Abstract
Electronic transactions with commercial values between two business parties may want to be legally bound. Digital signature is an important security mechanism to provide evidence regarding the status of a transaction. However, evidence solely based on digital signatures may not enforce strong non-repudiation. Additional mechanisms are required to make digital signatures as valid non-repudiation evidence in the settlement of possible disputes. The conventional approach is to invoke a time-stamping service from a trusted third party. But it may become hard to deploy B2B applications in which no on-line third party is involved. In this paper, we present an efficient mechanism for maintaining the validity of digital signatures in direct B2B applications without the involvement of a trusted third party.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
C. Admas, P. Cain, D. Pinkas, and R. Zuccherato. “Internet X.509 public key infrastructure time-stamp protocol (TSP)”. RFC 3161, August, 2001.
M. Bellare and S. Miner. “A forward-secure digital signature scheme”. Lecture Notes in Computer Science 1666, Advances in Cryptology: Proceedings of Crypto’99, pages 431–438, Santa Barbara, California, August 1999.
W. Ford and M. Baum. “Secure electronic commerce-Building the infrastructure for digital signatures and encryption”. New Jersey: Prentice Hall, 1997.
R. Housley, W. Ford, W. Polk, and D. Solo. “Internet X.509 public key infrastructure certificate and CRLprofile”. RFC 2459, January 1999.
ISO/IEC 13888-1. “Information technology-Security techniques-Non-repudiation-Part 1: General”. ISO/IEC, 1997.
ISO/IEC 13888-3. “Information technology-Security techniques-Non-repudiation-Part 3: Mechanisms using asymmetric techniques”. ISO/IEC, 1997.
ISO/IEC 9796. “Information technology — Security techniques-Digital signature scheme giving message recovery”. ISO/IEC, 1991.
ITU-T. “Information technology-Open systems interconnection-The directory: Public-key and attribute certificate frameworks”. ITU-T Recommendation X.509(V4), 2000.
H. Krawczyk. “Simple forward-secure signatures from any signature scheme”. Proceedings of 7th ACM Conference on Computer and Communications Security, pages 108–115, Athens, Greece, November 2000.
NIST FIPS PUB 186. “Digital signature standard”. National Institute of Standards and Technology, May 1994.
B. Schneier. “Applied cryptography-Protocols, algorithms, and source code in ”. New York: John Wiley & Sons, 1996 (second edition).
J. Zhou and K. Y. Lam. “Securing digital signatures for non-repudiation”. Computer Communications, 22(8):710–716, Elsevier, May 1999.
J. Zhou and R. H. Deng. “On the validity of digital signatures”. Computer Communication Review, 30(2):29–34, ACM Press, April 2000.
J. Zhou. “Non-repudiation in electronic commerce”. Computer Security Series, Artech House, August 2001.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Zhou, J. (2002). Maintaining the Validity of Digital Signatures in B2B Applications. In: Batten, L., Seberry, J. (eds) Information Security and Privacy. ACISP 2002. Lecture Notes in Computer Science, vol 2384. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45450-0_24
Download citation
DOI: https://doi.org/10.1007/3-540-45450-0_24
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-43861-8
Online ISBN: 978-3-540-45450-2
eBook Packages: Springer Book Archive