An anonymous and failure resilient fair-exchange e-commerce protocol

In an electronic commerce environment, the merchant and the customer are unlikely to trust each other. This problem has motivated researchers to propose fair-exchange protocols based on using an on-line trusted third party; the third party receives the items being exchanged from the customer and the merchant and then forwards it to the other party in a fair manner. However, the third party is a source of bottleneck for these protocols. Not only is the performance of the third party an issue, but also its vulnerability to denial of service attacks. In this paper, we propose an optimistic protocol in which the trusted third party is invoked only if any party misbehaves or prematurely aborts. The protocol achieves fairness and dispute resolution is performed automatically within the scope of the protocol. We show how we can distribute the function of the trusted third party across several third parties; this increases the robustness of the protocol. Additionally, we show how by adopting a payment mechanism based on electronic cash, we provide anonymity to the customer's transactions.

[1]  Robert H. Deng,et al.  Practical protocols for certified electronic mail , 1996, Journal of Network and Systems Management.

[2]  Indrajit Ray,et al.  An Optimistic Fair Exchange E-commerce Protocol with Automated Dispute Resolution , 2000, EC-Web.

[3]  David Chaum,et al.  Advances in Cryptology: Proceedings Of Crypto 83 , 2012 .

[4]  David Chaum,et al.  Blind Signatures for Untraceable Payments , 1982, CRYPTO.

[5]  Dieter Gollmann,et al.  A fair non-repudiation protocol , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[6]  Robert H. Deng,et al.  Efficient and practical fair exchange protocols with off-line TTP , 1998, Proceedings. 1998 IEEE Symposium on Security and Privacy (Cat. No.98CB36186).

[7]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[8]  J. Doug Tygar,et al.  Atomicity in electronic commerce , 1996, NTWK.

[9]  Manuel Blum,et al.  How to exchange (secret) keys , 1983, TOCS.

[10]  Jeannette M. Wing,et al.  Model checking electronic commerce protocols , 1996 .

[11]  E. Wright,et al.  An Introduction to the Theory of Numbers , 1939 .

[12]  Fred B. Schneider,et al.  COCA: a secure distributed online certification authority , 2002 .

[13]  Craig A. N. Soules,et al.  Survivable storage systems , 2001, Proceedings DARPA Information Survivability Conference and Exposition II. DISCEX'01.

[14]  Silvio Micali,et al.  A fair protocol for signing contracts , 1990, IEEE Trans. Inf. Theory.

[15]  E. T. An Introduction to the Theory of Numbers , 1946, Nature.

[16]  N. Asokan,et al.  Optimistic fair exchange of digital signatures , 1998, IEEE Journal on Selected Areas in Communications.

[17]  Michael K. Reiter,et al.  Fair Exchange with a Semi-Trusted Third Party (extended abstract) , 1997, CCS.

[18]  Victor R. Lesser,et al.  Advantages of a Leveled Commitment Contracting Protocol , 1996, AAAI/IAAI, Vol. 1.

[19]  David Chaum,et al.  Security without identification: transaction systems to make big brother obsolete , 1985, CACM.

[20]  Oded Goldreich,et al.  A randomized protocol for signing contracts , 1985, CACM.

[21]  Tatsuaki Okamoto,et al.  Universal Electronic Cash , 1991, CRYPTO.

[22]  Robbert van Renesse,et al.  COCA: a secure distributed online certification authority , 2002, Foundations of Intrusion Tolerant Systems, 2003 [Organically Assured and Survivable Information Systems].

[23]  Amos Fiat,et al.  Untraceable Electronic Cash , 1990, CRYPTO.

[24]  Benjamin Cox,et al.  NetBill Security and Transaction Protocol , 1995, USENIX Workshop on Electronic Commerce.

[25]  N. Asokan,et al.  Optimistic protocols for fair exchange , 1997, CCS '97.

[26]  William Stallings,et al.  Cryptography and Network Security: Principles and Practice , 1998 .