Skip to main content


Showing posts with the label E-Commerce

Requirements of symmetric key cryptography algorithm(NIST)- Advanced EncryptionSystem(AES)

National Institute for Standards Technology put out a call for proposals for
new crypto system with following requirements.Must provide a high level of security (i.e. difficult to decrypt in finite time).Must be completely specified and easily understood.Security must reside in key – Not in algorithmMust be available for all usersAdaptable for use in diverse applications cards. Implementable economically in electronic devices.Must be efficient to use as both software and hardware.Must allow one to validate it.Must be exportable.No trap door.In October 2000 it announced the selection of an algorithm – called Rijin
dael(Pronounce RAIN DOLL) as new Advance Encryption Standard (AES).

what is Triple DES?

Triple DES uses three different keys and three executions of DES algorithm.

The algorithm is
Cipher text = E k3 [D k2 [E k1 [Plain Text]]]
where E k [X] = DES Encryption of X using key K
and D k [X] = DES Decryption of X using key K

Remember that in DES Decryption of encrypted plain text with a different
key is almost same as another encryption. This is true as encryption and
decryption use the same algorithm.

To decrypt cipher text we reverse the operations.
Plain text = D k1 [E k2 [D k3 [Cipher Text]]]

Block Diagram of Triple DES: 

 Using DES thrice is equivalent to having a DES key length of 168 bits.
Brute force method to break triple DES with 106 decrypts per micro second
will take 5.9 X 10 30 years! Even at 1012 fold increase in computer speed
will make triple DES secure against brute force attacks to break code
The only reason D is used as middle step in triple DES is to allow decryption
of data encrypted using single DES hardware. In this case K3=K2=K1
(Single key used) (See b…

Type Licensing model of E-Commerce

Various type of E-commerce platform falls into several industry classifications based upon their licensing , sales scenario and data exchange .

Type of licensing model :1) On-premises E-commerce : On-premises e-commerce software usually requires initial one time purchase investment in terms of licensing fees. Also, it implies extra costs related to hardware and installation services as well as data migration and on-going maintenance fees that are usually charged on a yearly basis for software updates and support . Advantage :
Easily customizableData securityHigh performanceDisadvantages:
Large initial investmentSelf-maintenanceTechnical knowledge2) Software as a Service (SaaS) E-commerce :Software as a Service (SaaS) is a cloud based delivery model in which applications are hosted and managed in a service provider's data center, paid for on a subscription basis and accessed via a browser over an internet connection .
Advantage : Affordable low-cost solutionHosted/upgraded by …

Digital Encryption Standard(DES)

Digital Encryption Standard(DES) :
Proposed by IBM in 1975Standardized by US Govt in 1977It is a combination of permutation and substitution on blocks of
64 bits. A message is broken up into 64 bit blocks and each
block is separately encrypted. #General idea used in DES

M = PLAINTEXT        01101100 11011000 11011010
K = KEY                      10101111 00101100 01011011
E = M ⊕ K                   11000011 11110100 10000001 encryption
M= E ⊕ K                    01101100 11011000 11011010 decryption

Digital Encryption Standard(DES) Algorithm :  Before applying DES the text is split up into the 64 bit blocks. DES applied on each 64 bit block.

Encryption method
Step 1: Apply an initial permutation on a block.Result is B=IP(P)
              where P is the 64 bit block IP Initial Permutation function and
               B the result.
Step 2: Split B into 32 bit blocks
              Li = leftmost 32 bits
              Ri = rightmost 32 bits.
Step 3: Pick a 56 bit key. Permute it
Step 4: Left ci…

Business To Business E -Commerce

Business To Business E -Commerce : 
 Local LAN of business would normally follow TCP/IP protocol of internet
and is called corporate intranet. Purchase order entered by business1 in its PC and electronically dispatched to vendor (by e-mail). Vendor acknowledges electronically the order. Vendor dispatches goods (physically) and delivery note electronically to
business1 Business 1 can compare delivery note against order -both are in computer
readable form Discrepancy note(if any) can be immediately sent to the vendor(business 2) Business 1 can carry out all local transactions using its LAN Local transactions are inventory update by stores - advice to accounts to
pay for goods taken into stock. Accounts can make payment electronically to Vendor.

 Implementing B2B E-Commerce requirements : .Agreed on formats for Purchase order, delivery note, payment order etc.
Standard known as EDI (Electronic Data Interchange Standard) is used to
send documents electronically.Each Business must have corporate in…

Electronic Data interchange(EDI)

Electronic Data interchange(EDI):
Computer readable forms for business documents such as invoices,
purchase orders, delivery notes needed in B2B e-commerce so that e-
documents can be exchanged.Essential to eliminate manual data entry, which is error proneEssential to agree on common formats for commonly used forms.Electronic data interchange (EDI) standard gives specifications for
commonly used standard business forms. It is possible to adapt these standards for documents which use XML for
specification. Electronic Data interchange(EDI) Specification : Defines several hundred transaction sets corresponding to each type of business document such as invoice, purchase order etc. Defines data segments - corresponding to groups of data elements such as purchase order line. Defines data elements - which are individual fields such as price, quantity etc.

Electronic Data interchange(EDI)Standards : 
ANSI X.12 standard proposed by American National Standards Institute. EDIFACT (Electronic Data Inter…

What is E-Commerce ?

DEFINITION : Sharing business information, maintaining business relationships and conducting business transactions using computers connected to a telecommunication network is called E-Commerce.

                                                                  BUSINESS TO CUSTOMER (B2C)
                                                                  CUSTOMER TO CUSTOMER (C2C)

E-Commerce Application Example :
business.Anywhere, anytime transaction.Can look for lowest cost for specific goods or service.Businesses can reach out to worldwide clients - can establish business
partnerships.Order processing cost reduced.Ele…