Advertisement

Enforcing Honesty in Fair Exchange Protocols

  • Abdullah M. AlarajEmail author
  • Malcolm Munro
Part of the Advanced Information and Knowledge Processing book series (AI&KP)

Abstract

When buying and selling digital products online both the customer and merchant need to trust each other. However, not all parties are honest and hence a class of exchange protocols has been developed that are called Optimistic Fair Exchange Protocols. This paper surveys the field of Fair Exchange Protocols and then presents a special type of protocol between a customer (C) and a merchant (M) that enforces one of them to be honest. It makes minimal use of a Trusted Third Party (TTP). The protocol has the features that it: (1) only comprises three messages to be exchanged between C and M; (2) guarantees strong fairness for both C and M; (3) allows both parties to be sure of the item that they will receive from the other party; and (4) resolves disputes automatically online.

References

  1. 1.
    Abadi, M., Glew, N., Horne, B., Pinkas, B.: Certified email with a light on-line trusted third party: Design and implementation. In: Proceedings of the 11th International World Wide Web Conference (WWW’02), USA, pp. 387–395. ACM, New York (2002) Google Scholar
  2. 2.
    Alaraj, A., Munro, M.: An e-commerce fair exchange protocol for exchanging digital products and payments. In: Proceedings of the IEEE/ACM ICDIM’2007, France, pp. 248–253 (2007) Google Scholar
  3. 3.
    Alaraj, A., Munro, M.: An efficient fair exchange protocol that enforces the merchant to be honest. In: Proceedings of the IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing 2007, CollaborateCom 2007, USA, pp. 196–202 (2007) Google Scholar
  4. 4.
    Alaraj, A., Munro, M.: An e-commerce fair exchange protocol that enforces the customer to be honest. International Journal of Product Lifecycle Management 3(2/3), 114–131 (2008) CrossRefGoogle Scholar
  5. 5.
    Alaraj, A., Munro, M.: An efficient e-commerce fair exchange protocol that encourages customer and merchant to be honest. In: Proceedings of the 27th International Conference on Computer Safety, Reliability and Security (SafeComp 2008), UK. Lecture Notes in Computer Science, vol. 5219, pp. 193–206. Springer, Berlin (2008) CrossRefGoogle Scholar
  6. 6.
    Asokan, N., Schunter, M., Waidner, M.: Optimistic protocols for fair exchange. In: Proceedings of the 4th ACM Conference on Computer and Communication Security, Switzerland, pp. 8–17 (1997) Google Scholar
  7. 7.
    Asokan, N., Shoup, V., Waidner, M.: Asynchronous protocols for optimistic fair exchange. In: Proceedings of the IEEE Symposium on Research in Security and Privacy, pp. 86–99 (1998) Google Scholar
  8. 8.
    Ateniese, G., de Medeiros, B., Goodrich Tricert, M.: Distributed certified e-mail schemes. In: Proceedings of the ISOC 2000 Network and Distributed System Security Symposium, USA (2000) Google Scholar
  9. 9.
    Ben-Or, M., Goldreich, O., Micali, S., Rivest, R.: A fair protocol for signing contracts. IEEE Transactions on Information Theory 36(1), 40–46 (1990) CrossRefGoogle Scholar
  10. 10.
    Blum, M.: How to exchange (secret) keys. ACM Transactions on Computer Systems 1(2), 175–193 (1983) CrossRefGoogle Scholar
  11. 11.
    Deng, R., Gong, L., Lazar, A., Wang, W.: Practical protocols for certified electronic mail. Journal of Network and Systems Management 4(3), 279–297 (1996) CrossRefGoogle Scholar
  12. 12.
    Devane, S., Chatterjee, M., Phatak, D.: Secure e-commerce protocol for purchase of e-goods—using smart card. In: Proceedings of the 3rd IEEE International Symposium on Information Assurance and Security, IAS 2007, UK, pp. 9–14 (2007) Google Scholar
  13. 13.
    Even, S., Goldreich, O., Lempel, A.: A randomized protocol for signing contracts. Communications of the ACM 28(6), 637–647 (1985) MathSciNetCrossRefGoogle Scholar
  14. 14.
    Ezhilchelvan, P., Shrivastava, S.: A family of trusted third party based fair-exchange protocols. IEEE Transactions on Dependable and Secure Computing 2(4), 273–286 (2005) CrossRefGoogle Scholar
  15. 15.
    Ferguson, N, Schneier, B: Practical Cryptography. Wiley, Indianapolis (2003) Google Scholar
  16. 16.
    Galitsky, B., Kovalerchuk, B.: Analyzing attitude in customer emails: A tool for complaint assessment. In: Proceedings of the SIGIR 2006 Workshop on Directions in Computational Analysis of Stylistics in Text Retrieval, USA, pp. 17–36 (2006) Google Scholar
  17. 17.
    Hörnle, J.: Online dispute resolution in business to consumer e-commerce transactions. Journal of Information, Law and Technology 2002(2) (2002) Google Scholar
  18. 18.
    Jakobsson, M.: Ripping coins for a fair exchange. In: Lecture Notes in Computer Science, vol. 921, pp. 220–230. Springer, Berlin (1995) Google Scholar
  19. 19.
    Ketchpel, S: Transaction protection for information buyers and sellers. In: Proceedings of the Dartmouth Institute for Advanced Graduate Studies, DAGS’95: Electronic Publishing and the Information Superhighway, USA (1995) Google Scholar
  20. 20.
    Kremer, S., Markowitch, O., Zhou, J.: An intensive survey of fair non-repudiation protocols. Computer Communications 25(17), 1606–1621 (2002) CrossRefGoogle Scholar
  21. 21.
    Liu, P., Ning, P., Jajodia, S.: Avoiding loss of fairness owing to process crashes in fair data exchange protocols. In: Proceedings of the International Conference on Dependable Systems and Network, pp. 631–640 (2000) Google Scholar
  22. 22.
    Micali, S.: Simple and fast optimistic protocols for fair electronic exchange. In: Annual ACM Symposium on Principles of Distributed Computing, PODC 2003, pp. 12–19. ACM, New York (2003) Google Scholar
  23. 23.
    Nenadic, A.: A security solution for fair exchange and non-repudiation in e-commerce. PhD Thesis, University of Manchester, UK (2005) Google Scholar
  24. 24.
    Nenadic, A., Zhang, N., Barton, S.: Fair certified email delivery. In: 2004 ACM Symposium on Applied Computing, SAC ’04, Cyprus (2004) Google Scholar
  25. 25.
    Nenadic, A., Zhang, N., Cheetham, B., Goble, C.: RSA-based certified delivery of e-goods using verifiable and recoverable signature encryption. Journal of Universal Computer Science 11(1), 175–192 (2005) Google Scholar
  26. 26.
    Nenadic, A., Zhang, N., Shi, Q.: RSA-based verifiable and recoverable encryption of signatures and its application in certified e-mail delivery. Journal of Computer Security 13(5), 757–777 (2005) Google Scholar
  27. 27.
    Pagnia, H., Gärtner, F.: On the impossibility of fair exchange without a trusted third party. Technical Report TUD-BS-1999-02, University of Darmstadt, Germany (1999) Google Scholar
  28. 28.
    Pagnia, H., Vogt, H., Gärtner, F.: Fair exchange. The Computer Journal 46(1) (2003) Google Scholar
  29. 29.
    Park, J., Chong, E., Siegel, H.: Constructing fair exchange protocols for e-commerce via distributed computation of RSA signatures. In: Proceedings of the 22nd Annual Symposium on Principles of Distributed Computing. USA, pp. 172–181 (2003) Google Scholar
  30. 30.
    Public-Key Infrastructure (X.509), The PKIX working group. http://www.ietf.org/html.charters/pkix-charter.html. Accessed on 08-06-07
  31. 31.
    Ray, I., Ray, I.: An optimistic fair exchange e-commerce protocol with automated dispute resolution. In: Proceedings of 1st Electronic Commerce and Web Technologies Conference EC-Web 2000. Lecture Notes in Computer Science, vol. 1875, pp. 84–93. Springer, Berlin (2000) CrossRefGoogle Scholar
  32. 32.
    Ray, I., Zhang, H.: Experiences in developing a secure and optimistic fair-exchange e-commerce protocol using common off-the-shelf components. Journal of Electronic Commerce Research and Application 7(2), 247–259 (2008) CrossRefGoogle Scholar
  33. 33.
    Ray, I., Ray, I., Narasimhamurthi, N.: A fair-exchange e-commerce protocol with automated dispute resolution. In: Proceedings of the 14th Annual IFIP WG 11.3 Working Conference on Database Security, The Netherlands, pp. 27–38 (2000) Google Scholar
  34. 34.
    Ray, I., Ray, I., Narasimhamurthy, N.: An anonymous failure resilient fair-exchange e-commerce protocol. Decision Support Systems 39(3), 267–292 (2005) CrossRefGoogle Scholar
  35. 35.
    Rivest, R., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM 21(2), 120–126 (1978) MathSciNetzbMATHCrossRefGoogle Scholar
  36. 36.
    Schunter, M.: Optimistic fair exchange. PhD Thesis, University of the Saarland, Germany (2000) Google Scholar
  37. 37.
    Shmatikov, V., Mitchell, J.: Analysis of a fair exchange protocol. In: Proceedings of the 1999 FLoC Workshop on Formal Methods and Security Protocols, Italy (1999) Google Scholar
  38. 38.
    Song, W., Kou, W., Tan, C.: An investigation on multiple e-payment and micro-payment. In: Proceedings of the International Conference on Electronic Commerce, pp. 216–223 (2002) Google Scholar
  39. 39.
    Wang, G.: An abuse-free fair contract signing protocol based on the RSA signature. In: Proceedings of the 14th International conference on World Wide Web, WWW-2005, pp. 412–421 (2005) Google Scholar
  40. 40.
    Whiteley, D.: E-Commerce: Strategy, Technologies and Applications. McGraw-Hill, London (2000) Google Scholar
  41. 41.
    Zhang, Q., Markantonakis, K., Mayes, K.: A practical fair exchange e-payment protocol for anonymous purchase and physical delivery. In: Proceedings of the 4th ACS/IEEE International Conference on Computer Systems and Applications, AICCSA-06, UAE, pp. 851–858 (2006) Google Scholar
  42. 42.
    Zhang, N., Shi, Q., Merabti, M., Askwith, R.: Practical and efficient fair document exchange over networks. Journal of Network and Computer Applications 29(1), 46–61 (2006) zbMATHCrossRefGoogle Scholar

Copyright information

© Springer-Verlag London 2010

Authors and Affiliations

  1. 1.Department of Information Technology, College of ComputerQassim UniversityQassimSaudi Arabia
  2. 2.Department of Computer ScienceDurham UniversityDurhamUK

Personalised recommendations