Modern fair exchange protocol design: Dealing with complex digital items

  • Fabio Piva UNICAMP
  • Ricardo Dahab UNICAMP

Resumo


Fair exchange protocols are essential for ensuring fairness (i.e., atomicity) in exchanges concerning digital items between parties communicating through asynchronous channels. Although often regarded as generic bit streams, such items are usually complex artifacts that carry information relevant to a particular context – which may be of semantic, perceptual, legal, financial or functional nature, for instance – and reflect specific aspects that might interfere with the protocol designed for exchanging them. In this work we approach fair exchange protocol design by taking into account the intrinsic characteristics of digital items, as opposed to relying on the conventional generic bit stream assumption. Our discussion focuses on how several item properties may affect the exchange of digital items.

Referências

Abadi, M. and Needham, R. (1996). Prudent engineering practice for cryptographic protocols. IEEE Transactions on Software Engineering, 22(1):6–15.

Amazon Legal Department (2005). Amazon MP3 Music Service: Terms of Use.

Asokan, A. (1998). Fairness in Electronic Commerce. PhD thesis, University of Waterloo.

Asokan, N., Janson, P., Steiner, M., and Waidner, M. (1997). The state of the art in electronic payment systems. Computer, 30(9):28–35.

Asokan, N., Shoup, V., and Waidner, M. (2000). Optimistic fair exchange of digital signatures. IEEE Journal on Selected Areas in Communications, 18(4):593–610.

Ateniese, G. (1999). Efficient verifiable encryption (and fair exchange) of digital signatures. In CCS ’99: Proceedings of the 6th ACM conference on Computer and communications security, pages 138–146, New York, NY, USA. ACM.

Avoine, G. and Vaudenay, S. (2004). Optimistic fair exchange based on publicly verifiable secret sharing. In Information Security and Privacy: 9th Australasian Conference, ACISP 2004, volume 3108 of Lecture Notes in Computer Science, pages 74–85.

Bottoni, A., Dini, G., and Stabell-Kulø, T. (2007). A methodology for verification of digital items in fair exchange protocols with active trustee. Electronic Commerce Research, 7(2):143–164.

Garay, J. A., Jakobsson, M., and MacKenzie, P. D. (1999). Abuse-free optimistic contract signing. In Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology, CRYPTO ’99, pages 449–466, London, UK, UK. SpringerVerlag.

Louridas, P. (2000). Some guidelines for non-repudiation protocols. SIGCOMM Comput. Commun. Rev., 30(5):29–38.

Markowitch, O. and Kremer, S. (2001). An optimistic non-repudiation protocol with transparent trusted third party. In Proceedings of the 4th International Conference on Information Security, ISC ’01, pages 363–378. Springer-Verlag.

Markowitch, O. and Saeednia, S. (2002). Optimistic Fair Exchange with Transparent Signature Recovery. pages 339–350.

Micali, S. (2003). Simple and fast optimistic protocols for fair electronic exchange. In PODC ’03: Proceedings of the twenty-second annual symposium on Principles of distributed computing, pages 12–19, New York, NY, USA. ACM Press.

Nenadic, A., Zhang, N., Shi, Q., and Goble, C. (2005). DSA-Based Verifiable and Recoverable Encryption of Signatures and Its Application in Certified E-Goods Delivery. In IEEE International Conference on e-Technology, e-Commerce and e-Service, pages 94–99. IEEE Computer Society.

O’Mahony, D., Tewari, H., and Peirce, M. (1997). Electronic Payment Systems. Artech House, Inc., Norwood, MA, USA, 1st edition.

Pagnia, H. and Gärtner, F. C. (1999). On the impossibility of fair exchange without a trusted third party. Technical Report TUD-BS-1999-02, Darmstadt, Germany.

Pagnia, H., Vogt, H., and Gaertner, F. C. (2003). Fair Exchange. The Computer Journal, 46(1):55.

Payeras-Capellà, M., Ferrer-Gomila, J. L., and Huguet-Rotger, L. (2006). Achieving fairness and timeliness in a previous electronic contract signing protocol. In ARES, pages 717–722. IEEE Computer Society.

Piva, F. and Dahab, R. (2013). E-commerce of digital items and the problem of item validation: introducing the concept of reversible degradation. Applicable Algebra in Engineering, Communication and Computing, pages 1–32.

Piva, F. R. and Dahab, R. (2011). E-commerce and fair exchange: The problem of item validation. In International Conference on Security and Cryptography (SECRYPT), Seville, Spain. SciTePress Digital Library.

Piva, F. R., Monteiro, J. R. M., and Dahab, R. (2009). Regarding timeliness in the context of fair exchange. In Network and Service Security, 2009. N2S ’09. International Conference on, pages 1–6.

Ray, I. and Ray, I. (2000). An optimistic fair exchange e-commerce protocol with automated dispute resolution. In EC-Web, pages 84–93.

Ray, I. and Ray, I. (2001). An anonymous fair exchange e-commerce protocol. In Proceedings of the 1st International Workshop on Internet Computing and E-Commerce.

Vogt, H. (2003). Asynchronous optimistic fair exchange based on revocable items. In Financial Cryptography, pages 208–222.

Wang, H. and Guo, H. (2004). Fair payment protocols for e-commerce. IFIP International Federation for Information Processing.

Woo, T. Y. C. and Lam, S. S. (1994). A lesson on authentication protocol design. Operating Systems Review, 28(3):24–37.

Zhou, J., Deng, R. H., and Bao, F. (1999). Evolution of fair non-repudiation with ttp. In ACISP ’99: Proceedings of the 4th Australasian Conference on Information Security and Privacy, pages 258–269, London, UK. Springer-Verlag.

Zhou, J., Deng, R. H., and Bao, F. (2000). Some remarks on a fair exchange protocol. In Proceedings of the Third International Workshop on Practice and Theory in Public Key Cryptography: Public Key Cryptography, PKC ’00, pages 46–57, London, UK, UK. Springer-Verlag.

Zuo, M. and Li, J. (2005). Constructing fair-exchange p2p file market. In Proceedings of the 4th International Conference on Grid and Cooperative Computing, pages 941–946.
Publicado
11/11/2013
PIVA, Fabio; DAHAB, Ricardo. Modern fair exchange protocol design: Dealing with complex digital items. In: SIMPÓSIO BRASILEIRO DE SEGURANÇA DA INFORMAÇÃO E DE SISTEMAS COMPUTACIONAIS (SBSEG), 13. , 2013, Manaus. Anais [...]. Porto Alegre: Sociedade Brasileira de Computação, 2013 . p. 309-322. DOI: https://doi.org/10.5753/sbseg.2013.19554.

##plugins.generic.recommendByAuthor.heading##

1 2 3 > >>