Blind sales in electronic commerce

We start with the usual paradigm in electronic commerce: a consumer who wants to buy from a merchant. However, both parties wish to enjoy maximal privacy. In addition to remaining anonymous, the consumer wants to hide her browsing pattern and even the identification of the product she may decide to buy. Nevertheless, she wants to be able to negotiate the price, pay, receive the product and even enjoy maintenance on it. On the other hand, the merchant wants to leak as little information as possible on his catalogue for fear that he might in fact be dealing with a hostile competitor. For this purpose, we introduce the Blind Customer Buying Behaviour model, which adds confidentiality to the standard Customer Buying Behaviour model. In this paper, we concentrate on blind catalogue browsing.

[1]  Moni Naor,et al.  Efficient oblivious transfer protocols , 2001, SODA '01.

[2]  Michael O. Rabin,et al.  How To Exchange Secrets with Oblivious Transfer , 2005, IACR Cryptol. ePrint Arch..

[3]  Yuval Ishai,et al.  Priced Oblivious Transfer: How to Sell Digital Goods , 2001, EUROCRYPT.

[4]  Robert H. Deng,et al.  An Efficient and Practical Scheme for Privacy Protection in the E-Commerce of Digital Goods , 2000, ICISC.

[5]  Ueli Maurer,et al.  The Relationship Between Breaking the Diffie-Hellman Protocol and Computing Discrete Logarithms , 1999, SIAM J. Comput..

[6]  Andrew Chi-Chih Yao,et al.  Protocols for secure computations , 1982, FOCS 1982.

[7]  Douglas R. Stinson,et al.  Cryptography: Theory and Practice , 1995 .

[8]  Yuval Ishai,et al.  Protecting data privacy in private information retrieval schemes , 1998, STOC '98.

[9]  Christian Tobias Practical Oblivious Transfer Protocols , 2002, Information Hiding.

[10]  Rafail Ostrovsky,et al.  Private information storage (extended abstract) , 1997, STOC '97.

[11]  Pattie Maes,et al.  Agent-mediated Electronic Commerce : A Survey , 1998 .

[12]  E. Turban,et al.  Electronic Commerce: A Managerial Perspective , 1999 .

[13]  Yan-Cheng Chang,et al.  Single Database Private Information Retrieval with Logarithmic Communication , 2004, ACISP.

[14]  Gilles Brassard,et al.  All-or-Nothing Disclosure of Secrets , 1986, CRYPTO.

[15]  Sean W. Smith,et al.  Practical server privacy with secure coprocessors , 2001, IBM Syst. J..

[16]  John Langford,et al.  Telling humans and computers apart automatically , 2004, CACM.

[17]  Markus Jakobsson,et al.  Security of Signed ElGamal Encryption , 2000, ASIACRYPT.

[18]  Moni Naor,et al.  Oblivious transfer and polynomial evaluation , 1999, STOC '99.

[19]  Rafail Ostrovsky,et al.  Private Information Storage , 1996, IACR Cryptol. ePrint Arch..

[20]  Joe Kilian,et al.  Founding crytpography on oblivious transfer , 1988, STOC '88.

[21]  Niv Gilboa,et al.  Computationally private information retrieval (extended abstract) , 1997, STOC '97.

[22]  Rafail Ostrovsky,et al.  One-Way Trapdoor Permutations Are Sufficient for Non-trivial Single-Server Private Information Retrieval , 2000, EUROCRYPT.

[23]  A. Yao,et al.  Fair exchange with a semi-trusted third party (extended abstract) , 1997, CCS '97.

[24]  Taher El Gamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, IEEE Trans. Inf. Theory.

[25]  Ralph C. Merkle,et al.  Secure communications over insecure channels , 1978, CACM.

[26]  Rafail Ostrovsky,et al.  Replication is not needed: single database, computationally-private information retrieval , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.

[27]  Johann-Christoph Freytag,et al.  Almost Optimal Private Information Retrieval , 2002, Privacy Enhancing Technologies.

[28]  Stephen Wiesner,et al.  Conjugate coding , 1983, SIGA.

[29]  Eyal Kushilevitz,et al.  Private information retrieval , 1998, JACM.

[30]  Oded Goldreich,et al.  A randomized protocol for signing contracts , 1985, CACM.

[31]  Reine Lundin Anonymous web surfing , 2003 .

[32]  Silvio Micali,et al.  Computationally Private Information Retrieval with Polylogarithmic Communication , 1999, EUROCRYPT.

[33]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[34]  Fabrice Boudot,et al.  Efficient Proofs that a Committed Number Lies in an Interval , 2000, EUROCRYPT.

[35]  David Chaum,et al.  Security without identification: transaction systems to make big brother obsolete , 1985, CACM.

[36]  Tal Malkin,et al.  A study of secure database access and general two-party computation , 2000 .

[37]  Moni Naor,et al.  Oblivious Transfer with Adaptive Queries , 1999, CRYPTO.

[38]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[39]  Claude Crépeau,et al.  Equivalence Between Two Flavours of Oblivious Transfers , 1987, CRYPTO.