridges that gap and satisfies the requirements of a universal payment mechanism. The work builds on the NetBill [CTS95] DigiCash [Ch95] and Agora [GaSi96] protocols and in particular the Millicent [Man95] protocol. The key innovation of NetCents is its use of floating scrips. A NetCents floating scrip is a signed container of electronic currency passed from one vendor to another, such that it is active at only one vendor at a time. A scrip has a monetary value or balance associated with it, as ....

....defined credit limit. As such, Mini Pay is vulnerable to double spending up to the credit limit at multiple vendors. Other offline protocols include PayWord and MicroMint [RiSh96] Micro Payment Transfer Protocol (MPTP) HalB95] and micro iKP [HSW96] 2. 5 Millicent Digital Equipment s Millicent [DEC95, Man95] does not fall into either the online or the offline category, but rather is a distributed allocation of funds to merchants, who locally authorize payments. Grossly simplified, Millicent is an automated account based system. It introduces a scrip, which is a digital money that is honored by a ....

M. S. Manasse, "The Millicent protocol for electronic commerce," The First USENIX Workshop on Electronic Commerce, New York, NY, 1995.

....money. Section 5 describes a protocol for auction over electronic networks. Section 6 extends these protocols to handle real time transactions. We conclude in section 7 with a brief comparison of our protocols to other existing protocols. 2 Previous Work A number of systems [Cyb, Dig, SSBR94, Man95, BGH 95, Hic95, B 94] have been developed that implement some of the important features listed in Section 1. A representative 3 set of such systems is described below. Ecash: Ecash, a system designed by DigiCash [Dig] emphasizes on privacy and anonymity [Cha92] of the customer. The ....

....the NetBill server. It also requires the customer to have an account with some funds at the NetBill server. In addition, it does not ensure anonymity, since at least the NetBill server will be aware of all transactions made by the customer. DEC s Millicent: Millicent, a protocol designed at DEC [Man95] emphasizes on low overhead cost. The protocol works as follows: a piece of scrip represents an account the customer has established with a vendor. At any given time, a vendor has outstanding scrip (open accounts) with the recently active customers. The balance of the account is kept as the ....

M. Manasse. The Millicent Protocols for Electronic Commerce. In Proceedings of the First USENIX Workshop on Electronic Commerce, 1995.

....1, the standard credit card rates would dominate the cost of the item. Thus, a number of parties have proposed support for microtransactions or transactions less than 1. By no means is 1 the minimum transaction value of interest; Mark Manasses electronic commerce system is named Millicent [14]. Both NetBill and cryptographic postage indicia are motivated by the idea of supporting microtransactions. Some of the design decisions made for those systems can only be understood by the microtransaction requirement. However, a detailed discussion of microtransactions is beyond the scope of ....

....many small transactions charged using specially optimized protocols; then charge the aggregated total as a large value transaction. This idea is a beautiful application of protocol nesting. For a discussion of microtransactions in NetBill, see [23] for a completely different approach, see [14]. 3. Non atomic Electronic Commerce Protocols 3.1. Digicash Digicash uses an anonymous digital cash protocol. As discussed in Section 2.2, digital cash protocols are not money atomic; indeed, in the event of communication failure, they can fail to be anonymous as well. Finally, digital cash ....

M. Manasse. The Millicent Protocols for Electronic Commerce. In Proceedings of the First USENIX Workshop on Electronic Commerce, pages 117123, July 1995.

....this does not happen. The main difference between the two examples lies in the fact that in the second example, it is not essential for the investor to receive the trade confirmation immediately, only for the sale to take place. While many protocols exist for electronic commerce [Cyb, Dig, SSBR94, Man95, BGH 95, Hic95, B 94] none addresses the issue of real time transactions. In this paper, we model the general problem of detecting real time transaction executions and identify one special case where the real time phase of a transaction can complete without delivering a product to the ....

M. Manasse. The Millicent Protocols for Electronic Commerce. In Proceedings of the First USENIX Workshop on Electronic Commerce, 1995.

....an initial authentication that establishes soft state that is then used by a lighter weight per capsule signature algorithm. We are particularly interested in recent work on inexpensive techniques that provide less security for individual messages, but still defend against large scale attacks [21]. Delegation The preceding section assumed that the validation mechanism has access to information concerning authorizations, e.g. policy initiated decisions as to the resources that can be made accessible to specific users or applications. We require a mechanism that supports the automated ....

Manasse, M.S. The Millicent Protocols for Electronic Commerce. in 1st USENIX Workshop on Electronic Commerce . 1995. New York, NY.

....disputes. In Section 7 we discuss several limitations of the Agora protocol. Section 8 discusses scalability issues. The paper concludes with a description of the implementation. The Appendix describes the embedding of the Agora protocol in HTTP Messages. 2 Related Work Millicent [4] is a distributed, low overhead, digital cash protocol. Its properties are similar to Agora. Millicent introduces scrip, which is a digital money that is honored by a single vendor. Millicent is designed to support a high volume of inexpensive transactions. Millicent s overhead is similar to ....

....to lost or misplaced account identifiers. 8.1 Cost of Digital Signatures Agora uses digital signatures for authentication of all messages. Digital signatures consume more CPU time than simpler schemes, such as one way hash functions, which are used in other micropayment protocols, like Millicent [4]. CPU consumption at the customer s machine is not a problem, since this machine is often underutilized. As table 1 indicates, a stock PC with a 100MHz Pentium processor can process 3 transactions per second with a public key of 512 bits. Faster PCs can process transactions at a much higher rate. ....

Mark S. Manasse. The Millicent Protocols for Electronic Commerce. In First USENIX Workshop on Electronic Commerce, New York, New York, July 11--12 1995.

....perform an initial authentication that establishes soft state that is then used by a lighter weight per capsule signature algorithm. We are particularly interested in recent work on inexpensive techniques that provide less security for individual messages, but defend against large scale attacks [26]. Delegation The preceding section assumed that the validation mechanism has access to information concerning authorizations, e.g. policy initiated decisions as to the resources that can be made accessible to specific users or applications. We require a mechanism that supports the automated ....

Manasse, M.S. The Millicent Protocols for Electronic Commerce. in 1st USENIX Workshop on Electronic Commerce. 1995. New York, NY.

....disputes. In Section 7 we discuss several limitations of the Agora protocol. Section 8 discusses scalability issues. The paper concludes with a description of the implementation. The Appendix describes the embedding of the Agora protocol in HTTP Messages. 2 Related Work Millicent [4] is a distributed, low overhead, digital cash protocol. Its properties are similar to Agora. Millicent introduces a scrip, which is a digital money that is honored by a single vendor. Millicent is designed to support high volume of low priced transactions. Millicent s overhead is similar to Agora ....

Mark S. Manasse. The Millicent Protocols for Electronic Commerce. In First USENIX Workshop on Electronic Commerce, New York, New York, July 11--12 1995.

....mix 18 While we have held k f and k v constant in our analysis, it is reasonable to expect a decline in these coefficients as well. The Millicent protocol, for example, proposes a lightweight micropayment mechanism with cryptographic operations that cost one tenth to onehundredth of a cent (Manasse, 1995). Yet one should not expect k f and k v to fall at a similar rate as k d . This is because transaction costs are not solely dictated by progress in hardware technology or the state of the art in cryptography. Other sources of payment system costs such as customer service, fraud protection, ....

Manasse, M.S., 1995, The Millicent protocols for electronic commerce, in: Proceedings of the First USENIX Workshop on Electronic Commerce.

....to use advanced cryptographic algorithms. Quite a number of cryptographic protocols for securing on line bankcard payment transactions on the Internet have been proposed. Published proposals include CyberCash [1] NetBill [10] NetCheque [8] NetChex [4] Open Market [5] iKP [6] Millicent [7], STT [3] and SEPP [2] Each of these proposals has its own virtues and all contribute to a better understanding of the area of study. Among these proposals, STT and SEPP are two specifications published by two of today s largest operators of bankcard payment instruments: VISA and MasterCard, ....

M.S. Manasse. The millicent protocols for electronic commerce. http://www.research.digitalcom/SRC/ people/MarkManasse/bio.html.

....to use advanced cryptographic algorithms. Quite a number of cryptographic protocols for securing on line bankcard payment transactions on the Internet have been proposed. Published proposals include CyberCash [1] NetBill [10] NetCheque [8] NetChex [4] Open Market [5] iKP [6] Millicent [7], STT [3] and SEPP [2] Each of these proposals has its own virtues and all contribute to a better understanding of the area of study. Among these proposals, STT and SEPP are two specifications published by two of today s largest operators of bankcard payment instruments: VISA and MasterCard, ....

M.S. Manasse. The millicent protocols for electronic commerce. http://www.research.digitalcom/SRC/people/MarkManasse/bio.html.

....and availability constraints. Depending on the value of its services, the client receives certain credits in exchange. A similar approach has been suggested by the Mariposa project [SDK 94] Most likely, currency based trading would form the basis of this model, and a micro currency [Tan95, Man95] could be used, since the cost of a short computation is very small. Alternatively, it may be better to consider a economic model based on barter. Depending on what the broker has to offer, services may be exchanged for free CPU time, free backups, cheap access to the Internet, access to software ....

M. S. Manasse. The Millicent Protocols for Electronic Commerce. In First USENIX Workshop on Electronic Commerce, New York, NY, July 1995.

....It is probably safe to assume that the average transaction would take the merchant about half a second. At this rate, each transaction would cost the merchant five cents in computing time. For transactions below 25 cents, DigiCash s system would be very expensive. 2.1. 5 Millicent Millicent [6] is a scheme for making tiny (less than one cent) purchases that seeks to evade the traditional difficulties with digital cash through decentralization. Instead of issuing money through banks, cash, now called scrip, is issued by each merchant. Customers buy various merchants scrip from a broker, ....

....output or to find two inputs that share the same output. Our system uses the Secure Hash Algorithm (SHA) because we believe it to be more secure than other well known algorithms, e.g. MD5. With a hash function, it is easy to construct an almost unforgeable signature for a document (as shown in [6]) Call the document to be signed D. The signature of D is the one way hash of the concatenation of D and a long sequence of random bits (call this B) known only by the person who signed the document. Observe that if the hash function is good, then the easiest way to duplicate the signature ....

Mark S. Manasse. The Millicent protocols for electronic commerce. Found at http://www.research.digital.com/SRC/millicent/.

....purchase of goods and services over networks has neither appealed to most customers nor to companies, since there is still a need for appropriate, i.e. efficient and non intrusive security and accounting mechanisms. Several proposals and prototypes addressing these issues have emerged recently [4, 9, 12, 13]. However, most of them are restricted to special usage environments and show a considerable overhead per transaction. Therefore, they seem to be inappropriate for small payments in the order of a fraction of cents which will form a considerable portion of future commercial network transactions. ....

....bank, should also be sufficient as a further configurable option within BSA. 5. Related work Since the demand for commercial transactions through electronic media became obvious, a plethora of payment schemes, protocols, cryptographic algorithms and even specialized hardware have been proposed [1, 8, 10, 12, 13, 14]. Among the first and most recognized was Chaum s ecash [1] an electronic cash system with separate data items (electronic coins) corresponding to different cash values. With the usage of cryptographic blind signatures [3] unconditional anonymity can be guaranteed to the customer: no one but the ....

[Article contains additional citation context not shown here]

Manasse, M. et al.: The Millicent Protocols for Electronic Commerce, Proceedings of the 1st USENIX workshop on electronic commerce, 1995, URL: http://www.usenix.org/ publications/library/proceedings/ec95/manasse.html.

....payment operation (e.g. purchase item #3, or refund 5 ) the wallet controllers on both sides take control to execute the transaction. The first thing they do is determine the common financial instruments they support. For example, the user wallet may contain CyberCash coins [6] Millicent scrips [17] and a Visa credit card. The vendor may only accept credit cards and CyberCash coins. The common instruments are the credit card and CyberCash coins, in which case, the user is asked to choose which instrument to use. Once the financial instrument is chosen, the user and vendor wallet controllers ....

M. Manasse, "The Millicent protocols for electronic commerce", Proc. of the 1st USENIX workshop on Electronic Commerce.

No context found.

M. S. Manasse, The Millicent protocols for electronic commerce, in: Proceedings of the First USENIX Workshop on Electronic Commerce, USENIX, 1995. 39

No context found.

M. S. Manasse, The Millicent protocols for electronic commerce, in: Proceedings of the First USENIX Workshop on Electronic Commerce, USENIX, 1995. 39

No context found.

M. S. Manasse, "The Millicent protocols for electronic commerce", in Proc.ofthe 1st USENIX Workshop on Electronic Commerce, July 1995.

No context found.

Manasse, M.S.: The Millicent protocols for electronic commerce. In: Proceedings of the First USENIX Workshop on Electronic Commerce, USENIX (1995)

No context found.

Manasse, M.S.: The Millicent protocols for electronic commerce. In: Proceedings of the First USENIX Workshop on Electronic Commerce, USENIX (1995)

No context found.

M. Manasse. The Millicent protocols for electronic commerce. In Proceedings of the 1 st USENIX Workshop on Electronic Commerce. pp.117-23, New York, USA, July 1995.

First 50 documents

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC