Solving Bao’s Colluding Attack in Wang’s Fair Payment Protocol
An electronic purchase is an essential operation of electronic commerce. Fairness in the exchange of money and product, as well as anonymity of the buyer, are desirable features. In Asiacrypt 2003, C.H. Wang  presented a purchase protocol satisfying both anonymity and fairness, adapting the anonymous payment system of Brands , using a restrictive confirmation signature scheme. Later, In Asiacrypt 2004, Feng Bao  demonstrated that Wang’s protocol  can be vulnerable to attacks produced by colluding users, and he affirmed that the protocol cannot be corrected due to the anonymity of the protocol. We will show that it is possible to correct Wang’s protocol in order to avoid colluding attacks. We present a solution that modifies slightly the original protocol, maintaining the anonymity and untraceability of the original version. Finally, we discuss the convenience to achieve the property of timeliness.
KeywordsPayment System Dispute Resolution Electronic Commerce Trusted Third Party Digital Product
Unable to display preview. Download preview PDF.
- 2.Brands, S.: Untraceable off-line cash in wallet with observers. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 302–318. Springer, Heidelberg (1994)Google Scholar
- 3.Camp, J., Harkavy, M., Tygar, J.D., Yee, B.: Anonymous atomic transactions. In: 2nd USENIX workshop on electronic commerce, pp. 123–133 (1996)Google Scholar
- 4.Jakobsson, M.: Ripping coins for a fair exchange. In: Guillou, L.C., Quisquater, J.-J. (eds.) EUROCRYPT 1995. LNCS, vol. 921, pp. 220–230. Springer, Heidelberg (1995)Google Scholar
- 6.Schuldt, H., Popovivi, A., Schek, H.: Execution guarantees in electronic commerce payments. In: Saake, G., Schwarz, K., Türker, C. (eds.) FoMLaDO 1999. LNCS, vol. 1773, Springer, Heidelberg (2000)Google Scholar
- 7.Tygar, J.D.: Atomicity in electronic commerce. In: 15th annual ACM symposium on principles of distributed computing, pp. 8–26 (1996)Google Scholar