Efficient commerce protocols based on one-time pads

Michael A. Schneider, Edward W. Felten

Research output: Chapter in Book/Report/Conference proceedingChapter

2 Scopus citations


Presents a new commerce protocol that allows customers and merchants to conduct face-to-face credit-card authorizations with a credit card company securely, with the option of anonymity for the customer, the merchant, or both. Our protocol guarantees that both parties agree to and know the outcome of each transaction. Our protocol has three advantages over others. First, we need only two message authentication code (MAC) operations per party per transaction, fewer than most popular protocols. Second, our own MAC function, OTPMAC (One-Time Pad MAC), does not rely on the existence of one-way functions or on any other unproven hypothesis. Third, our protocol generates a new one-time identifier per party per transaction, preventing the linkage of multiple transactions to a single party. Additionally, the protocol can operate in modes using alternatives to the one-time pad, including cryptographic pseudo-random number generators and conventional cryptographic MAC functions.

Original languageEnglish (US)
Title of host publicationProceedings - Annual Computer Security Applications Conference, ACSAC
Number of pages10
ISBN (Electronic)0769508596
StatePublished - 2000

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Software
  • Safety, Risk, Reliability and Quality


  • Atherosclerosis
  • Authorization
  • Business
  • Credit cards
  • Cryptographic protocols
  • Cryptography
  • Media Access Protocol
  • Message authentication
  • Random number generation
  • Security


Dive into the research topics of 'Efficient commerce protocols based on one-time pads'. Together they form a unique fingerprint.

Cite this