Generic non-repudiation protocols supporting transparent off-line TTP

A non-repudiation protocol enables the fair exchange of an electronic message and an irrefutable digital receipt between two mistrusting parties over the Internet. That is, at the end of any execution instance of such a protocol, either both parties obtain their expected items or neither party does. In this paper, we first argue that it is really meaningful in practice to exploit generic fair non-repudiation protocols with transparent off-line trusted third party (TTP). Namely, in those protocols, each involved party could use any secure digital signature algorithm to produce non-repudiation evidences; and the issued evidences are the same regardless of whether the TTP is involved or not. Then, we present such a fair non-repudiation protocol to overcome some limitations and shortcomings in previous schemes. Technical discussions are provided to show that our protocol is not only secure but also the most efficient solution, compared with existing non-repudiation protocols. In addition, some potential extensions are also pointed out.

[1]  Martín Abadi,et al.  Prudent engineering practice for cryptographic protocols , 1994, Proceedings of 1994 IEEE Computer Society Symposium on Research in Security and Privacy.

[2]  Colin Boyd,et al.  Exploring Fair Exchange Protocols Using Specification Animation , 2000, ISW.

[3]  Jacques Stern,et al.  RSA-OAEP Is Secure under the RSA Assumption , 2001, Journal of Cryptology.

[4]  Dieter Gollmann,et al.  A fair non-repudiation protocol , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[5]  Yevgeniy Dodis,et al.  Breaking and repairing optimistic fair exchange from PODC 2003 , 2003, DRM '03.

[6]  Ricardo Dahab,et al.  An Attack on a Protocol for Certified Delivery , 2002, ISC.

[7]  Carsten Rudolph,et al.  On the security of fair non-repudiation protocols , 2003, International Journal of Information Security.

[8]  Silvio Micali,et al.  Simple and fast optimistic protocols for fair electronic exchange , 2003, PODC '03.

[9]  Cristina Nita-Rotaru,et al.  Stateless-Recipient Certified E-Mail System Based on Verifiable Encryption , 2002, CT-RSA.

[10]  Olivier Markowitch,et al.  An Optimistic Non-repudiation Protocol with Transparent Trusted Third Party , 2001, ISC.

[11]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[12]  Kouichi Sakurai,et al.  A Certified E-mail System with Receiver's Selective Usage of Delivery Authority , 2002, INDOCRYPT.

[13]  Dieter Gollmann,et al.  Certified Electronic Mail , 1996, ESORICS.

[14]  Jianying Zhou,et al.  An intensive survey of fair non-repudiation protocols , 2002, Comput. Commun..

[15]  Robert H. Deng,et al.  Efficient and practical fair exchange protocols with off-line TTP , 1998, Proceedings. 1998 IEEE Symposium on Security and Privacy (Cat. No.98CB36186).

[16]  Holger Vogt Asynchronous Optimistic Fair Exchange Based on Revocable Items , 2003, Financial Cryptography.

[17]  Oded Goldreich,et al.  A Simple Protocol for Signing Contracts , 1983, CRYPTO.

[18]  Catherine A. Meadows,et al.  Formal methods for cryptographic protocol analysis: emerging issues and trends , 2003, IEEE J. Sel. Areas Commun..

[19]  Josep Lluís Ferrer-Gomila,et al.  An Efficient Protocol for Certified Electronic Mail , 2000, ISW.

[20]  Mihir Bellare,et al.  Optimal Asymmetric Encryption-How to Encrypt with RSA , 1995 .

[21]  Jianying Zhou,et al.  Enhancing Certified Email Service for Timeliness and Multicasting , 2004 .

[22]  Victor Shoup,et al.  Practical Threshold Signatures , 2000, EUROCRYPT.

[23]  Markus Jakobsson,et al.  Abuse-Free Optimistic Contract Signing , 1999, CRYPTO.

[24]  Ning Zhang,et al.  RSA-based Verifiable and Recoverable Encryption of Signatures and its application in certified e-mail delivery , 2005, J. Comput. Secur..

[25]  Robert H. Deng,et al.  Evolution of Fair Non-repudiation with TTP , 1999, ACISP.

[26]  Oded Goldreich,et al.  A randomized protocol for signing contracts , 1985, CACM.

[27]  Giuseppe Ateniese,et al.  Efficient verifiable encryption (and fair exchange) of digital signatures , 1999, CCS '99.

[28]  Robert H. Deng,et al.  Some Remarks on a Fair Exchange Protocol , 2000, Public Key Cryptography.

[29]  Olivier Markowitch,et al.  A Multi-Party Non-Repudiation Protocol , 2000, SEC.

[30]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[31]  Moni Naor,et al.  Nonmalleable Cryptography , 2000, SIAM Rev..

[32]  Silvio Micali,et al.  A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks , 1988, SIAM J. Comput..

[33]  Edwin K. P. Chong,et al.  Constructing fair-exchange protocols for E-commerce via distributed computation of RSA signatures , 2003, PODC '03.

[34]  Jean-François Raskin,et al.  A Game-based Verification of Non-repudiation and Fair Exchange Protocols , 2001, J. Comput. Secur..

[35]  Jean-Jacques Quisquater,et al.  Cryptanalysis of a Verifiably Committed Signature Scheme Based on GPS and RSA , 2004, ISC.

[36]  Colin Boyd,et al.  Off-Line Fair Payment Protocols Using Convertible Signatures , 1998, ASIACRYPT.

[37]  Matthias Schunter,et al.  Optimistic fair exchange , 2000 .

[38]  Silvio Micali,et al.  A fair protocol for signing contracts , 1990, IEEE Trans. Inf. Theory.

[39]  N. Asokan,et al.  Optimistic fair exchange of digital signatures , 1998, IEEE Journal on Selected Areas in Communications.

[40]  Olivier Markowitch,et al.  Probabilistic Non-Repudiation without Trusted Third Party , 1999 .

[41]  Javier López,et al.  A Multi-Party Non-Repudiation Protocol for Exchange of Different Messages , 2003, SEC.

[42]  Ivan Damgård,et al.  Practical and provably secure release of a secret and exchange of signatures , 1994, Journal of Cryptology.

[43]  Jianying Zhou,et al.  Analysis and Improvement of Micali's Fair Contract Signing Protocol , 2004, ACISP.

[44]  N. Asokan,et al.  Optimistic protocols for fair exchange , 1997, CCS '97.

[45]  Feng Bao Colluding Attacks to a Payment Protocol and Two Signature Exchange Schemes , 2004, ASIACRYPT.

[46]  Jianying Zhou,et al.  On the Security of a Certified E-Mail Scheme , 2004, INDOCRYPT.

[47]  Victor Shoup,et al.  OAEP Reconsidered , 2001, CRYPTO.

[48]  Jianying Zhou,et al.  Some common attacks against certified email protocols and the countermeasures , 2006, Comput. Commun..

[49]  Olivier Markowitch,et al.  Optimistic Fair Exchange with Transparent Signature Recovery , 2002, Financial Cryptography.

[50]  Robert H. Deng,et al.  Practical protocols for certified electronic mail , 1996, Journal of Network and Systems Management.

[51]  Chih-Hung Wang,et al.  Untraceable Fair Network Payment Protocols with Off-Line TTP , 2003, ASIACRYPT.

[52]  Ronald Cramer,et al.  A Practical Public Key Cryptosystem Provably Secure Against Adaptive Chosen Ciphertext Attack , 1998, CRYPTO.

[53]  Tom Coffey,et al.  Non-repudiation with mandatory proof of receipt , 1996, CCRV.

[54]  Dieter Gollmann,et al.  An efficient non-repudiation protocol , 1997, Proceedings 10th Computer Security Foundations Workshop.

[55]  Carsten Rudolph,et al.  Security Analysis of (Un-) Fair Non-repudiation Protocols , 2002, FASec.

[56]  Guilin Wang,et al.  Generic Fair Non-Repudiation Protocols with Transparent Off-line TTP , 2005, IWAP.