Today, mobile payment is becoming one of the most frequently used approach to provide payment services under business and financial organization via mobile devices, such as smart phone, ipad. However, the limited resources of the mobile devices cause that it can not perform large-scale computing. Thus, it is a better way to outsource securely some computation of mobile payment to the untrusted cloud server. Recently, Qin et al. proposed a mobile payment protocol with outsourced verification in the untrusted cloud server, hi this paper, we firstly show that their protocol exists two issues: one is an unreasonable construction, which causes their protocol not to be implemented; the other is that there is a colluding attack of customers and the untrusted cloud server at outsourced verification phase, which causes the verification of their protocol to be insecure. Next, we improve their protocol and analyze the security of our improved protocol.

• 出版日期2018-2
• 单位电子科技大学