Secure E-Payment Scheme Using an Elliptic Curve

International Review on Computers and Software (I.RE.CO.S.), Vol. 7, n. 6, November 2012, Part C, Pages 366-370

Secure E-Payment Scheme Using an Elliptic Curve Sattar J Aboud and Sufian Yousef

Abstract – E-business is the comparatively contemporary and continually developing subject for business organization technology. One of the practical modernisms in banking, finance and e-business is an e-payment schemes. E-payment scheme introduce the technical advance that facilitates to achieve financial e-payments. In this article, we suggest a secure e-payment scheme using an elliptic curve cryptosystem. To protect uncorrupt entities of e-payment scheme we employ an elliptic curve blind signature scheme and we require also the trusted authority to trace the fraud activities.

Keywords: elliptic curve cryptosystem, e-business, e-payment scheme, digital signature.

I.

Introduction

E-business is one of a significant uses on Internet. Users privacy should be protected when they are embedded in an authorized business payments. In few years ago, encryption scheme and network communication have fast improvement [1]. A smart card-typed user authentication scheme [2] and epayment schemes are easiest and suitable authentication system for insecure channels. Blind signature scheme has been extensively employed to secure the user secrecy in an untraceable epayment scheme [3]. But, it is effortless to produce multiple copies of an e-cash. Thus, blind signature scheme is used to reduce the probable abuse of unlinkability [4]. When the user makes the abuse in an e-payment scheme, such as over-spending, money laundry, or blackmailing of coins [5], the trusted authority can implement the tracing system to disclose the identity. In 1982, Chaum [6] introduced the primary untraceable e-payment scheme using blind signature. Also, different other schemes have been suggested, which give characteristics like unforgeability, anonymity, and over-spending tracing [7]. However, in the e-payment schemes, the philosophy of online and offline indicate the certain characteristic of a payment scheme. The online e-payment scheme need regular and real-time participation of a bank in each transaction, but this resulting great timing costs. On the contrary, offline e-payment scheme typically work in both types, checking cost payments online, whilst a remainder of transaction is handled in offline type by a bank. The original offline e-payment scheme is presented by Chaum [8] in 1990 and followed by various schemes [9]. In these schemes a bank is not participated in a payment transaction between the user and the merchant. The user withdraws e-cash issued by a bank and employs them to Manuscript received September 2012, revised January 2012

pay the cost of goods to the merchant. After that, a merchant deposit an e-cash into account. To avoid fraud activities or to trace frauds, it requires certain anonymity revocation method. An offline e-payment scheme uses the trusted authority to trace the frauds to protect the uncorrupt entities of an e-payment scheme. In 1986, Miller [10] proposed elliptic curve cryptosystem which given more attention because of its smallest key size need in comparison with other public key encryptions [11]. For instance, 160-bit elliptic curve digital signature scheme has the security level equal to 1024-bit digital signature scheme. Such benefit makes elliptic curve cryptosystem a superior alternative for public key encryption schemes. In this article, we introduce a secure e-payment scheme using elliptic curve cryptosystem. The proposed e-payment scheme is not employ pairings that not only results in efficiency and ease of execution. The suggested offline e-payment scheme can be employed in the wireless networks with the restricted bandwidth. The remainder of this article is organized as follows. In the following section we study the e-payment schemes and the principal facts of an elliptic curve cryptosystem. Then we illustrate the proposed e-payment scheme in Section 3. Moreover, we examine some characteristics of security in Section 4. Finally, in Section 5 the conclusions and remarks.

II. Background In this section, we concisely study the characteristics in secure e-payment schemes and the principal facts of an elliptic curve cryptosystem. But let first describe the notations used in this paper. II.1.

Notations Used

The notations used in this paper are as follows: Copyright © 2012 Praise Worthy Prize S.r.l. - All rights reserved

Sattar J Aboud and Sufian Yousef

eB , rB iB , j B

Public keys of the bank Private keys of the bank

eC' , rC' iC , jC

Public keys of a client Private keys of client

yu P l*P PQ h1 ,h2 p, q

i - coordinate of a point u Point of elliptic curve Point multiplication operation Point addition operation Secure one way hash functions Prime numbers where q  E ( Fp )

E ( Fp )

Elliptic curve defined over the finite field

Z *p

Multiplicative group

funds Acc Id C

Total of money transfer Client account in a bank Client identity Client signature

SC ST

Trusted authority Signature II.2.

The E-Payment Schemes

E-money is the new idea in online payment scheme since it combines computerized expediency of protection and secrecy that develop coins. The standard e-payment scheme has three entities: bank, client and merchant and three main protocols, withdraw, payment and deposit. Client and merchant open an account with a bank. A client withdraws e-cash from the account, by using the withdraw protocol with a bank through a validated channel. Subsequently, a client spends an e-cash in the payment protocol with the merchant through an anonymous channel and the merchant implements the deposit protocol with a bank to deposit an e-cash into the account. E-payment schemes are usually divided into online schemes and offline schemes. In the online scheme, a bank should be included for every transaction, but anonymity of a client stays secured. The e-payment scheme is offline if in payment protocol a merchant is not connect with a bank. A bank can legitimately trace the corrupt client with an aid of a trusted authority. We review six significant conditions [12] for the secure an epayment scheme. They are: 1. Efficiency: The e-payment scheme should be efficient in storage space and time complexity. 2. Unforgeability: Just authorized bank can issue ecash. 3. Anonymity: The bank cannot connect an e-cash to an uncorrupt owner of e-cash without a trustee assist. 4. Traceability: A bank can disclose a client identity with a trustee assist when a same e-cash is used twice. 5. Mutual authentication: Two participants can validate each other accurately.

Copyright © 2007 Praise Worthy Prize S.r.l. - All rights reserved

II.3.

Elliptic Curve Cryptosystems

The elliptic curve cryptosystem was initially introduced in 1986 by Miller. Elliptic curve cryptography uses discrete logarithm assumption over a finite field. Dissimilar the other cryptography such as RSA or ElGamal, elliptic curve cryptography is difficult to break at corresponding key sizes. The elliptic curve over a finite field F p larger than three can be built by selecting of two values a and b within a field F p . Definition 1: elliptic curve is a set of points ( x, y) that convince formula y 2  x3  a * x  b mod p , where x, y  Fp and

special

point

indicated O with

An elliptic curve group is 4 * a  27 * b  mod p . additive abelian group with a point O that is an identity component. The equation for addition of two points on the elliptic curve over the finite field F p greater than 3

2

three are provided as follows. Suppose P( x1 , y1 ) and

Q( x2 , y2 ) be components of an elliptic curve group. Thus P  Q  ( x3 , y3 ) is:

x3  2  x1  x2 y3   ( x1  x3 )  y1



y 2  y1 If P  Q or x2  x1



3x12  a If P  Q 2 y1

Definition 2: Suppose E is the elliptic curve defined over the finite field F p and suppose P  E ( E p ) is the point of order n . Assume Q  E ( Fp ) , an elliptic curve discrete logarithm assumption is to compute a value l ,0  l  n  1 , where Q  l * P . Elliptic curve cryptosystem is acutely convenient in uses such that a memory or a bandwidth is restricted for example smartcards and wireless connections.

III. The Proposed E-Payment Scheme The suggested e-payment scheme contains six protocols. These are: initialization protocol, registration protocol, withdraw protocol, payment protocol, deposit protocol, and tracing protocol. We will describe each protocol as follows: III.1. Initialization Protocol The steps of the initialization protocol are as follows: The Initialization 1. suppose p is the prime number. 2. select elliptic curve E defined over finite field F p 3. compute an order of elliptic curve E ( Fp ) .

International Review on Computers and Software, Vol. xx, n. x


4. suppose

q is

the

prime

number

where

q  E ( Fp ) .

5. assume P is the point of order q on an elliptic curve E . 6. suppose h1 and h2 are two hash functions such that

h1  (0,1)  (0,1) *

|q|/ 2

, and h2  (0,1)

*

 Z *p

.

The client should do the following: 1. checks signature ST by ST * P  h1 ( yrT  ye' )eT  rT . C

If this formula corrects then accepts, if not rejects it. III.3. Withdraw Protocol The withdraw protocol includes a client C and a bank B . First, a client C verifies his identity to a bank B using an elliptic curve of a signature scheme [13]. Next, a bank B employs a blind signature scheme of an elliptic curve to withdraw the cash from a bank B . The steps of the protocol are as follows: The Client C

4. determine the private key by iC . The Trusted Authority T The trusted authority T should do the following: 1. selects an integer iT  (2, q  1) . 2. finds a point eT  iT * P . 3. determine the public key by eT . 4. determine the private key by iT . III.2. Registration Protocol In this protocol, we explain a transfer message between a client C and a trusted authority T . A client C creates and registers the public key to a trusted authority T . The steps of this protocol are as follows: The Client C The client should do the following: 1. selects a private key iC'  (2, q  1) . 2. finds a corresponding public key is eC'  iC' * P . jC'

4. computes a corresponding public

 (2, q  1) .

key rC'

*P

5. finds a signature SC  iC * h1 ( yr '  Id C  ye' )  jC' . C

C

Such that y r ' and ye' are i –coordinate of points C

rC' and eC' respectively.

6. passes S C and Id C to a trusted authority. The Trusted Authority T The trusted authority should do the following: 1. checks a signature S C by SC * P  h1 ( yr '  Id C  ye' )eC  rC' . If this C

C

that y rT is i -coordinate of a point rT . 6. saves Id C , ST , S C and eC' in the database. The Client C

3. determine the public key by eB 4. determine the private key by i B . 5. opens a client account Acc 6. passes account Acc to a client. The Client C The client C should do the following: 1. selects an integer iC  (2, q  1) . 2. finds a point eC  iC * P . 3. determine the public key by eC .

C

4. finds a signature ST  iT * h1 ( yrT  ye' )  rT , such 5. passes ST and rT to a client.

The Bank B The bank B should do the following: 1. selects an integer i B  (2, q  1) . 2. finds a point eB  iB * P .

3. selects a temporary private key

formula corrects then it accepts otherwise rejects it. 2. selects a temporary secret key jT  (2, q  1) . 3. computes a corresponding public key rT  jT * P .

C


The client should do the following: 1. sets the e-money requirement that is a message m  h2 ( Id C  funds) . 2. chooses a random integer j  (2, q  1) . 3. finds w  j * P * h2 (m) 4. computes d  h1 (m  yw ) such that y w is i coordinate of a point w . 5. computes s1  ( j  d * iC ) mod q 6. passes the message m and the signature (d , s1 ) to a bank. The bank B The bank should do the following: 1. checks a signature (d , s1 ) by:  finds z  (d * eC  s1 * P) * h2 (m) .  finds d '  h1 (m  y z ) , such that y z is i coordinate of a point z . If d '  d a bank accepts a signature, if not reject it. 2. chooses j '  (2, q  1) . 3. finds a point r '  j ' * P ' 4. passes r to a client. The Client C

The client should do the following: 1. chooses randomly g1 , g 2  (2, q  1) . 2. finds r  g1 * P  g 2 * r ' . 3. finds b  h1 (m  yr ) such that y r is i -coordinate of a point r .



4. finds m'  b * g 21 mod q

4. accepts an e-money and passes merchandise to a client. If not, a merchant declines it.

5. passes m ' to a bank. The bank B The bank should do the following: 1. finds s2  ( j '  m' * iB ) mod q 2. passes s 2 to a client. The Client C

III.5. Deposit Protocol

The client should do the following: 1. finds s3  (s2 * g 2  g1 ) mod q 2. finds r "  (b * eB  s3 * P) 3. finds b '  h1 (m  yr" ) such that y r " is i -coordinate of a point r " . If b  b ' , a blind signature (b, s3 ) is valid, if not it is invalid. The bank B The bank should do the following: ' 1. saves Id C and m then withdraws a money from a client account Acc . III.4. Payment Protocol This protocol includes a client C and a merchant M . A client pays withdrawn money to a merchant M for merchandise. The steps of the protocols are as follows: The merchant M The merchant should do the following: 1. finds x  h1 ( Id M  Tm ) ,such that Id m is a merchant identity, Tm is a recorded time of a transaction. 2. passes x to the client. The Client C The client should do the following: 1. selects an arbitrary jC  (2, q  1) . 2. finds rC  jC * P . jC  iC'

2.

x  eC'

3. computes s4  * h1 ( Id M   b) . 4. passes s4 , ST , (b, s3 ) and rC to a merchant. The merchant M The merchant should do the following: 1. verifies if (s4 , b, s3 ) in its database for avoiding an over-spending. Otherwise, checks the signatures s4 , ST , (b, s3 ) as follows: rC  s4 * P  h1 ( Id M  x  eC'  b)eC' ST * P  h1 ( yrT  ye' )eT  rT

The deposit protocol includes a merchant M and a bank B . In this protocol a merchant M has to deposit the received e-cash to a bank B . The steps of the protocol are as follows: The merchant M The merchant should do the following: 1. passes s4 , ST , (b, s3 ), rC and x to a bank. The bank B The bank should do the following: 1. checks a signature as provided in (1), (2) and (3). If these formulas are not valid, a bank ends a transaction. 2. if (1), (2) and (3) are valid, 3. verifies if b and eC' got from a merchant, exist in its database. If they exist 4. computes a signature s5 for a deposited e-cash in its database 5. passes s5 to a merchant. 6. discovers the e-cash which is double-deposit or an e-cash is over-spending. The merchant M The merchant should do the following: 1. receives s5 from a bank 2. checks if s5  s4 if yes, declines transaction. 3. if not, passes s4 , Id M , x and Tm to a bank. The bank B The bank should do the following: 1. checks a signature S C as follows :

(1) (2)

C

b  h1 ((b * eB  s3 * P)  b) (3) such that y rT is i -coordinate of a point rT and ye' is i -coordinate of a point eC' . C

2. when the above equations correct a merchant accepts the signatures. 3. saves s4 , ST , (b, s3 ), eC' , x in its database.


3.

4. 5.

rC  s4 * P  h1 ( Id M  x  eC'  b)eC' when this signature is valid, accepts an e-cash and deposits e-cash in a merchant account. saves s4 , ST , (b, s3 ), eC' and Id M in its database and a merchant passes a merchandise to a client. if discovers that b and s 4 has been saved before, but different Tm and x . if an e-cash is over-spending. Then, tracing process to find an identity of a double spender.

III.6. Tracing Protocol The tracing protocol includes a bank B and a trusted authority T . In this protocol a bank B helps a trusted authority T to discover an identity of a double spender. The trusted authority T discloses the double spender of a paid e-cash from a payment protocol. The steps of the protocol are as follows: The bank B



The bank should do the following: 1. passes rC , x and the signatures s4 , ST , (b, s3 ) and s5 from its database to a trusted authority. The Trusted Authority T The trusted authority should do the following: 1. check signatures s4 , ST , (b, s3 ) and s5 as follows: rC  s4 * P  h1 ( Id M  x  eC'  b)eC' ST * P  h1 ( yrT  ye' )eT  rT C

b  h1 ((b * eB  s3 * P)  b) rC  s5 * P  h1 ( Id M  x  eC'  b)eC' Such that y rT is i -coordinate of a point rT

and ye' is i -coordinate of a point.

IV.2. Correctness In a registration protocol a client creates a signature, SC  iC * h1 ( yr '  Id C  ye' )  jC' and the trusted authority C

C

creates his own signature ST  iT * h1 ( yrT  ye' )  jT . We C

prove that the both signatures S C and ST are valid. Theorem 2: When a client and a trusted authority follow a registration protocol and accept it, then signatures creates by a client, respectively by a trusted authority, S C and ST , are correctly. Proof. A verification formula for is SC SC * P  h1 ( yr '  Id C  ye' )eC  rC' . A relation follows from: C

C

SC * P  iC * h1 ( yr '  Id C  ye' ) P  jC' * P C

C

2. finds an identity of double spender, Id C and eC' . eC'

3. passes Id C and to a bank. The bank B The bank should do the following: 1. check a double spender account to avoid overspending.

C

 iC * P * h1 ( yr '  Id C  ye' )  rC' C

C

 h1 ( yr '  Id C  ye' )eC  rC' C

C

Also, a verification formula for ST is: ST * P  h1 ( yrT  ye' )eT  rT C

A source of a verification is explained as follows: ST * P  (iT * h1 ( yrT  ye' )  jT ) P C

IV.

 iT * P * h1 ( yrT  ye' )  jT * P

Security of the Scheme

C

In this section, we study the security of the proposed epayment scheme.

 h1 ( yrT  ye' )eT  rT C

IV.3. Anonymity IV.1. Non-Forgeability The clients of an e-payment scheme and a trusted authority, even in cooperation, must not be able to issue e-cash without direct involvement of a bank. The difficulty of forgery in the proposed scheme is controlled by security keys p and q . Theorem 1: The client and other third participant cannot create a same signature of a bank if they follow a blind signing scheme in a withdraw protocol. Proof. since a signature scheme of [13] is secure antiexistential forgery, this allows an authorized bank to create a signature for an e-payment. For one-way hash function h2 , if a value of m is provided, it is easy to calculate h2 (m) . But, if a value of h2 (m) is provided, calculating m is extremely hard. Also, since a hash function h2 is secure, it is difficult to create two different inputs with matching results. Thus, an unauthorized client cannot compute a value m'  m with h2 (m)  h2 (m' ) . If a hacker has points eB , P and r ' cannot

calculate

iB

and

j'

from

formulas eB  iB * P and r '  j ' * P since also should solve an elliptic curve discrete logarithm assumption.


In a withdraw protocol we employ a blind signature scheme under elliptic curve assumption. A blind digital signature scheme is important tool for building different anonymous e-payment schemes. In anonymous epayment scheme, even influential agent which cooperates with a bank cannot connect payments to withdraw. Theorem 3: The bank cannot connect a blind e-payment with an identity of a client. Proof. A validity of a blind elliptic curve signature (b, s3 ) for an e-cash is b  h1 ((b * eB  s3 * P)  b) that is identical by r "  r . A source of a verification is illustrated as follows: r "  b * eB  s3 * P  b * eB  (s2 * g 2  g1 ) P  b * eB  s2 * g 2 * P  g1 * P  b * eB  ( j '  m' * iB ) g 2 * P  g1 * P  b * eB  ( j '  b * g 21 * iB ) g 2 * P  g1 * P  b * eB  g 2 * j ' * P  b * g 21 * g 2 * iB * P  g1 * P  b * eB  g 2 * r '  g1 * P  b * eB

 g 2 * r '  g1 * P r



Since r "  r results that a signature (b, s3 ) is the valid blind signature issued by a bank. The bank cannot retrieve message m from formula

m'  h1 (m  yr ) g 21 mod q because a message m is secured by a hash function h1 . It is hard to get m from Also, it is difficult to h1 (m  yr ) . get funds from h2 ( Id C  funds) . Also, when a hacker has the points P, r and r ' cannot calculate g1 and g 2 from a

But, the proposed scheme, a time complexity a withdraw, payment and deposit phase needs 7, 4, 3 multi-based exponentiations respectively. Regarding storage space a sum bandwidth of 880, 720, 820 bits respectively. For instance, if a user pays to a merchant in payment phase, and a user then passes the following message to a merchant: s1, ST , (h, s), rC . A sum length of this message is: 160 + 160 + (80 + 160) + 160 = 720 bits.

formula r  g1 * P  g 2 * r ' hence should first solve an elliptic curve discrete logarithm problem. IV.4. Mutual Authentication A client C and a bank B verify each other in a withdraw protocol. Thus, a bank B provide the valid ecash to the authorized client. When a client C is not authenticate a validity of an e-cash received from a bank B in a withdraw protocol, then a client C may then get a forged e-cash from a hacker. When a hacker needs to impersonate as a client C to pass a signature (bC' , s5 ) to a bank, a bank B will reject it because (bC' , s5 )  (bC , s1 ) . In addition, a hacker cannot calculate j from a formula w  j * P * h2 (m) since he should solve an elliptic curve discrete logarithm problem illustrated in Definition 2.

V.

In this paper, we suggested secure e-payment scheme under an elliptic curve discrete logarithm assumption. We showed that the proposed epayment scheme convinces a security characteristics such as mutual authentication, nonforgeability of an e-cash, correctness, traceability, anonymity and efficiency. As a result, we compared a suggested e-payment scheme with other schemes, and a comparison results prove the proposed scheme is more efficient than existing schemes. Since a quantity of communication between client C and merchant M is around 720 bits, a suggested e-payment scheme can be employed in a wireless communications.

References [1]

IV.5. Traceability When some client uses the same e-cash twice, then with the help of a trusted authority T , a bank B can realize this illegal transaction by verifying the overspent e-cash saved in a database since a trusted authority T can disclose an identity of a client C by checking the signatures S 4 , ST , (b, s3 ) and S 5 .

[2]

[3]

[4]

[5]

IV.6. Storage Space and Computing Time We will discuss a storage space and computing time of operations. The efficiency is enhanced in the proposed e-payment scheme compared with other schemes in terms of storage space and timing cost. Assume the proposed e-payment scheme has a point P of 160 bits, p  512 bits, q  160 bits and a length of every participant Id  20 bits. For a value L  10 and t  40 . Concerning time complexity a withdraw, payment and deposit phase of Canard et al., scheme[14] need 5,1673, 14 multi-based exponentiations respectively. Regarding storage space a sum bandwidth of 6420, 30740, 27648 bits respectively. Concerning time complexity a withdraw, payment and deposit phase of Au et al., scheme [15] needs 2156, 34, 10 multi-based exponentiations respectively. Regarding storage space a sum bandwidth of 8160, 5188, 5164 bits respectively.


Conclusion

[6] [7]

[8] [9]

[10]

[11] [12]

H. Xiong, F. Li, and Z. Qin, A provably secure proxy signature scheme in certificateless cryptography, Informatica, 21(2), 277– 294, 2010. Y. Tseng, T. Wu, J. Wu, A pairing-based user authentication scheme for wireless clients with smart cards, Informatica, 19(2), 285–302, 2008. C. Li, M. Hwang, An efficient biometrics-based remote user authentication scheme using smart cards, Journal of Network and Computer Applications, 33(1), 1–5, 2010. A. Raulynaitis, E. Sakalauskas, S. Japertas, Security analysis of asymmetric cipher protocol based on matrix decomposition problem, Informatica, 21(2), 215–228, 2010. M. S. Rababaa, Sattar J. Aboud, M. A. Al-Fayoumi, An Efficient Designated Receiver Signature Scheme, International Review on Computers and Software, Volume 2, Number 4, July 2007, pp. 366-370. D. Chaum, Blind signature for untraceable payments, Proceedings of Eurocrypt’82, Plenum, New York, pp. 199–203, 1983. Defa Hu, Juanjuan Luo, An Efficient Buyer-Seller Watermarking Protocol with Multicast, International Review on Computers and Software, Vol. 6 N. 3, pp. 389-392, 2011. D. Chaum, Fiat, A., Naor, M., Untraceable electronic cash, Proceedings of the Crypto’88, pp. 319– 327, 1990. J. Chou, Y. Chen, M. Cho, H. Sun, A novel ID-based electronic cash system from pairings, Cryptology ePrint Archive, Report 2009/339. Available at http://eprint.iacr.org/. V. Miller, Uses of elliptic curves in cryptography, Advances in Cryptology, Proceedings of Crypto’85, Lecture Notes in Computer Sciences, Vol. 218, Springer, pp. 417–426, 1986. NIST, Federal Information Processing Standards, Digital signature standard (DSS), Publication 186-3, 2009. A. Sehad, N. Bessah, I.Touari, Y.Benfattoum, H.Khali, M.Cheriet, A New PCA-based Face Authentication Approach for Smart-Card Implementation, International Review on Computers and Software, Vol. 5. n. 4, pp. 384-389, 2010 .



[13]

N. Enneya, M. El Koutbi, A New Mobility Metric for Evaluating Ad Hoc Network Performance, International Review on Computers and Software, Vol. 3. n. 5, pp. 506 - 514, 2008. [14] Lv Bin, Fei Long, Buyer-Seller Watermarking Protocol without Trust Third Party, International Review on Computers and Software, Vol. 6 N. 6, pp. 1104-1107, 2011. [15] M. Au, W. Susilo, and Y. Mu, Practical anonymous divisible ecash from bounded accumulators. Proceedings of Financial Cryptography and Data Security, Lecture Notes in Computer Science, Vol. 5143. Springer, Berlin. pp. 287–301, 2008.

Authors’ information Sattar J Aboud is currently a visitor professor in Telecommunications Engineering Research Group at Anglia Ruskin University in Britain. He received his education (PhD and Master) in 1988 from Britain. He worked in various academic places and research centres cross the continents. During this long period he has gathered wide and very rich experiences in both teaching, researching fields and in quality assurance in university education areas. Thus, he awarded the Quality Assurance Certificate of Philadelphia University, Faculty of Information Technology in 2002, and also the Iraqi Council of Representatives medal, for organizing the first International Conference for Iraqi Expatriates Scientists & Qualifiers, Baghdad-Iraq in 2008 . His research interests include the areas of both symmetric and asymmetric cryptography, area of verification and validation, and performance evaluation. Sufian Yousef Graduated in 1978 as Electrical Engineer for his B.Sc. Worked for 18 Years in the Telecommunication Corporation of Jordan as Operation & Maintenance engineer, and then as head of Transmission. He moved to Anglia Ruskin University (ARU) in 1993 to gain his MSc in Telecommunication Systems Management. In 1994 he was Offered studentship from EPSRC to complete his PhD at ARU on ATM modeling and queuing which has been achieved in 1998. He worked as a research fellow at ARU from 1998 until 2002 and then promoted to a senior lecturer. He established and headed the Telecommunication Engineering Research Group (TERG) since year 2003 which currently hoists 28 MPhil/PhD students. TERG has to become a research centre of excellence in Mobile and security research. TERG has wide international links through heading a European consortium for bidding to FP7 fund. His main research is performed recently on mobile communications at different generations through considering quality of service, security, noise cancellation, coding theory, Ad Hoc mobile networks, 4 th generation mobile networks issues. Dr. Yousef has published more than 100 papers covering all the aforementioned fields.

