The sale of prepaid electricity is prevalent in South Africa due to the current economic, social, and political conditions. The system currently used for the distribution of tokens for prepaid electricity, CVS, has a design flaw that leads to many security vulnerabilities. The design flaw is that the security devices that generate the tokens are distributed in the field and operate independently of centralised control. This was done because of the limited communication infrastructure in South Africa 10 years ago, but is no longer necessary. An improvement to the system is suggested that removes the security vulnerabilities by making the system on-line. By employing the communication infrastructure that is available today to provide access to the security devices, the security devices can be located in a secure environment. Changing the mode of operation to on-line also has other advantages such as simplifying auditing and removing synchronisation problems. This improved system works by communicating on-line with a centralised server and database for every transaction that a customer makes. By doing this, all of the parties involved are kept up to date with the most recent transactions. There can no longer be financial discrepancies and the risk of all parties involved is thus reduced. It is no longer meaningful to steal the vending machines because they no longer have the ability to generate tokens independently. In order to implement such a system, however, there are many security aspects that need to be addressed, such as the confidentiality of the information within the system and proving that a transaction did occur between two specific parties. To this end, cryptographic functions and protocols are selected that meet the requirements of the system. Public key cryptography was found to be a necessary ingredient in making the system work effectively and efficiently. In order to use public key cryptography in the new system, Public Key Infrastructure is required to manage public keys and provide authentication services. A suitable system is developed and described that employs certificate authorities and X.509 certificates. The procedures that are required from each party are listed. A set of messages that is required for the functions of the system is given. For each message, the contents of the message is given, the parts of the message that must be encrypted are defined and the parts of the message that must be digitally signed are given. Finally, the security of the individual parts of the system is critically analysed to show that all of the design goals have been achieved. Particular attention is given to the authentication of parties involved in the communication. The security of the system as a whole is also evaluated with respect to the X.810 security framework and it is shown that the system is robust from a security perspective. The result of the research is a system that meets the required functionality to replace the existing system, and at the same time meets all of the security requirements. It is shown that the proposed system does not have the security flaws of the existing system and thus is more effective in its purpose of vending prepaid electricity.
Dissertation (MEng (Electronic))--University of Pretoria, 2007.