Due to the explosive growth of electronic businesses carried on the Internet, non-repudiation services turn out to be increasingly important. Non-repudiation services protect the transacting parties against any false denial that a particular event or action has taken place, in which evidence will be generated, collected and maintained to enable the settlement of disputes. Several fair non-repudiation protocols have been proposed, which support non-repudiation of origin and non-repudiation of rec ...

Keywords: dispute resolution, evidence chaining, fair non-repudiation, validity of evidence

 

Non-repudiation allows an exchange of data between two principals in such a manner that the principals cannot subsequently deny their participation in the exchange. Current non-repudiation schemes, while providing a mandatory proof of origin service, generally provide only discretionary proof of receipt since it is difficult to enforce the return of the proof of receipt by the recipient.In this paper a new scheme for achieving mandatory mutual non-repudiation is proposed, en ...

Keywords: digital signatures, dispute arbitration, non-repudiation, proof of origin, proof of receipt, public-key cryptography, security protocols

 

Non-repudiation protocols aim at preventing parties in a communication from falsely denying having taken part in that communication; for example, a non-repudiation protocol for digital certified mail should ensure that neither the sender can deny sending the message, nor the receiver can deny receiving it. We identify some guidelines for non-repudiation protocols. The guidelines are derived by examining a series of non-repudiation protocols that descend from a single ancestor.

Keywords: Fair Exchange, Formal Verification, Non-repudiation

 

Non-repudiation is a security service concerned with preventing a denial by one of the principals involved in a communication of having participated in all or part of the communication. Principals exchange evidence information, which proves their participation in the communication. The evidence is digitally signed, making it non-forgeable and undeniable.In this paper, a non-repudiation communication protocol with mandatory proof of receipt is formally analysed. The verification technique used in ...

Keywords: cryptographic protocol verification, deductive reasoning, logical postulates, logics, non-repudiation, proof of origin, proof of receipt, public-key cryptography, security protocols

 

Keywords: Internet, audit trail, key management, multicast, non-repudiation, smartcard, watermark

 

 

An important feature of digital signatures is to serve as non-repudiation evidence. To be eligible as non-repudiation evidence, a digital signature on an electronic document should remain valid until its expiry date which is specified by some non-repudiation policy. As signature keys may be compromised and the validity of signatures may become questionable, additional security mechanisms need to be imposed on digital signatures. This paper examines the mechanisms for maintaining the validity of ...

Keywords: digital signature, non-repudiation, secure electronic commerce

 

Keywords: cryptographic protocol, mobile communication security, non-repudiation, undeniable billing

 

This paper proposes a concept of how to collect toll on highways. Unlike any existing method, the proposed approach requires no structure to be built on highways for the toll collection purpose and drivers are not required to stop or even slow down to pay toll. Toll must be prepaid in advance and a driver must keep a toll ticket as proof of payment. We apply public key cryptographic operations to the ticket issuing system to prevent forgery as well as repudiation from the seller. This paper expl ...
 

The security of the current 3G wireless protocols addresses the problems faced by the 2G systems, in addition to fulfilling the higher 3G security requirements mandated from operating in IP networks as well as voice networks. However, the approach adopted by the two most popular 3G mobile system forerunners, UMTS and cdma2000, leaves many areas for improvement. In this paper, we improve the security of the 3G protocols in network access by providing strong periodically mutual authentication, str ...

Keywords: 3G mobile network security and authentication, security

 

 

This proposal aims to outline possibilities for the migration, evolution path from second-generation systems (GSM) to wireless ATM regarding security aspect.Some of the factors and parameters of security affecting the migration path towards wireless ATM are identified. Also expected, planned security features for wireless ATM is explained and compared to second generation cellular systems.This work is done following the work of ASPeCT ( Advanced Security for Personal Communications Technologies) ...
 

Mobile nodes rely on external services to provide safety, sharing, and additional resources. Unfortunately, as mobile nodes move through the networking infrastructure, the costs of accessing servers change. Fluid replication allows mobile clients to create replicas where and when they are needed. Unfortunately, one must trust the nodes holding these replicas, and establishing trust in autonomously administered nodes is a difficult task. Instead, we argue that trust should be deferred. In ...
 

The nature of mobile communication, characterised for example by terminals having poor user interface and limited processing capacity, as well as complex combination of network protocols, makes the design of security solutions particularly challenging. This paper discusses some of the difficulties system architects are faced with as well as some advantages mobile networks offer when designing security solutions for mobile communication.

Keywords: heterogeneous networks, mobile devices, security, usability

 

Authentication is a security service that consists of verifying that someone's identity is as claimed. There are a number of challenges to presenting information from the authentication process to the user in a way that is meaningful and ensures security. We show examples where authentication requirements are not met, due to user behaviour and properties of existing user interfaces, and suggest some solutions to these problems.

Keywords: authentication, non-repudiation, security, usability, user interface

 

Applications such as e-commerce payment protocols, electronic contract signing, and certified e-mail delivery require that fair exchange be assured. A fair-exchange protocol allows two parties to exchange items in a fair way so that either each party gets the other's item, or neither party does. We describe a novel method of constructing very efficient fair-exchange protocols by distributing the computation of RSA signatures. Specifically, we employ multisignatures based on the RSA-signature sch ...

Keywords: Fair-exchange protocols, RSA signatures, e-commerce, multisignatures, zero-knowledge proofs

 

Semantic B2B Integration architectures must enable enterprises to communicate standards-based B2B events like purchase orders with any potential trading partner. This requires not only back end application integration capabilities to integrate with e.g. enterprise resource planning (ERP) systems as the company-internal source and destination of B2B events, but also a capability to implement every necessary B2B protocol like Electronic Data Interchange (EDI), RosettaNet as well as more generic ca ...
 

We present a related family of authentication and digital signature protocols based on symmetric cryptographic primitives which perform substantially better than previous constructions. Previously, one-time digital signatures based on hash functions involved hundreds of hash function computations for each signature; we show that given online access to a timestamping service, we can sign messages using only two computations of a hash function. Previously, techniques to sign infinite streams invol ...

Keywords: authentication, hashing, non-repudiation, timestamping

 

Wireless communications are being driven by the need for providing network access to mobile or nomadic computing devices. The need for wireless access to a network is evident in current work environments. A number of new protocols have been recently published with the goal of providing both privacy of data and authentication of users for mobile systems. Such protocols can employ private-key and/or public key cryptographic algorithms. Publickey algorithms hold the promise of simplifying the netwo ...

Keywords: 2G, 3G, end-to-end, mobile, radio-link, security

 

Many business transactions over the Internet involve the exchange of digital products between two parties - electronic mails, digital audio and video, electronic contract signing and digital signatures, to name a few. Often these transactions occur between players that do not trust each other. To facilitate such transactions, a number of secure protocols have been proposed. The main objective of these protocols is: either both the parties obtain each other's items or none do. Sometimes it is not ...

Keywords: electronic commerce, fair-exchange, protocols, security