On the security of fair non-repudiation protocols

We analyzed two non-repudiation protocols and found some new attacks on the fairness and termination property of these protocols. Our attacks are enabled by several inherent design weaknesses, which also apply to other non-repudiation protocols. To prevent these attacks, we propose generic countermeasures that considerably strengthen the design and implementation of non-repudiation protocols. The application of these countermeasures is finally shown by our construction of a new fair non-repudiation protocol.

[1]  Martín Abadi,et al.  Prudent Engineering Practice for Cryptographic Protocols , 1994, IEEE Trans. Software Eng..

[2]  Dieter Gollmann,et al.  A fair non-repudiation protocol , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[3]  Jianying Zhou Achieving Fair Nonrepudiation in Electronic Transactions , 2001, J. Organ. Comput. Electron. Commer..

[4]  Olivier Markowitch,et al.  Optimistic non-repudiable information exchange , 2000 .

[5]  N. Asokan,et al.  Optimistic fair exchange of digital signatures , 1998, IEEE Journal on Selected Areas in Communications.

[6]  Olivier Markowitch,et al.  Optimistic Fair Exchange with Transparent Signature Recovery , 2002, Financial Cryptography.

[7]  Carsten Rudolph,et al.  Security Analysis of (Un-) Fair Non-repudiation Protocols , 2002, FASec.

[8]  Robert H. Deng,et al.  Practical protocols for certified electronic mail , 1996, Journal of Network and Systems Management.

[9]  Jean-François Raskin,et al.  A game-based verification of non-repudiation and fair exchange protocols , 2003 .

[10]  Olivier Markowitch,et al.  Fair multi-party non-repudiation protocols , 2003, International Journal of Information Security.

[11]  Cristina Nita-Rotaru,et al.  Stateless-Recipient Certified E-Mail System Based on Verifiable Encryption , 2002, CT-RSA.

[12]  Panagiotis Louridas Some guidelines for non-repudiation protocols , 2000, CCRV.

[13]  Robert H. Deng,et al.  Some Remarks on a Fair Exchange Protocol , 2000, Public Key Cryptography.

[14]  Olivier Markowitch,et al.  Selective Receipt in Certified E-mail , 2001, INDOCRYPT.

[15]  Josep Lluís Ferrer-Gomila,et al.  An Efficient Protocol for Certified Electronic Mail , 2000, ISW.

[16]  N. Asokan,et al.  Optimistic protocols for fair exchange , 1997, CCS '97.

[17]  Olivier Markowitch,et al.  A Multi-party Optimistic Non-repudiation Protocol , 2000, ICISC.

[18]  Tom Coffey,et al.  Non-repudiation with mandatory proof of receipt , 1996, CCRV.

[19]  Jianying Zhou,et al.  An intensive survey of fair non-repudiation protocols , 2002, Comput. Commun..

[20]  Nadarajah Asokan,et al.  Fairness in electronic commerce , 1998, Research report / RZ / IBM / IBM Research Division / Zürich Research Laboratory.

[21]  Robert H. Deng,et al.  Evolution of Fair Non-repudiation with TTP , 1999, ACISP.

[22]  Giuseppe Ateniese,et al.  Efficient verifiable encryption (and fair exchange) of digital signatures , 1999, CCS '99.

[23]  Colin Boyd,et al.  Exploring Fair Exchange Protocols Using Specification Animation , 2000, ISW.

[24]  Olivier Markowitch,et al.  An Optimistic Non-repudiation Protocol with Transparent Trusted Third Party , 2001, ISC.

[25]  N. Asokan,et al.  Asynchronous protocols for optimistic fair exchange , 1998, Proceedings. 1998 IEEE Symposium on Security and Privacy (Cat. No.98CB36186).

[26]  Colin Boyd,et al.  Off-Line Fair Payment Protocols Using Convertible Signatures , 1998, ASIACRYPT.