STUDY ABOUT THE SECURITY OF E-CHEQUE PAYMENT
BASED ON DIGITAL WATERMARKING AND DIGITAL SIGNATURE
Liang Qinglong1 Zhang Lincong2 Dai Hua2 Xie Jun2 Li Binfa2
1 School of Economic Information Engineering, Southwest University of Finance and Economy
2School of Computer Science, Sichuan University
Abstracts: The security problems of E-cheque payment in E-business are studied in this paper. Based on the analysis
of the developing circumstance and the security gap of it, a security guarantee system combining digital
watermarking and digital signature is proposed. Both of the entity authentication and watermarking content
authentication make it impossible to gain unauthorized access to E-cheque, to edit or forge it. According to the
analysis of this system, the security, creditability and authenticity of the E-cheque could be achieved by it.
Keywords: E-cheque, digital watermarking, digital signature, semi-fragile watermarking
With the fast development of the e-commerce, (1) The seller and buyer decide to use
the turnover of e-commerce is booming . Online E-cheque, and confirm each other’s identity via
payment, which is the key of the e-business, CA;
attracts more and more attention. And E-cheque, (2) The buyer signs digitally on the E-cheque
being one of the most important means of using his/her private key.
online-payment, becomes a hotspot. It is able to (3) The buyer encrypts E-cheque using the
transfer money between bank accounts, just like seller’s public key, so the buyer becomes the
what the traditional cheque does. It could achieve unique authorized receiver of the E-cheque.
all functions of the traditional cheque via Internet (4) The buyer sends the E-cheque to the seller
or wireless equipments. E-cheque is delivered via network.
through the network, so it is very fast and reduces (5) The seller decrypts the E-cheque using
the clients’ loss to the lowest level. Meanwhile the his/her own private key.
bank can provide standardized fund information (6) The seller confirms the buyer’s digital
for the clients who were involved in the signature using the buyer’s public key.
e-commerce. Public Key Infrastructure is used in (7) The seller confirms the E-cheque via the
the current E-cheque; it can achieve basic payment bank system.
privacy, reliability and integrity, and resolves the (8) The seller delivers the goods to the buyer
problem of forgery in a certain degree, which or provides service.
often happens when using traditional cheque. The process is shown in Fig.1
1. E-cheque Payment System Based on
Digital Signature Buyer E_cheque Seller
1.1 Current E-cheque System
Public Key Infrastructure based on digital V eri f y Ver
signature is prevalent in current E-cheque system.
Because of the use of asymmetry cryptosystem, CA
the system includes the seller, the buyer of the fy Veri
E-cheque, the bank system and a third-party CA Veri fy
(Certification Authority). The system user’s Bank of Bank of
Buyer E_cheque seller
identity certification is digital, and every party
should apply for a unique copy. CA is responsible
for the dispatchment and management of digital Fig.1 system for e-cheque paying
certification. Before the transaction for system based on digital signature
users, they should establish a reliable connection 1.2 Process of Digital Signature
via CA using each other’s digital certification. (1) The sender prepares the plain digital
Thus, digital signature and encrypted conversation message to be transferred.
confirm the legal transaction and authentic (2) The sender applies a Hash algorithm to
contents. the plain message and gets the message digest of
Here is the implementation process of the it.
system: (3) The sender encrypts the digest with his
private key, gets the digital signature, and attaches
it to the message. and digital signature, which could satisfy the
(4) The sender generates a DES key randomly, above requirements.
and encrypts the message with this key, thus forms 2. E-cheque Payment System Combined
the cryptograph. With Digital Watermarking and Digital
(5) The sender encrypts the DES key, using Signature
the receiver’s public key, and then sends the 2.1 Security of Digital Certification
encrypted DES key and the cryptograph to the Just as the former system, CA manages
receiver. Users’ certifications. Digital certifications are used
(6) The receiver gets the encrypted DES key to identify online trading participators’ identities;
and the cryptograph, and then decrypts the DES they are the identity cards for individuals or
key with his private key to obtain the DES key. organizations involved in online business.
(7) The receiver decrypts the cryptograph Therefore, a security guarantee mechanism is
using DES key to obtain the plain message, and needed for the dispatchment and management of
then drops the DES key. certifications, and there are many papers related to
(8) The receiver decrypts the sender’s digital the subject.  
signature using the sender’s public key to obtain 2.2 Digital Watermarking
the message digest. The receiver applies the same Digital watermarking is a technique for
Hash algorithm as the sender used to the received embedding information into the insensitive carrier
message to create a new message digest. data (e.g. image) using certain algorithms, without
(9) The receiver compares the message digest affecting the carrier’s content and usage, and
from the sender with this new one, to judge human being cannot detect the information. Only
whether the message has been modified or not.  specialized detecting tools or software could
1.3 Security Analysis of the System apperceive the hidden digital watermark. Thus, it
The payment system based on digital could avoid hostile attacks. At present, most of the
signature basically satisfies the following watermarking solutions adopt symmetric system
requirements: (1) the sender can’t deny his signing; of cryptology.
(2) the receiver can’t deny his receiving; (3) the Because of the requirements of information
integrity of the information transferred is ensured. imperceptibility and integrity, Semi-fragile
But the digital signature itself would be watermarking is introduced into this system.
attached to the E-cheque to be sent, so this Semi-fragile watermarking is a kind of
transmission risks detection by unauthorized watermarking technique that can suffer reasonable
parties. Though this could be resolved by distortion (e.g. JPEG compressing), and would be
encrypting the plain text with traditional damaged by unreasonable distortion.  It brings
encryption technique, it is not so reliable, because content authenticity, integrity verification, as well
of the rapid improvement of software technique as imperceptibility. Therefore it ensures that even
and computer hardware, it is possible to decrypt the watermark is attacked, it wouldn’t be modified
the cryptograph. Even the hackers are not able to at all. It could be used to identify if the image has
decrypt it, they may resend the information after been tampered, destroyed, thus make sure of the
tampering it, and thus make the receiver could not authenticity of image content, and the embedded
get the original information. information could be extracted without loss.
According to this analysis, a much more Because of these advantages, semi-fragile
reliable payment system should satisfy the watermarking can be combined with digital
following requirements. signature to build up a more secure E-cheque
(1) Identity verification; the security of the payment system.
authorized users’ application for digital 2.2.1 A Possible Algorithm
certification. For semi-fragile watermarking, the
(2) Content certification; the integrity of the watermark should be validate when below certain
information and the authentication. critical value, and invalidated when above the
(3) Protection of sensitive information during value. Semi-fragile watermarking can be achieved
the transfer process. through carefully adjustment of the robust
As a resolution, we propose an E-cheque watermarking after it becomes anamorphic to a
payment system based on digital watermarking certain degree.  An example is described here:
Design the watermarking according to the each other’s identity.
quantification characteristic, let x ◊ q stand for ①Both sides decide to trade, and pay in
quantifying x to quantification step length q’s E-cheque.
integer multiple: ②Both sides establish conversation with CA,
x ◊ q=q[x/q+.5] and send requests to ask for identity verification.
If a stands for integer scalar, q1 & q2 are ③Both sides use their own private key to
quantification length and q1<=q2, thus: encrypt digital certification, which form a digital
((a◊q1) ◊q2) ◊q1)=a◊q1 envelop, then send it to CA.CA decrypts their
it means that quantify a to q1’s even multiple, envelope with their public keys, in order to
then quantify it with q2, as long as q1<=q2, the identify their identity. The trading procedure will
result could be quantified with q1 to counteract the continue if nothing is wrong.
impact of quantification of q2.  (2) A requests BkA for an E-cheque
2.2.2 Watermark embedding procedure ① A establishes conversation with BkA,
On the payer side, when the user wants to requests a E-cheque. Then A signs digitally on
make an payment by online E-cheque, he should E-cheque and encrypted with BkA Key. After that
obtain a E-cheque through local computers or A takes the encrypted cheque and digital envelope
POPs, including the same information as normal as watermark, using the bank’s Key’ as password
cheque and user’s digital signature, certificate, etc. to embed into the image, and then sends the image
This system adopts asymmetrical keys as to BkA.
watermark embedding and extracting key,   ②After BkA receives the image, it extracts
the payer uses the payee’s key to embed E-cheque the watermark using its Key and special software.
into the carrier image, to ensure the secrecy, safety, When the validation of watermark’s integrity is
invisibility and integrity of communication. done, it decrypts the digital envelope to identify
The embedding procedure is shown in Fig.2: A’s identity. If A is authorized, then BkA decrypts
the cheque with its Key. If the signature were right,
E-cheque A’s payment ability would be checked. If all right,
Watermarked image BkA generates an E-cheque on A’s demand.
Relevant key ③BkA signs on the E-cheque, and encrypts
it with A Key’, then uses it as watermark, BkA
Key as password to embed into the image, and
Fig.2 Watermark embedding procedure then sends the image to A.
2.2.3Extaction and verification of digital (3) Delivering E-cheque from A to B through CA
watermarking ① A extracts watermark with BkA Key’,
When extracting, the payee uses his own key after validating the integrity of watermark, and
and watermarked image as inputs of extraction then decrypts E-cheque with A Key. If the content
algorithm to extract related characteristic value, is all right, A signs on the E-cheque and encrypts it
and compares it with the threshold. If the with B Key’, then together with digital envelope
percentage is bigger than the threshold, it had not as watermark, CA Key’ as password, to embed
been modified, and then extracts the E-cheque to them into the carrier image, and then sends it to
be processed. CA.
②CA extracts watermark with CA Key, after
validating, identify A’s identity according to the
algorithm E-cheque digital envelope.
Relevant Key ③CA uses E-cheque as watermark, B Key’
as password to embed the E-cheque into the
Fig.3 Watermark extracting procedure carrier image, then sends it to B.
2.3 Improved Payment System ④B extracts watermark with B Key, after the
To describe the scene, let A stand for payer, validating, decrypts it with B Key, after the
B for payee, BkA for the bank of payer, BkB for signature being checked, sends confirm
the bank of payee; Key for private key, Key’ for information to CA.
public key. CA’s participation monitors both sides’
(1) Authenticating process among A,B,CA, to identify trading processes, thus makes the whole procedure
undeniable, and ensures the security of system. BkA. If everything is ok, BkB ask BkA for
(4) B interacts with BkB, to verifies the E-cheque transfer or batch transfer after a certain time.
① establishes conversation with BkB,
B ④ BkB sends message of the completed
requests for authentication of E-cheque. Then B payment to B; B sends this information to CA, and
signs on the cheque, and encrypts it with BkB provides goods or service according to contract;
Key’, together with digital envelope as watermark CA puts this transaction on record. So, that’s the
information and BkB Key’ as password to embed whole process of trading.
the watermark into the carrier, and then sends it to In conclusion, this E-cheque payment system
BkB. covers two function modules: the pivotal
②BkB extracts watermark with BkB Key, information is imperceptible and data integrity
after the validating, BkB identifies B by digital authentication is achieved. The whole system has
envelope. the advantages of security, scientific operation and
③ BkB decrypts the cheque, validates the efficiency. A description for part of its procedure is
cheque and inquires A’s payment capability from shown in Fig.4
Watermark Internet key of BkA
image Private key
Watermark Encrypted of BkA
+ Public key of
Digital envelop Digital
key of A envelop
encryption Certification Y
N verification Watermark Creating
Private Information Private Public
key of B of cheque key of A Original
key of A Digital
of A image
after digital signed
Internet + Y
key of A
Fig.4 Part of Secure system for E-cheque paying based on semi-fragile watermarking and digital signature
2.4 Analysis of Security error code and loss compression would lead to
This system introduces digital watermarking quality loss. These changes are invisible, so it
into the payment system, which was based on would cause wrong judgments in systems only
digital signature. The integrity and the based on digital signature. But for this System,
imperceptibility of semi-fragile watermark make wrong judgments could be avoided by semi-fragile
the payment process of E-cheque to be more watermarking. Studies about adopting digital
secure. Although it would take a little time to watermarking in payment system are still at
embed and extract the watermark, the security of primary stage, so there are still a lot of works to do.
the new system has been greatly improved. The security gap and some unknown attacks of the
3. Conclusion system need to be discovered , analyzed and
E-cheque has some obvious advantages over studied.
other means; it is highlighted by the present Bibliography
e-business research. Since it is proper for large Choist, Whinston AB. The future of E-Commerce:
amount of bankroll flows, its security problems integrate and customize. IEEE computer
seem to be critical. In this paper, we make use of 1999,32(1):133～138
semi-fragile watermarking to design an E-cheque Schneider M, Chang SF. A robust content based
payment system based on digital watermarking digital signature for image authentication. In:
and digital signature, and thus ensure that the Proceedings of the IEEE International
E-cheque won’t be easily detected when Conference on Image Processing, Vol 3.
transferred via network, or even be attacked, it Lausanne: IEEE Computer Society Press, 1996.
would be impossible to be decrypted; and because 227~230.
of its vulnerability, it is also impossible to be Housley R . , Polk W ., Solo D. RFC 2459,
tampered. And what’s more, channel transmission IFTF ,January 1999.