The Delivery and Evidences Layer

Evidences of delivery are essential for resolving (and avoiding) disputes on delivery of messages, in classical as well as electronic commerce. We present the first rigorous specifications and provably-secure implementation, for a communication layer providing time-stamped evidences for the message delivery process. This improves on existing standards for evidences (‘non-repudiation’) services, based on informal specifications and unproven designs. Our work also improves on the large body of analytical works on tasks related to evidences of delivery, such as certified mail/delivery protocols and fair exchange (of signatures). We improve by addressing practical needs and scenarios, using realistic synchronization and communication assumptions, supporting time-outs and failures, and providing well-defined interface to the higher-layer protocols (application). Furthermore, we use the layered specifications framework, allowing provably-secure use of our protocol, with lower and higher layer protocols, with complete re-use of our analysis (theorems).

[1]  Tal Rabin,et al.  On the Security of Joint Signature and Encryption , 2002, EUROCRYPT.

[2]  Amir Herzberg,et al.  Layered Specifications Framework for Analysis of Secure Protocols , 2006 .

[3]  Amir Herzberg,et al.  On Secure Orders in the Presence of Faults , 2006, SCN.

[4]  Silvio Micali,et al.  Simple and fast optimistic protocols for fair electronic exchange , 2003, PODC '03.

[5]  Birgit Pfitzmann,et al.  SEMPER - Secure Electronic Marketplace for Europe , 2000, Lecture Notes in Computer Science.

[6]  Jianying Zhou,et al.  An Intensive Survey of Non-Repudiation Protocols , 2002 .

[7]  Ning Zhang,et al.  Non-Repudiation and Fairness in Electronic Data Exchange , 2003, ICEIS.

[8]  Oded Goldreich,et al.  A randomized protocol for signing contracts , 1985, CACM.

[9]  Juan A. Garay,et al.  Timed Fair Exchange of Standard Signatures: [Extended Abstract] , 2003, Financial Cryptography.

[10]  Olivier Markowitch,et al.  An Optimistic Non-repudiation Protocol with Transparent Trusted Third Party , 2001, ISC.

[11]  Edwin K. P. Chong,et al.  Constructing fair-exchange protocols for E-commerce via distributed computation of RSA signatures , 2003, PODC '03.

[12]  Els Van Herreweghen Non-repudiation in SET: Open Issues , 2000, Financial Cryptography.

[13]  Olivier Markowitch,et al.  Optimistic Fair Exchange with Transparent Signature Recovery , 2002, Financial Cryptography.

[14]  Juan A. Garay,et al.  Timed Fair Exchange of Standard Signatures , 2003, IACR Cryptology ePrint Archive.

[15]  Kenneth G. Paterson,et al.  Cryptography in Theory and Practice: The Case of Encryption in IPsec , 2006, EUROCRYPT.

[16]  Dieter Gollmann,et al.  Observations on Non-repudiation , 1996, ASIACRYPT.

[17]  Birgit Pfitzmann,et al.  Provably Secure Certified Mail , 2000 .

[18]  N. Asokan,et al.  Optimistic fair exchange of digital signatures , 1998, IEEE Journal on Selected Areas in Communications.

[19]  Carlisle M. Adams,et al.  Internet X.509 Public Key Infrastructure Time-Stamp Protocol (TSP) , 2001, RFC.

[20]  Jianying Zhou Non-Repudiation in Electronic Commerce , 2002, DEXA Workshops.

[21]  Hugo Krawczyk,et al.  Relaxing Chosen-Ciphertext Security , 2003, CRYPTO.

[22]  N. Asokan,et al.  Asynchronous protocols for optimistic fair exchange , 1998, Proceedings. 1998 IEEE Symposium on Security and Privacy (Cat. No.98CB36186).

[23]  N. Asokan,et al.  Optimistic protocols for fair exchange , 1997, CCS '97.

[24]  Amir Herzberg,et al.  Layered Architecture for Secure E-Commerce Applications , 2006, SECRYPT.