Maleke Ashtar University, Isfahan Iran, Islamic Republic of Faculty of Applied Sciences
Two parties that conduct a business transaction through the internet do not see each other personally nor do they exchange any document neither any money hand-to-hand currency. Electronic payment is a way by which the two parties transfer the money through the internet. Therefore integrity of payment and order information of online purchase is an important concern. With online purchase the customer and merchant cannot be assumed to be completely honest or they can act to change either payment information or the order information. Pateria, Singh and Raghuwanshi proposed a new protocol model based on tree entities customer, merchant and the payment authority that can verify each other. Unfortunately, this protocol is not secure. In this paper, a new protocol is proposed based on elliptic curve Difﬁe-Hellman key agreement protocol which is secure. The security of our protocol depends on ECDLP and since the ECC is a suitable public key cryptosystem, this protocol can be replaced with another protocol.