Skip to main content
SpringerLink
Log in

On the security of fair non-repudiation protocols

  • Regular contribution
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

We analyzed two non-repudiation protocols and found some new attacks on the fairness and termination property of these protocols. Our attacks are enabled by several inherent design weaknesses, which also apply to other non-repudiation protocols. To prevent these attacks, we propose generic countermeasures that considerably strengthen the design and implementation of non-repudiation protocols. The application of these countermeasures is finally shown by our construction of a new fair non-repudiation protocol.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Abadi M, Needham R (1996) Prudent engineering practice for cryptographic protocols. IEEE Trans Softw Eng 22(1):6–15

    Article  Google Scholar 

  2. Asokan N (1998) Fairness in electronic commerce. PhD thesis, University of Waterloo, Canada

  3. Asokan N, Schunter M, Waidner M (1997) Optimistic protocols for fair exchange. In: Matsumoto T (ed) 4th ACM conference on computer and communications security, Zürich, Switzerland, April 1997. ACM Press, New York, pp 6–17

  4. Asokan N, Shoup V, Waidner M (1998) Asynchronous protocols for optimistic fair exchange. In: Proceedings of the IEEE symposium on research in security and privacy, Oakland, CA, May 1998. IEEE Press, New York,hack pp 86–99

  5. Asokan N, Shoup V, Waidner M (1998) Optimistic fair exchange of digital signatures. In: Nyberg K (ed) Advances in Cryptology – EUROCRYPT ’98, Espoo, Finland, June 1998. Lecture notes in computer science, vol 1403. Springer, Berlin Heidelberg New York, pp 591–606

  6. Ateniese G (1999) Efficient verifiable encryption (and fair exchange) of digital signatures. In: Proceedings of the 6th ACM conference on computer and communications security (CCS ’99), Singapore, November 1999. ACM Press, New York, pp 138–146

  7. Ateniese G, Nita-Rotaru C (2002) Stateless-recipient certified e-mail system based on verifiable encryption. In: Topics in Cryptology – CT-RSA, San Jose, CA, 18–22 February 2002. Lecture notes in computer science, vol 2271. Springer, Berlin Heidelberg New York, pp 182–199

  8. Boyd C, Foo E (1998) Off-line fair payment protocol using convertible signatures. In: Advances in Cryptology – ASIACRYPT ’98, Beijing, China, October 1998. Lecture notes in computer science, vol 1514. Springer, Berlin Heidelberg New York, pp 271–285

  9. Boyd C, Kearney P (2000) Exploring fair exchange protocols using specification animation. In: Information Security – ISW 2000, Wollongong, Australia, December 2000. Lecture notes in computer science, vol 1975. Springer, Berlin Heidelberg New York, pp 209–223

  10. Coffey T, Saidha P (1996) Non-repudiation with mandatory proof of receipt. ACM SIGCOMM Comput Commun Rev 26(1):6–17

    Article  Google Scholar 

  11. Deng RH, Gong L, Lazar AA, Wang W (1996) Practical protocols for certified electronic mail. J Netw Syst Manage 4(3):279–297

    Article  Google Scholar 

  12. Ferrer-Gomila JL, Payeras-Capellà M, Huguet i Rotger L (2000) An efficient protocol for certified mail. In: Information Security – ISW 2000, Wollongong, Australia, December 2000. Lecture notes in computer science, vol 1975. Springer, Berlin Heidelberg New York, pp 237–248

  13. Gürgens S, Rudolph C (2002) Security analysis of (un-) fair non-repudiation protocols. In: Formal Aspects of Security 2002 – BCS FASec 2002, London, UK, 18–20 December 2002. Lecture notes in computer science, vol 2629. Springer, Berlin Heidelberg New York, pp 97–114

  14. Kremer S, Markowitch O (2000) Optimistic non-repudiable information exchange. In: Biemond J (ed) 21st symposium on information theory in the Benelux, Wassenaar, The Netherlands, May 2000, Werkgemeenschap Informatieen Communicatietheorie, Enschede, pp 139–146

  15. Kremer S, Markowitch O (2001) Selective receipt in certified e-mail. In: Progress in Cryptology – INDOCRYPT 2001, Chennai, India, 16–20 December 2001. Lecture notes in computer science, vol 2247. Springer, Berlin Heidelberg New York, pp 136–148

  16. Kremer S, Markowitch O (2003) Fair multi-party non-repudiation protocols. Int J Inf Secur 1(4):223–235

    Article  Google Scholar 

  17. Kremer S, Markowitch O, Zhou J (2002) An intensive survey of fair non-repudiation protocols. Comput Commun 25(17):1606–1621

    Article  Google Scholar 

  18. Kremer S, Raskin J-F (2001) A game-based verification of non-repudiation and fair exchange protocols. In: CONCUR 2001 – Concurrency Theory, Aalborg, Denmark, August 2001. Lecture notes in computer science, vol 2154. Springer, Berlin Heidelberg New York, pp 551–565

  19. Louridas P (2000) Some guidelines for non-repudiation protocols. Comput Commun Rev 30(5):29–38

    Article  Google Scholar 

  20. Markowitch O, Saeednia S (2001) Optimistic fair exchange with transparent signature recovery. In: Financial Cryptography – FC 2001, Grand Cayman, British West Indies, 19–22 February 2001. Lecture notes in computer science, vol 2339. Springer, Berlin Heidelberg New York, pp 339–350

  21. Markowitch O, Kremer S (2000) A multi-party optimistic non-repudiation protocol. In: Information Security and Cryptology – ICISC 2000, Seoul, Korea, December 2000. Lecture notes in computer science, vol 2015. Springer, Berlin Heidelberg New York, pp 109–122

  22. Markowitch O, Kremer S (2001) An optimistic non-repudiation protocol with transparent trusted third party. In: Information Security – ISC 2001, Malaga, Spain, October 2001. Lecture notes in computer science, vol 2200. Springer, Berlin Heidelberg New York, pp 363–378

  23. Zhou J (1996) Non-repudiation. PhD thesis, University of London, December 1996

  24. Zhou J (2001) Achieving fair non-repudiation in electronic transactions. J Organiz Comput Electron Commerce 11(4):253–267

    Article  Google Scholar 

  25. Zhou J, Deng R, Bao F (1999) Evolution of fair non-repudiation with TTP. In: Information Security and Privacy – ACISP ’99, Wollongong, Australia, 7–9 April 1999. Lecture notes in computer science, vol 1587. Springer, Berlin Heidelberg New York, pp 258–269

  26. Zhou J, Deng R, Bao F (2000) Some remarks on a fair exchange protocol. In: Public Key Cryptography – PKC 2000, Melbourne, Australia, January 2000. Lecture notes in computer science, vol 1751. Springer, Berlin Heidelberg New York, pp 46–57

  27. Zhou J, Gollmann D (1996) A fair non-repudiation protocol. In: Proceedings of the IEEE symposium on security and privacy, Oakland, CA, May 1996. IEEE Press, New York, pp 55–61

Download references

Author information

Authors and Affiliations

  1. Fraunhofer – Institute for Secure Information Technology SIT, Rheinstrasse 75, 64295, Darmstadt, Germany

    Sigrid Gürgens & Carsten Rudolph

  2. SRC Security Research & Consulting GmbH, Graurheindorfer Str. 149a, 53117, Bonn, Germany

    Holger Vogt

Authors
  1. Sigrid Gürgens
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Carsten Rudolph
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Holger Vogt
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Sigrid Gürgens.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Gürgens, S., Rudolph, C. & Vogt, H. On the security of fair non-repudiation protocols. Int J Inf Secur 4, 253–262 (2005). https://doi.org/10.1007/s10207-004-0063-7

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-004-0063-7

Keywords

Search

Navigation