Department of Computer Science and Technology

Technical reports

Verifying the SET purchase protocols

Giampaolo Bella, Fabio Massacci, Lawrence C. Paulson

November 2001, 14 pages

DOI: 10.48456/tr-524


The Secure Electronic Transaction (SET) protocol has been proposed by a consortium of credit card companies and software corporations to guarantee the authenticity of e-commerce transactions and the confidentiality of data. When the customer makes a purchase, the SET dual signature keeps his account details secret from the merchant and his choice of goods secret from the bank. This paper reports verification results for the purchase step of SET, using the inductive method. The credit card details do remain confidential. The customer, merchant and bank can confirm most details of a transaction even when some of those details are kept from them. The usage of dual signatures requires repetition in protocol messages, making proofs more difficult but still feasible. The formal analysis has revealed a significant defect. The dual signature lacks explicitness, giving rise to potential vulnerabilities.

Full text

PDF (0.2 MB)

BibTeX record

  author =	 {Bella, Giampaolo and Massacci, Fabio and Paulson, Lawrence
  title = 	 {{Verifying the SET purchase protocols}},
  year = 	 2001,
  month = 	 nov,
  url = 	 {},
  institution =  {University of Cambridge, Computer Laboratory},
  doi = 	 {10.48456/tr-524},
  number = 	 {UCAM-CL-TR-524}