Protecting Web Usage of Credit Cards Using One-Time Pad Cookie Encryption

13 years 9 months ago

Download www.acsac.org

The blooming e-commerce is demanding better methods to protect online users' privacy, especially the credit card information that is widely used in online shopping. Holding all these data in a central database of the web sites would attract hackers' attacks, impose unnecessary liability on the merchant web sites, and raise the customers' privacy concerns. In this paper we introduce and discuss in details the secure distributed storage of sensitive information using HTTP cookie encryption. We are able to employ One-Time Pads to encrypt the cookies, because encryption and decryption are both done by the server, which is an interesting characteristic overlooked by the existing systems. We implemented this protocol and showed that it is simple, fast and easy to program with.

Donghua Xu, Chenghuai Lu, André L. M. dos S

Real-time Traffic

ACSAC 2002 | HTTP Cookie Encryption | Merchant Web Sites | Security Privacy | Web Sites |

claim paper

Post Info
More Details (n/a)

Added	14 Jul 2010
Updated	14 Jul 2010
Type	Conference
Year	2002
Where	ACSAC
Authors	Donghua Xu, Chenghuai Lu, André L. M. dos Santos

Comments (0)

Sciweavers

Protecting Web Usage of Credit Cards Using One-Time Pad Cookie Encryption

ACSAC 2002 | HTTP Cookie Encryption | Merchant Web Sites | Security Privacy | Web Sites |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers