Mobile communications offer a wide variety of services to people. All mobile subscribers can use a mobile device to access various resources and conduct their business anytime from anywhere. This feature has contributed greatly to the rapid development of mobile commerce.

In fact, the Personal Trusted Device (PTD, such as PDA or mobile phone) lacks of computing resources has become a problem in mobile commerce development. In this paper, we overcome the limited computation power of mobile device and involve a trusted proxy server to coordinate transactions such that the important computation requirements can still be accomplished. In this paper, we propose a server-aided signature scheme for mobile commerce. We base on the Diffie et al. scheme and involve the one-time password mechanism to establish session key in advance, and then download the initial parameters into the mobile devices as the communication parameters between the mobile user and the proxy server. The proposed scheme satisfies the issues of security, non-repudiation, fairness, anonymity, simplicity, and mobility.

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	N. Asokan , G. Tsudik , M. Waidner, Server-supported signatures, Journal of Computer Security, v.5 n.1, p.91-108, Jan. 1997
	2	M. Badra, A. Serhrouchni and P. Urien, A lightweight identity authentication protocol for wireless networks, Computer Communications, 2004, Vol. 27, pp.1738--1745.
	3	Steven M. Bellovin , Michael Merritt, Encrypted Key Exchange: Password-Based Protocols SecureAgainst Dictionary Attacks, Proceedings of the 1992 IEEE Symposium on Security and Privacy, p.72, May 04-06, 1992
	4	Steven M. Bellovin , Michael Merritt, Augmented encrypted key exchange: a password-based protocol secure against dictionary attacks and password file compromise, Proceedings of the 1st ACM conference on Computer and communications security, p.244-250, November 03-05, 1993, Fairfax, Virginia, United States  [doi>10.1145/168588.168618]
	5	K. Bicakci and N. Baykal, Improved server assisted signature, Computer Networks, Vol.47, (2005)351--366.
	6	Neil Daswani , Dan Boneh, Experimenting with Electronic Commerce on the PalmPilot, Proceedings of the Third International Conference on Financial Cryptography, p.1-16, February 01, 1999
	7	E. Bresson, O. Chevassut and A. Essiari and D. Pointcheval, Mutual authentication and group key agreement for low-power mobile devices, Computer Communications, 2004, Vol. 27, pp.1730--1737.
	8	W. Diffie, M.E. Hellman, New directions in cryptography, IEEE Transactions on Information Theory, 1976, Vol. 22, No. 6, pp.644--654.
	9	X. Ding, D. Mazzocchi, and G. Tsudik, Experimenting with Server-Aided Signatures, Proceedings of 2002 Network and Distributed System Security Symposium (NDSS'2002), San Diego, 2002. http://citeseer.ist.psu.edu/ding02experimenting.html, accessed March 2007.
	10	A. O. Freier, P. Karlton and P. C. Kocher, The SSL Protocol Version 3.0, Internet Draft, March 1996.
	11	S. S. Grosche and H. Knospe, Secure Mobile Commerce, Electronics & Communication Engineering Journal, 2002, Vol. 14, No. 5, pp.228--238.
	12	David P. Jablon, Strong password-only authenticated key exchange, ACM SIGCOMM Computer Communication Review, v.26 n.5, p.5-26, Oct. 1996  [doi>10.1145/242896.242897]
	13	David P. Jablon, Extended Password Key Exchange Protocols Immune to Dictionary Attacks, Proceedings of the 6th Workshop on Enabling Technologies on Infrastructure for Collaborative Enterprises, p.248-255, June 18-20, 1997
	14	Yu Lei , Deren Chen , Zhongding Jiang, Generating Digital Signatures on Mobile Devices, Proceedings of the 18th International Conference on Advanced Information Networking and Applications, p.532, March 29-31, 2004
	15	Hung-Yu Lin , Lein Harn, Authentication protocols for personal communication systems, Proceedings of the conference on Applications, technologies, architectures, and protocols for computer communication, p.256-261, August 28-September 01, 1995, Cambridge, Massachusetts, United States
	16	Bahattin Ozen , Ozgur Kilic , Mehmet Altinel , Asuman Dogac, Highly personalized information delivery to mobile clients, Wireless Networks, v.10 n.6, p.665-683, November 2004  [doi>10.1023/B:WINE.0000044027.10190.16]
	17	R. Perlman and Charlie Kaufman, Secure Password--Based Protocol for Downloading a Private Key, Proceedings of the Network and Distributed System Security Symposium (NDSS '99), Catamaran Resort Hotel, San Diego, California, 1999. http://www.isoc.org/isoc/conferences/ndss/99/proceedings/papers/perlman.pdf, accessed March 2007.
	18	Anand Raghunathan , Srivaths Ravi , Sunil Hattangady , Jean-Jacques Quisquater, Securing Mobile Appliances: New Challenges for the System Designer, Proceedings of the conference on Design, Automation and Test in Europe, p.10176, March 03-07, 2003
	19	Norman M. Sadeh , Ting-Chak Chan , Linh Van , OhByung Kwon , Kazuaki Takizawa, A semantic web environment for context-aware m-commerce, Proceedings of the 4th ACM conference on Electronic commerce, June 09-12, 2003, San Diego, CA, USA  [doi>10.1145/779928.779992]
	20	R. Sandhu, Password-Enabled Public-Key Infrastructure (PKI) and Role-Based Access Control (RBAC) on the Secure Identity Appliance, Proceedings of ISC (Information Security Conference) 2002 Invited Speech, Taichung Taiwan.
	21	Gary Shih , Simon S. Y. Shim, A service management framework for M-commerce applications, Mobile Networks and Applications, v.7 n.3, p.199-212, June 2002  [doi>10.1023/A:1014574628967 ]
	22	Zouheir Trabelsi , Sung-Hyuk Cha , Darshan Desai , Charles Tappert, A voice and ink XML multimodal architecture for mobile e-commerce systems, Proceedings of the 2nd international workshop on Mobile commerce, September 28-28, 2002, Atlanta, Georgia, USA  [doi>10.1145/570705.570724]
	23	Aphrodite Tsalgatidou , Evaggelia Pitoura, Business models and transactions in mobile electronic commerce: requirements and properties, Computer Networks: The International Journal of Computer and Telecommunications Networking, v.37 n.2, p.221-236, October, 2001  [doi>10.1016/S1389-1286(01)00216-X ]
	24	A. Tsalgatidou, J. Veijalainen and E. Pitoura, Challenge in Mobile Electronic Commerce, Proceeding of IeC 2000, 3rd Int. Conf. On Innovation through E-Commerce, UK.
	25	Jari Veijalainen , Vagan Terziyan , Henry Tirri, Transaction Management for M-Commerce at a Mobile Terminal, Proceedings of the 36th Annual Hawaii International Conference on System Sciences (HICSS'03) - Track 3, p.89.1, January 06-09, 2003
	26	David Wagner , Bruce Schneier, Analysis of the SSL 3.0 protocol, Proceedings of the 2nd conference on Proceedings of the Second USENIX Workshop on Electronic Commerce, p.4-4, November 18-21, 1996, Oakland, California
	27	Wireless Transport Layer Security Specification, WAP Forum, 2001. http://www.wapforum.org/, accessed March 2007.