A Formal Analysis of Fairness and Non-repudiation in the RSA-CEGD Protocol

  • Almudena Alcaide
  • Juan M. Estévez-Tapiador
  • Antonio Izquierdo
  • José M. Sierra
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3483)


Recently, Nenadić et al. (2004) proposed the RSA-CEGD protocol for certified delivery of e-goods. This is a relatively complex scheme based on verifiable and recoverable encrypted signatures (VRES) to guarantee properties such as strong fairness and non-repudiation, among others. In this paper, we illustrate how an extended logic of beliefs can be helpful to analyze in a formal manner these security properties. This approach requires the previous definition of some novel constructions to deal with evidences exchanged by parties during the protocol execution. The study performed within this framework reveals the lack of non-repudiation in RSA-CEGD and points out some other weaknesses.


Security Protocol Security Property Exchange Protocol Fair Exchange Versus Erifications 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Alcaide, A., Estévez, J.M.: Formal Analysis of the RSA-CEGD protocol. Technical Report (January 2005)Google Scholar
  2. 2.
    Bella, G., Paulson, L.: Mechanical Proofs about a Non-repudiation Protocol. In: Boulton, R.J., Jackson, P.B. (eds.) TPHOLs 2001. LNCS, vol. 2152, pp. 91–104. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  3. 3.
    Denning, D.E.: The Limits of Formal Security Models. National Computer Systems Security Award Aceptance Speech (October 1999), Available online at
  4. 4.
    Dolev, D., Yao, A.C.: On the Security of Public Key Protocols. IEEE Trans. Inf. Theory IT-29(12), 198–208 (1983)CrossRefMathSciNetGoogle Scholar
  5. 5.
    Gürgens, S., Rudolph, C.: Security Analysis of (Un-) Fair Non-repudiation Protocols. In: Abdallah, A.E., Ryan, P.Y.A., Schneider, S. (eds.) FASec 2002. LNCS, vol. 2629, pp. 97–114. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  6. 6.
    Kailar, R.: Reasoning about accountability in protocols for electronic commerce. In: Proc. IEEE Symp. Security and Privacy, pp. 236–250. IEEE Computer Security Press, Los Alamitos (1995)Google Scholar
  7. 7.
    Kailar, R.: Accountability in electronic commerce protocols. IEEE Trans. Software Engineering 5(22), 313–328 (1996)CrossRefGoogle Scholar
  8. 8.
    Louridas, P.: Some guidelines for non-repudiation protocols. Computer Communication Review 30(5), 29–38 (2000)CrossRefGoogle Scholar
  9. 9.
    Kremer, S., Markowitch, O., Zhou, J.: An intensive survey of fair nonrepudiation protocols. Computer Comunications 25(17), 1606–1621 (2002)CrossRefGoogle Scholar
  10. 10.
    Kremer, S., Raskin, J.F.: A game approach to the verification of exchange protocols - application to non-repudiation protocols. In: Workshop on Issues in the Theory of Security (WITS 2000) (July 2000)Google Scholar
  11. 11.
    Kremer, S., Raskin, J.F.: A Game-Based Verification of Non-Repudiation and Fair Exchange Protocols. Journal of Computer Security 11(13), 399–429 (2003)Google Scholar
  12. 12.
    Nenadić, A., Zhang, N., Barton, S.: A Security Protocol for Certified E-goods Delivery. In: Proc. IEEE Int. Conf. Information Technology, Coding, and Computing (ITCC 2004), Las Vegas, NV, USA, pp. 22–28. IEEE Computer Society, Los Alamitos (2004)CrossRefGoogle Scholar
  13. 13.
    Ray, I., Ray, I.: An Optimistic Fair Exchange E-commerce Protocol with Automated Dispute Resolution. In: Bauknecht, K., Madria, S.K., Pernul, G. (eds.) EC-Web 2000. LNCS, vol. 1875, pp. 84–93. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  14. 14.
    Schneider, S.: Formal Analysis of a Non-repudiation Protocol. In: IEEE Computer Security Foundations Workshop. IEEE Computer Society Press, Los Alamitos (1998)Google Scholar
  15. 15.
    Syverson, P., Cervestato, I.: The Logic of Authentication Protocols. In: Focardi, R., Gorrieri, R. (eds.) FOSAD 2000. LNCS, vol. 2171, pp. 63–136. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  16. 16.
    Zhou, J., Gollman, D.: A fair non-repudiation protocol. In: Proc. 1996 Symp. on Research in Security and Privacy, Oakland, CA, USA, pp. 55–61. IEEE Computer Society Press, Los Alamitos (1996)Google Scholar
  17. 17.
    Zhou, J., Gollman, D.: Towards verification of non-repudiation protocols. In: Proc. 1998 Intl. Refinement Workshop and Formal Methods Pacific, pp. 370–380 (1998)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Almudena Alcaide
    • 1
  • Juan M. Estévez-Tapiador
    • 1
  • Antonio Izquierdo
    • 1
  • José M. Sierra
    • 1
  1. 1.Department of Computer ScienceCarlos III University of MadridLeganés, MadridSpain

Personalised recommendations