Certified e-mail delivery (CEMD) has become one of the basic requirement in performing business transactions over the Internet securely. How to construct fair protocols for certified e-mail delivery based on the RSA cryptosystem is of great interest.

Recently, Nenadic etc. proposed a novel RSA-based method for the verifiableand recoverable encrypted signature (VRES), and utilized it to construct a security protocol for certified e-mail delivery, which are claimed to provide strong fairness to ensure that the recipient receives the e-mail if and only if the sender receives the receipt. However, as a building block, their RSA-based VRES is totally breakable. This papers shows that an adversary can generate a valid VRES which cannot be recovered by the designated TTP, and hence the proposed certified e-mail delivery protocol cannot guarantee the required fairness.

Based on probabilistic signatures, we proposed a novel fair CEMD protocol which works with the RSA cryptosystem and guarantees strong fairness. Moreover, there is no need for a registration phase between a party and TTP, and the proposed protocol is more computation and communication efficient.


Fair exchange RSA E-mail Security protocol 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Asokan, N., Shoup, V., Waidner, M.: Optimistic fair exchange of digital signatures. IEEE Journal on Selected Areas in Communications 18(4), 593–610 (2000)CrossRefGoogle Scholar
  2. 2.
    Ateniese, G.: Verifiable encryption of digital signatures and applications. ACM Transactions on Information and System Security 7,1, 1–20 (2004)Google Scholar
  3. 3.
    Ateniese, G., Nita-Rotaru, C.: Stateless-recipient certified E-mail system based on verifiable encryption. In: Preneel, B. (ed.) CT-RSA 2002. LNCS, vol. 2271, pp. 182–199. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  4. 4.
    Bao, F., Deng, R., Mao, W.: Efficient and practical fair exchange protocols with off-line TTP. In: Proc. IEEE Symposium on Security and Privacy, pp. 77–85 (1998)Google Scholar
  5. 5.
    Boyd, C., Foo, E.: Off-line fair payment protocols using convertible signatures. In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998. LNCS, vol. 1514, pp. 271–285. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  6. 6.
    Camenisch, J.L., Michels, M.: Separability and efficiency for generic group signature schemes. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 106–121. Springer, Heidelberg (1999)Google Scholar
  7. 7.
    Chen, L.: Efficient fair exchange with verifiable confirmation of signatures. In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998. LNCS, vol. 1514, pp. 286–299. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  8. 8.
    Deng, R.H., Gong, L., Lazar, A.A., Wang, W.: Practical Protocols for Certified Electronic Mail. J. of Network and System Management 4(3), 279–297 (1996)CrossRefGoogle Scholar
  9. 9.
    Even, S., Yacobi, Y.: Relations among public key signature schemes. Technical Report 175, Computer Science Dept., Technion, Israel (1980)Google Scholar
  10. 10.
    Franklin, M., Reiter, M.: Fair exchange with a semi-trusted third party. In: Proc. ACM conference on computer and communications security, Zurich, pp. 1–5 (1997)Google Scholar
  11. 11.
    Garay, J.A., Jakobsson, M., MacKenzie, P.D.: Abuse-free optimistic contract signing. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 449–466. Springer, Heidelberg (1999)Google Scholar
  12. 12.
    Schneier, B., Riordan, J.: A certified E-mail protocol. In: Proc. 13th Computer Security Applications Conference, pp. 347–352. ACM Press, New York (1998)Google Scholar
  13. 13.
    Ray, I., Ray, I.: An optimistic fair exchange E-commerce protocol with automated dispute resolution. In: Bauknecht, K., Madria, S.K., Pernul, G. (eds.) EC-Web 2000. LNCS, vol. 1875, pp. 84–93. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  14. 14.
    Nenadic, A., Zhang, N., Barton, S.: Fair certified E-mail delivery. In: Proc. ACM Symposium on Applied Computing (SAC 2004) - Computer Security Track, Nicosia, Cyprus, pp. 391–396 (2004)Google Scholar
  15. 15.
    Nenadic, A., Zhang, N., Barton, S.: FIDES-A middleware E-commerce security solution. In: Proc. 3rd European Conference on Information Warfare and Security (ECIW 2004), London, UK, pp. 295–304 (2004)Google Scholar
  16. 16.
    S/MIME. Secure Multipurpose Internet Mail Extensions, Available at,
  17. 17.
    OpenPGP, An Open Specification for Pretty Good Privacy, Available at,

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Zhenfeng Zhang
    • 1
  • Dengguo Feng
    • 1
  1. 1.State Key Laboratory of Information Security, Institute of SoftwareChinese Academy of SciencesBeijingP.R. China

Personalised recommendations