Solutions to Security Problems of Rivest and Shamir's PayWord Scheme

Search this article


The Pay Word Scheme, invented by Rivest and Shamir, is an efficient micropayment scheme utilizing a hash function. We point out that the scheme has the following problem : a malicious customer can damage the bank by purchasing in excess of the customer's credit which the bank has guaranteed by issuing a certificate. Generally, there are two positions of the bank with regard to the certificate. Position 1 : the bank takes full responsibility for the certificate and compensates all payments created by the customer's purchases ; and Position 2 : the bank does not redeem payments exceeding a limit set for the customer and shares the loss with the shop if trouble occurs. In the Pay Word Scheme, the bank can reduce its risk by adopting Position 2 rather than Position 1. However, this paper points out that the bank can damage the shop in Position 2 by impersonating an imaginary customer and making the shop share the loss with the bank. We propose a micropayment scheme (countermeasure) that overcomes these problems.


  • IEICE Transactions, A

    IEICE Transactions, A 88 (1), 195-202, 2005-01-01

    The Institute of Electronics, Information and Communication Engineers

Citations (3)*help

See more


See more

Details 詳細情報について

  • CRID
  • NII Article ID
  • NII Book ID
  • ISSN
  • Text Lang
  • Data Source
    • CiNii Articles

Report a problem

Back to top