Showing papers on "Trusted third party published in 1998"
03 May 1998
TL;DR: The protocols presented here are the first exchange protocols which use offline TTP and at the same time guarantee true fair exchange of digital messages and introduce a novel cryptographic primitive, called the Certificate of Encrypted Message Being a Signature (CEMBS), as the basic building block of the fair exchange protocols.
Abstract: We present protocols for fair exchange of electronic data (digital signatures, payment and confidential data) between two parties A and B. Novel properties of the proposed protocols include: 1) offline trusted third party (TTP), i.e., TTP does not take part in the exchange unless one of the parties behaves improperly; 2) only three message exchanges are required in the normal situation; 3) true fair exchange, i.e., either A and B obtain each other's data or no party receives anything useful; no loss can be incurred to a party no matter how maliciously the other party behaves during the exchange. This last property is in contrast to previously proposed protocols with offline TTP ([1] and [21]), where a misbehaving party may get another party's data while refusing to send his document to the other party, and the TTP can provide affidavits attesting to what happened during the exchange. To our knowledge, the protocols presented here are the first exchange protocols which use offline TTP and at the same time guarantee true fair exchange of digital messages. We introduce a novel cryptographic primitive, called the Certificate of Encrypted Message Being a Signature (CEMBS), as the basic building block of the fair exchange protocols. It is used to prove that an encrypted message is a certain party's signature on a public file, without revealing the signature. We also give two examples to show in detail how the certificate can be constructed.
330 citations
IBM1
TL;DR: By means of the R-C combination, the phase equality of the vortex separations over the width of the choke body is improved and the fading is reduced.
Abstract: We present a new protocol that allows two players to exchange digital signatures over the Internet in a fair way, so that either each player gets the other's signature, or neither player does. The obvious application is where the signatures represent items of value, for example, an electronic check or airline ticket. The protocol can also be adapted to exchange encrypted data. The protocol relies on a trusted third party, but is optimistic, in that the third party is only needed in cases where one player attempts to cheat or simply crashes. A key feature of our protocol is that a player can always force a timely and fair termination, without the cooperation of the other player.
252 citations
01 Jan 1998
TL;DR: This paper presents a mechanism based on execution tracing and cryptography that allows one to detect attacks against code, state, and execution flow of mobile software components.
Abstract: Mobile code systems are technologies that allow applications to move their code, and possibly the corresponding state, among the nodes of a wide-area network. Code mobility is a flexible and powerful mechanism that can be exploited to build distributed applications in an Internet scale. At the same time, the ability to move code to and from remote hosts introduces serious security issues. These issues include authentication of the parties involved and protection of the hosts from malicious code. However, the most difficult task is to protect mobile code against attacks coming from hosts. This paper presents a mechanism based on execution tracing and cryptography that allows one to detect attacks against code, state, and execution flow of mobile software components.
222 citations
Patent•
IBM1
TL;DR: In this article, a customer's shipping address is encoded by a multi-digit identifier which is stored in the database of a trusted third party, preferably the shipping company, and a user of the system need only identify themselves to a vendor by this multidimensional identifier which prints the identifier in machine readable form on a package delivered to the shipper.
Abstract: Transactions are conducted on the Internet, by telephone or directly with anonymity and privacy. A customer's shipping address is encoded by a multi-digit identifier which is stored in the database of a trusted third party, preferably the shipping company. A user of the system need only identify themselves to a vendor by this multi-digit identifier which prints the identifier in machine readable form on a package delivered to the shipper.
199 citations
Patent•
04 Sep 1998
TL;DR: Secure anonymous communication between a first party and a second party is accomplished by establishing an identity of the first party with a third party, obtaining an anonymous certificate having a selected attribute by the first parties from the third party and presenting the anonymous certificate to the second party for verification to establish the anonymous communication as mentioned in this paper.
Abstract: Secure anonymous communication between a first party and a second party is accomplished by establishing an identity of the first party with a third party, obtaining an anonymous certificate having a selected attribute by the first party from the third party, and presenting the anonymous certificate by the first party to the second party for verification to establish the anonymous communication.
125 citations
Patent•
01 Oct 1998
TL;DR: In this article, a first party, which may be a call center, receives requests for access from first and second remote parties, each of these remote parties is provided a computer program and a session is initiated for each party.
Abstract: A method of communicating with a plurality of remote parties allows for multi-media collaboration. A first party, which may be a call center, receives requests for access from first and second remote parties. Each of these remote parties is provided a computer program and a session is initiated for each party. The first party can then independently communicate with the first and second remote parties via the computer program.
100 citations
09 Jun 1998
TL;DR: Two versions of a lottery scheme are presented in which the result of the lottery is determined by the ticket numbers purchased, but no one can control the outcome or determine what it is until after the lottery closes.
Abstract: The paper presents applications for the weak protection of secrets in which weakness is not just acceptable but desirable. For one application, two versions of a lottery scheme are presented in which the result of the lottery is determined by the ticket numbers purchased, but no one can control the outcome or determine what it is until after the lottery closes. This is because the outcome is kept secret in a way that is breakable after a predictable amount of time and/or computation. Another presented application is a variant on fair exchange protocols that requires no trusted third party at all.
100 citations
18 Oct 1998
TL;DR: A new efficient protocol is proposed, which allows a pair of potentially mistrusting parties to exchange digital signatures over the Internet in a fair way, such that after the protocol is running, either each party obtains the other's signature, or neither of them does.
Abstract: We propose a new efficient protocol, which allows a pair of potentially mistrusting parties to exchange digital signatures over the Internet in a fair way, such that after the protocol is running, either each party obtains the other's signature, or neither of them does. The protocol relies on an off-line Trusted Third Party (TTP), which does not take part in the exchange unless any of the parties behaves improperly or other faults occur. Efficiency of the protocol is achieved by using a cryptographic primitive, called confirmable signatures (or designated confirmer signatures in its original proposal [9]). We recommend using a new efficient confirmable signature scheme in the proposed fair exchange protocol. This scheme combines the family of discrete logarithm (DL) based signature algorithms and a zero-knowledge (ZK) proof on the equality of two DLs. The protocol has a practical level of performance: only a moderate number of communication rounds and ordinary signatures are required. The security of the protocol can be established from that of the underlying signature algorithms and that of the ZK proof used.
64 citations
23 Feb 1998
TL;DR: In this article, the authors identify and discuss options that may be considered by those undertaking to address the revocation of digital certificates, and discuss the most common means to do so is through revocation of the corresponding digital certificate.
Abstract: Public keys can be trusted if they are digitally signed by a trusted third party. This trust is most commonly conveyed by use of a digital certificate. However, having once established trust in a public key, means must exist to terminate that trust should circumstances dictate. The most common means to do so is through revocation of the corresponding digital certificate. This paper identifies and discusses options that may be considered by those undertaking to address the revocation of digital certificates.
60 citations
Patent•
17 Nov 1998
TL;DR: In this article, a method of operating a telecommunications device wherein the telecommunications device is used to detect an outgoing call from a calling party to a called number is presented, and a determination on the sufficiency of funds in a pre-paid account is made.
Abstract: A method of operating a telecommunications device wherein the telecommunications device is used to detect an outgoing call from a calling party to a called number. The calling number is used to determine whether or not the calling party is a universal service user. If it is determined that the called number is among a class of numbers exempt from charges, the call is connected. A determination on the sufficiency of funds in a pre-paid account is made. If it is determined that there are insufficient funds in a pre-paid account to cover charges associated with the outgoing call, a message is generated and sent to the calling party or a third party requesting authorization to charge an additional fee for connecting the calling party with the called party. User input is received from the calling party, indicating the calling party's authorization of such charge. The connection between the calling party and the called party is made.
51 citations
16 Sep 1998
TL;DR: A method is proposed that guarantees security as long as at least one of the n parties may definitely be trusted whereas the other parties may turn out to be corrupt.
Abstract: One of the major security aspects in mobile communication networks concerns information about the localization of the (mobile) network user. This information may be protected by establishing a trusted third party that is responsible for creating suitable pseudonyms for the user identity. Distributing the maintenance of pseudonyms among n independent trusted parties allows to increase further the security of location information. In this paper, a method is proposed that guarantees security as long as at least one of the n parties may definitely be trusted whereas the other parties may turn out to be corrupt. The pseudonym collision probability is derived analytically before a detailed OPNET simulation evaluates the cost of the new approach compared to standard GSM.
TL;DR: The solution proposed and adopted during this project was based on the establishment of trusted third party services (TTPS) based on secure session layer (SSL) which was demonstrated and validated using an existing telemedicine platform.
IBM1
TL;DR: This work introduces the concept of a two-party one-time table (OTT), a novel primitive that is theoretically equivalent to precomputed OT, and is tailored to support field computations rather than single-bit logical operations, thereby streamlining higher-level computations, particularly where information-theoretic security is demanded.
Abstract: In two-party secure computation, a pair of mutually-distrusting and potentially malicious parties attempt to evaluate a function f(x, y) of private inputs x and y, held respectively by each, without revealing anything but f(x, y) and without involving a trusted third party. This goal has been achieved with varying degrees of generality and effciency using a variety of primitives, including combined oblivious transfer (OT) [GMW87], abstract oblivious transfer [K88], and committed oblivious transfer [CTG95]. This work introduces the concept of a two-party one-time table (OTT), a novel primitive that is theoretically equivalent to precomputed OT. The OTT is tailored to support field computations rather than single-bit logical operations, thereby streamlining higher-level computations, particularly where information-theoretic security is demanded. The two-party one-time table is also motivated by the ease with which it can be constructed using simple resources provided by one or more partly-trusted external servers. This commodity-based approach strengthens overall security by ensuring that information flows strictly from servers to Alice and Bob, removing the need to trust third parties with the sensitive data itself.
Patent•
IBM1
TL;DR: In this paper, a method, system and apparatus are described which utilize a trusted third party, or Certification Authority (CA) in the generation of a reliable seed to be used in the generator of prime numbers used in public key cryptography.
Abstract: A method, system and apparatus are described which utilize a trusted third party, or Certification Authority (CA) in the generation of a reliable seed to be used in the generation of prime numbers used in public key cryptography. The inclusion of the trusted third party allows for an independent third party to police against first party attacks on the security of the system without increasing the overhead of the system significantly.
IBM1
TL;DR: This paper proposes a secure electronic submission protocol as a typical time-sensitive application and a temporal accountability logic, which is an extension of Kailar's (1996) work, and describes some modifications of the protocol which reduce the total number of flows while keeping the protocol as logically secure as the original one in terms of temporal accountability.
Abstract: This paper describes various possible attacks on temporal properties such as temporal records of payment times and declarations of the closing times for electronic submissions, and explains defense measures that use a trusted third party to provide temporal accountability. The paper proposes a secure electronic submission protocol as a typical time-sensitive application and a temporal accountability logic, which is an extension of Kailar's (1996) work. It analyzes the proposed protocol by applying temporal accountability logic, and describes some modifications of the protocol, which reduce the total number of flows while keeping the protocol as logically secure as the original one in terms of temporal accountability.
10 Nov 1998
TL;DR: It is shown how agents are able to recognize undesirable states by reasoning on a 2 by 2 payoff matrix and find a way out by communicating with a trusted third party in a game theoretic coordination mechanism in a multi agent community.
Abstract: We present a game theoretic coordination mechanism in a multi agent community. We assume that all the agents are rational and have the ability to communicate with each other. In our approach, agents are treated as players in a noncooperative game defined in conventional game theory. In order to make the agents behave coordinately and to avoid an undesirable state, such as Prisoners' dilemma, we introduce a trusted third party into the conventional two-player game theory. The mechanism changes the equilibrium states by altering the payoff of the game. We show how agents are able to recognize undesirable states by reasoning on a 2 by 2 payoff matrix and find a way out by communicating with a trusted third party. A communication protocol among agents and the trusted third party is constructed to achieve a negotiation for coordination.
16 Sep 1998
TL;DR: The threats that Java technology introduces to EUROMED are explored and security countermeasures are proposed, utilizing the TTP infrastructure.
Abstract: EUROMED, a DG III project1, aims to create the foundation of telemedical information society. EUROMED-ETS, an INFOSEC project, provided secure communications among EUROMED participants by establishing Trusted Third Party Services (TTPs) over the Web. Java technology plays an important role in EUROMED. In this paper, the threats that Java technology introduces to EUROMED are explored and security countermeasures are proposed, utilizing the TTP infrastructure.
TL;DR: The geopolitical elements are addressed ‐ especially policy and procedures, and national legal frameworks ‐ required to effectively implement the trust that secure transactions require and the relevant layers of interactions each option entails.
Abstract: Discusses the requirements ‐ both technical and geopolitical ‐ for enabling seamless, secure transactions over the Internet. Discusses options in technical approaches, including trusted third party (TTP) and self‐signed certification authorities. Depicts the relevant layers of interactions each option entails. Explains the structures of proprietary keying systems and of hierarchical certification authorities. Addresses the geopolitical elements ‐ especially policy and procedures, and national legal frameworks ‐ required to effectively implement the trust that secure transactions require.
29 Oct 1998
TL;DR: The threats that Java technology introduces to EUROMED are explored and security countermeasures are proposed, utilizing the TTP infrastructure.
Abstract: EUROMED, aims to define and create the building blocks of a Web-based telemedical information society. EUROMED-ETS, an EC INFOSEC project, provided secure communications among EUROMED participants by establishing Trusted Third Party Services (TTPs) over the Web. Java technology plays an important role in EUROMED and any Web-based medical environment. In this paper, the threats that Java technology introduces to EUROMED are explored and security countermeasures are proposed, utilizing the TTP infrastructure.
01 Jan 1998
TL;DR: A protocol developed by the ASPeCT project for secure billing that provides the incontestable charging that is required for UMTS is presented.
Abstract: We present a protocol developed by the ASPeCT project for secure billing that provides the incontestable charging that is required for UMTS. This protocol realises a payment system for value added services. We describe the protocol and in particular the design features that are of particular relevance to the UMTS environment. We also describe the configuration of a field trial of this protocol over the experimental UMTS platform developed by the project EXODUS.
01 Jan 1998
TL;DR: A new ecient protocol is proposed, which allows a pair of potentially mistrusting parties to exchange digital signatures over the Internet in a fair way, such that after the protocol is running, either each party obtains the other's signature, or neither of them does.
Abstract: We propose a new ecient protocol, which allows a pair of potentially mistrusting parties to exchange digital signatures over the Internet in a fair way, such that after the protocol is running, either each party obtains the other's signature, or neither of them does. The pro- tocol relies on an o-line Trusted Third Party (TTP), which does not take part in the exchange unless any of the parties behaves improperly or other faults occur. Eciency of the protocol is achieved by using a cryptographic primitive, called conrmable signatures (or designated con- rmer signatures in its original proposal (9)). We recommend using a new ecient conrmable signature scheme in the proposed fair exchange pro- tocol. This scheme combines the family of discrete logarithm (DL) based signature algorithms and a zero-knowledge (ZK) proof on the equality of two DLs. The protocol has a practical level of performance: only a moderate number of communication rounds and ordinary signatures are required. The security of the protocol can be established from that of the underlying signature algorithms and that of the ZK proof used.
01 Dec 1998
TL;DR: This work presents a new scheme for an intelligent untrusted trade agent system allowing anonymous electronic transactions with an off-line trusted third party.
Abstract: In the last years, the exponential growth of computer networks has created an incredibly large offer of products and services in the net Such a huge amount of information makes it impossible for a single person to analyze all existing offers of a product on the net and decide which of them fits better her requirements This problem is solved with the intelligent trade agents (ITA), which are programs that have the ability to roam a network, collect business-related data and use them to make decisions to buy goods on their owners' behalf Known ITA systems do not provide anonymity in transactions, require an on-line trusted third party and implicitly assume that the user trusts the ITA We present a new scheme for an intelligent untrusted trade agent system allowing anonymous electronic transactions with an off-line trusted third party
TL;DR: The DHWM key exchange is presented, based on the simple idea that watermarking and verification can be separated, and it is concluded that a trusted third party is needed to establish a verification service of watermarks.
Abstract: This paper discusses secure architecture and protocols of managing Intellectual Property Rights in distributed content databases in a close environment. This discussion has been conducted within the European project AQUARELLE. This paper presents a short survey of watermarking technologies and focuses on functionalities offered by such techniques. We propose the terms of watermarking, fingerprinting and monitoring. For our implementation, we have worked with the Universite catholique de Louvain (UCL). This work is joint work with Jean-Francois Delaigle. Next we focus mainly on keys issues, and conclude that a trusted third party is needed to establish a verification service of watermarks. Next the DHWM key exchange is presented, based on the simple idea that watermarking and verification can be separated. This scheme uses the Diffie-Hellman key-exchange protocol. Next some hints on the implementation of the scheme and on its correctness are given.
TL;DR: This paper will provide a practical solution and implementation to this problem by describing how making use of Java and digital certificates can collect baggage.
22 Oct 1998
TL;DR: Based on the analysis of several existing multi-pass authentication protocols, two new protocols are proposed using symmetrical and asymmetrical algorithms respectively, both including a trusted third party to provide UPT user personal mobility and network transparency.
Abstract: The authentication requirements in an UPT system are analyzed in detail. As a variable authentication code mechanism is intended for local unilateral authentication, it is necessary to give solutions for mutual authentication between UPT users and the UPT system for the UPT phase 2 or later. Based on the analysis of several existing multi-pass authentication protocols, two new protocols are proposed using symmetrical and asymmetrical algorithms respectively, both including a trusted third party to provide UPT user personal mobility and network transparency.
TL;DR: The purpose of this paper is to look at the UK Government's various proposals in relation to encryption on the public telecommunications network, and to compare the developments in the UK with those in the EU and with some of the attitudes to the use of encryption being taken by international organizations such as the Organization for Economic Cooperation and Development and the International Chamber of Commerce.
TL;DR: This article focuses on two areas of interest within ASPeCT where cryptography is directly being used to provide security solutions: the provision of Trusted Third Party services and the secure billing of value-added information services.
26 Aug 1998
TL;DR: This paper shows a successful system to translate security objects from one encoding schema to another, particularised to the case of X.509 and EDIFACT PKI.
Abstract: This paper shows a successful system to translate security objects from one encoding schema to another. The problem is similar to the translation of official documents from one language to other: we need an official translator, with recognised right to certify, that the information s/he is giving on the translation corresponds exactly with the information contained in the original document. This function can only be given by a TTP (Trusted Third Party). This TTP has to be able to check the validity and authenticity of all the data included in the original document, and translate it to the other environment, signing the translation, to certify, not only the authenticity of the data, but also the signatory of the original document. Since this particular TTP is connecting users and applications of two different environments, we have defined it as a gateway, and this paper describes with detail its architecture and functional requirements. To be more precise, the general architecture of this kind of TTP has been particularised to the case of X.509 and EDIFACT PKI, and the details of the internal modules of the gateway in this particular implementation are also given.
TL;DR: An undeniable (t, n) threshold signature scheme with cheater identification with capabilities against cheating tricks plotted by signers in the key generation and group signature generation phases is proposed.
Abstract: We propose an undeniable (t, n) threshold signature scheme with cheater identification. The proposed scheme has the following features: (1) no trusted third party is required for key generation; (2) no additional interactive protocol is required for the generation of the group's public key; (3) any t members can cooperatively sign a message with the assistance of a secure cryptographic module designated by hardware; and (4) the verifier can verify the group signature by only knowing the group's public key; it is not necessary to know the participating signers involved. The proposed scheme also provides capabilities against cheating tricks plotted by signers in the key generation and group signature generation phases.