| Abstract: | Mobile wallet is a very convenient means of mobile payment to allow the clients to conduct the payment via their mobile devices. To reduce the computation burden of resources-constraint mobile devices, a few mobile wallet protocols with outsourced verification in cloud computing were proposed. But in some of the protocols, there exist the risk of a colluding attack of the customer and the untrusted cloud server. In this paper, we propose an improved protocol, in which the payment information is protected by Hash function and random number. The malicious customer and cloud server cannot change the payment information to conduct a collusion forgery attack to defraud the merchant. The security analysis indicates that the proposed improved protocol can enhance the security in terms of correctness, unforgeability and traceability without increasing the computational burden. |
