Optimistic Fair Exchange Protocol for E-Commerce

Proceedings of the 15th International Joint Conference on e-Business and Telecommunications, 2018

In this paper, we define the concept of complex transaction as a combination in any form of aggregate and optional transactions. Even if there are many multi-party fair exchange protocols with applications in buying digital goods, digital signature of contracts and certified e-mail, no one can be used to solve our problem: complex transactions where a customer wants to buy several physical products from different merchants, providing fair exchange while preserving atomicity. In this paper, we propose the first fair exchange e-commerce protocol for complex transactions in that the customer wants to buy several different physical products from different merchants. Our protocol uses as building block the fair exchange internet payment protocol (FEIPS) for physical products that considers only one customer and one merchant. Also, our protocol provides effectiveness, timeliness, non-repudiation, integrity and confidentiality of data exchanged between the parties.

22nd International Conference on Advanced Information Networking and Applications - Workshops (aina workshops 2008), 2008

In this paper we propose a new class of Fair Exchange Signature Scheme(FESS) that allows two players to exchange digital signatures in a fair way. Our signature scheme is a general idea and has various implementations on most of the existing signature schemes, thus it may also be considered as an interesting extension of concurrent signature presented in EUROCRYPT 2004 that is constructed from ring signatures. In our scheme, two unwakened signatures signed separately by two participants can be verified easily by the other player, but it would not go into effect until an extra piece of commitment keystone is released by one of the players. Once the keystone revealed, two signatures are both aroused and become effective. A key feature of the proposed scheme is that two players can exchange digital signatures simultaneously through a secret commitment keystone without involvement of any Trusted Third Party. Moreover, the efficiency of our signature scheme is higher than that of concurrent signature.

IEE Proceedings - Communications, 2005

A protocol is presented for the fair digital-signature exchange commonly seen in e-commerce systems. The protocol incorporates a novel approach for the recovery of a signature with the assistance of an offline trusted third party that can impose a penalty on a misbehaving party. This new approach enables the protocol to achieve fairness in a simpler and more efficient manner than other relevant fair exchange protocols, while being able to deter a dishonest party from misbehaving.

2000

In this paper we propose an e-commerce protocol with the following features: (1) ensures true fair exchange, (2) does not require manual dispute resolution in case of unfair behavior by any party, (3) does not require the active involvement of a trusted third party, (4) allows the customer to verify that the product he is about to receive is the one he is paying for, and (5) can be used for the fair exchange of any two digital items.

Lecture Notes in Computer Science, 2010

Recent research has shown that the single-user security of optimistic fair exchange cannot guarantee the multi-user security. This paper investigates the conditions under which the security of optimistic fair exchange in the single-user setting is preserved in the multi-user setting. We first introduce and define a property called "Strong Resolution-Ambiguity". Then we prove that in the certified-key model, an optimistic fair exchange protocol is secure in the multi-user setting if it is secure in the single-user setting and has the property of strong resolution-ambiguity. Finally we provide a new construction of optimistic fair exchange with strong resolution-ambiguity. The new protocol is setup-free, stand-alone and multi-user secure without random oracles.

IEEE Transactions on Information Forensics and Security, 2010

A fair contract signing protocol allows two potentially mistrusted parities to exchange their commitments (i.e., digital signatures) to an agreed contract over the Internet in a fair way, so that either each of them obtains the other's signature, or neither party does. Based on the RSA signature scheme, a new digital contract signing protocol is proposed in this paper. Like the existing RSA-based solutions for the same problem, our protocol is not only fair, but also optimistic, since the third trusted party is involved only in the situations where one party is cheating or the communication channel is interrupted. Furthermore, the proposed protocol satisfies a new property, i.e., it is abuse-free. That is, if the protocol is executed unsuccessfully, none of the two parties can show the validity of intermediate results to others. Technical details are provided to analyze the security and performance of the proposed protocol. In summary, we present the first abuse-free fair contract signing protocol based on the RSA signature, and show that it is both secure and efficient.

Lecture Notes in Computer Science, 2014

How to sign an electronic contract online between two parties (say Alice and Bob) in a fair manner is an interesting problem, and has been studied for a long time. Optimistic Fair Exchange (OFE) is an efficient solution to this problem, in which a semi-trusted third party named arbitrator is called in to resolve a dispute if there is one during an exchange between Alice and Bob. Recently, several extensions of OFE, such as Ambiguous OFE (AOFE) and Perfect AOFE (PAOFE), have been proposed to protect the privacy of the exchanging parties. These variants prevent any outsider including the arbitrator from telling which parties are involved in the exchange of signatures before the exchange completes.

Decision Support Systems, 2005

In an electronic commerce environment, the merchant and the customer are unlikely to trust each other. This problem has motivated researchers to propose fair-exchange protocols based on using an on-line trusted third party; the third party receives the items being exchanged from the customer and the merchant and then forwards it to the other party in a fair manner. However, the third party is a source of bottleneck for these protocols. Not only is the performance of the third party an issue, but also its vulnerability to denial of service attacks. In this paper, we propose an optimistic protocol in which the trusted third party is invoked only if any party misbehaves or prematurely aborts. The protocol achieves fairness and dispute resolution is performed automatically within the scope of the protocol. We show how we can distribute the function of the trusted third party across several third parties; this increases the robustness of the protocol. Additionally, we show how by adopting a payment mechanism based on electronic cash, we provide anonymity to the customer's transactions. D

IEEE Transactions on Information Forensics and Security, 2000

Optimistic fair exchange (OFE) protocols are useful tools for two participants to fairly exchange items with the aid of a third party who is only involved if needed. A widely accepted requirement is that the third party's involvement in the exchange must be transparent, to protect privacy and avoid bad publicity. At the same time, a dishonest third party would compromise the fairness of the exchange and the third party thus must be responsible for its behaviors. This is achieved in OFE protocols with another property called accountability. It is unfortunate that the accountability has never been formally studied in OFE since its introduction ten years ago. In this paper, we fill these gaps by giving the first complete definition of accountability in OFE where one of the exchanged items is a digital signature and a generic (also the first) design of OFE where transparency and accountability coexist.

2005

Delivering electronic goods over the Internet is one of the e-commerce applications that will proliferate in the coming years. Certified e-goods delivery is a process where valuable e-goods are exchanged for an acknowledgement of their reception. This paper proposes an efficient security protocol for certified e-goods delivery with the following features: (1) it ensures strong fairness for the exchange of e-goods and proof of reception, (2) it ensures nonrepudiation of origin and non-repudiation of receipt for the delivered e-goods, (3) it allows the receiver of e-goods to verify, during the exchange process, that the e-goods to be received are the one he is signing the receipt for, (4) it uses an off-line and transparent semi-trusted third party (STTP) only in cases when disputes arise, (5) it provides the confidentiality protection for the exchanged items from the STTP, and (6) achieves these features with less computational and communicational overheads than related protocols.

2003

In this paper, we propose a new practical fair exchange protocol allowing the exchange of an electronic item against a signature. The protocol is based on the Guillou-Quisquater scheme and assumes the existence of a trusted third party that is involved in the protocol only in the setup phase and when one of the parties does not follow the protocol or some technical problems occur during the execution of the protocol. The interesting feature of the protocol is the low communication and computational costs required by the parties. Moreover, in case of problems during the main protocol, the trusted third party acts transparently.

Contract signing plays a very important role in any business transaction, in particular in situations where the involved parties do not trust each other to some extent already. As electronic commerce is becoming more and more important and popular in the world, it is desirable to have a mechanism that allows two parties to sign a digital contract via the Internet. This requirement is essentially captured by the concept of fairness: At the end of the protocol, either both parties have valid signatures for a contract or neither does, even if one of them tries to cheat or the communication channel is out of order. Existing contract protocols without the property of abuse-freeness is a risk for a honest party, as a possible dishonest party maybe does not really want to sign the contract with her, but only use her willingness to sign to get leverage for another contract. And so the existing contract-signing protocols are not abuse-free. This project proposes a new contractsigning protocol for two mutually distrusted parties. This protocol is based on an RSA multi signature, which is formally proved to be secure. This protocol is fair and optimistic. However, different from all previous RSA-based contractsigning protocol, the proposed protocol is further abuse-free. That is, if the contract-signing protocol is executed unsuccessfully, each of the two parties cannot show the validity of intermediate results generated by the other party to outsiders, during or after the procedure where those intermediate results are output.

Journal of Universal Computer Science 2005 11 175 192, 2005

Delivering electronic goods over the Internet is one of the e-commerce applications that will proliferate in the coming years. Certified e-goods delivery is a process where valuable e-goods are exchanged for an acknowledgement of their reception. This paper proposes an efficient security protocol for certified e-goods delivery with the following features: (1) it ensures strong fairness for the exchange of e-goods and proof of reception, (2) it ensures nonrepudiation of origin and non-repudiation of receipt for the delivered e-goods, (3) it allows the receiver of e-goods to verify, during the exchange process, that the e-goods to be received are the one he is signing the receipt for, (4) it uses an off-line and transparent semi-trusted third party (STTP) only in cases when disputes arise, (5) it provides the confidentiality protection for the exchanged items from the STTP, and (6) achieves these features with less computational and communicational overheads than related protocols.

Proceedings 15th International Parallel and Distributed Processing Symposium. IPDPS 2001

In this paper we propose an e-commerce protocol for trading digital products over the Internet. The novel features of our protocol include: (1) ensuring fair exchange, (2) not requiring manual dispute resolution in case of unfair behavior by any party, (3) assuring each party that the item he is about to receive is indeed the correct one, (4) not requiring the active involvement of a trusted third party unless a problem occurs, and (5) ensuring anonymity for both the customer and the merchant. No existing e-commerce protocol that we know of has all these features.

Lecture Notes in Computer Science, 2003

In this paper we show how to achieve timed fair exchange of digital signatures of standard type. Timed fair exchange (in particular, contract signing) has been considered before, but only for Rabin and RSA signatures of a special kind.