Showing papers on "Trusted third party published in 2000"

Optimistic fair exchange of digital signatures

Abstract: We present a new protocol that allows two players to exchange digital signatures over the Internet in a fair way, so that either each player gets the other's signature, or neither player does. The obvious application is where the signatures represent items of value, for example, an electronic check or airline ticket. The protocol can also be adapted to exchange encrypted data. It relies on a trusted third party, but is "optimistic," in that the third party is only needed in cases where one player crashes or attempts to cheat. A key feature of our protocol is that a player can always force a timely and fair termination, without the cooperation of the other player, even in a completely asynchronous network. A specialization of our protocol can be used for contract signing; this specialization is not only more efficient, but also has the important property that the third party can be held accountable for its actions: if it ever cheats, this can be detected and proven.

Privacy and security method and system for a world-wide-web site

Abstract: Personal information of users is used to customize the browsing experiences of the users on a World-Wide-Web site. To ensure privacy of the users' personal information, each user is assigned a unique Universal Anonymous Identifier (UAI). The UAI is generated by a trusted third party and provided to the Web site operator. The Web site operator then indexes the users' personal information by UAI. Only the user has the ability to correlate his/her true identity with his/her personal information.

Trusted third party data structure for electronic funds transfer and bill presentment

Abstract: A funds transfer system for facilitating electronic funds transfer between a payor and a payee by means of an intermediate trusted third party comprises: a payor station including a device for electronic communication of a payment order, the payment order comprising the payee's name, address and an amount owed by the payor to the payee; a home banking system including a computer structured to communicate electronically at least with the payor station, to receive the payment order, and with the trusted third party; a trusted third party system associated with the trusted third party, the trusted third party system comprising a computer structured to communicate electronically with both the home banking system and a bank of the payee. The home banking system computer is operable, upon receipt of the payment order from the payor station, to generate a universal identifier number uniquely identifying the payee and to transmit electronically the universal identifier number to the trusted third party via a communication with the trusted third party system. The trusted third party system computer also being operable, in response to receipt of the universal identifier number from the home banking system, to identify the payee as a party to receive payment, to generate a routing/transit number of the bank of the payee and the payee's account number from the universal identifier number, and to communicate electronically with the bank of the payee to facilitate transfer of the amount owed to the payee's account to the bank of the payee.

A Cryptographic Solution to a Game Theoretic Problem

Abstract: In this work we use cryptography to solve a game-theoretic problem which arises naturally in the area of two party strategic games The standard game-theoretic solution concept for such games is that of an equilibrium, which is a pair of "self-enforcing" strategies making each player's strategy an optimal response to the other player's strategy It is known that for many games the expected equilibrium payoffs can be much higher when a trusted third party (a "mediator") assists the players in choosing their moves (correlated equilibria), than when each player has to choose its move on its own (Nash equilibria) It is natural to ask whether there exists a mechanism that eliminates the need for the mediator yet allows the players to maintain the high payoffs offered by mediator-assisted strategies We answer this question affirmatively provided the players are computationally bounded and can have free communication (so-called "cheap talk") prior to playing the game The main building block of our solution is an efficient cryptographic protocol to the following Correlated Element Selection problem, which is of independent interest Both Alice and Bob know a list of pairs (a1, b1) (an, bn) (possibly with repetitions), and they want to pick a random index i such that Alice learns only aiand Bob learns only bi Our solution to this problem has constant number of rounds, negligible error probability, and uses only very simple zero-knowledge proofs We then show how to incorporate our cryptographic protocol back into a game-theoretic setting, which highlights some interesting parallels between cryptographic protocols and extensive form games

Trust and Risk in Internet Commerce

Abstract: From the Publisher: As Internet-based commerce becomes commonplace, it is important that we examine the systems used for these financial transactions. Underlying each system is a set of assumptions, particularly about trust and risk. To evaluate systems, and thus to determine one's own risks, requires an understanding of the dimensions of trust: security, privacy, and reliability. In this book Jean Camp focuses on two major yet frequently overlooked issues in the design of Internet commerce systems -- trust and risk. Trust and risk are closely linked. The level of risk can be determined by looking at who trusts whom in Internet commerce transactions. Who will pay, in terms of money and data, if trust is misplaced? When the inevitable early failures occur, who will be at risk? Who is "liable" when there is a trusted third party? Why is it necessary to trust this party? What exactly is this party trusted to do? To answer such questions requires an understanding of security, record-keeping, privacy, and reliability. The author's goal is twofold: first, to provide information on trust and risk to businesses that are developing electronic commerce systems; and second, to help consumers understand the risks in using the Internet for purchases and show them how to protect themselves.

Optimistic Fair Secure Computation

Abstract: We present an efficient and fair protocol for secure two-party computation in the optimistic model, where a partially trusted third party T is available, but not involved in normal protocol executions. T is needed only if communication is disrupted or if one of the two parties misbehaves. The protocol guarantees that although one party may terminate the protocol at any time, the computation remains fair for the other party. Communication is over an asynchronous network. All our protocols are based on efficient proofs of knowledge and involve no general zero-knowledge tools. As intermediate steps we describe efficient verifiable oblivious transfer and verifiable secure function evaluation protocols, whose security is proved under the decisional Diffie-Hellman assumption.

Transaction method and system for data networks, like internet

Abstract: A method and a system for performing a transaction between at least one first party and at least one second party are disclosed. A data network connects data input/output terminals of the parties. In the data network, a secure and trusted transaction server is provided, in which a profile of the parties is registered, having a party identifier identifying a particular party, and authentication data for authenticating the party and data sent by the party. The parties communicate with each other through the transaction server by means of various transaction messages, which are digitally signed using a table of random numbers and a hashing operation, wherein the table of random numbers is generated by reading a token.

Looking for diamonds in the desert - extending automatic protocol generation to three-party authentication and key agreement protocols

Abstract: We describe our new results in developing and extending Automatic Protocol Generation (APG), an approach to automatically generate security protocols. We explore two-party mutual authentication and key agreement protocols, with a trusted third party (TTP) which shares a symmetric key with each of the two principals. During the process, we experienced the challenge of a gigantic protocol space. Facing this challenge, we develop more powerful reduction techniques for the protocol generator. We also develop new pruning theorems and probabilistic methods of picking goal orderings for the protocol screener, Athena, which greatly improve the efficiency and worst-case performance of Athena. In our first experiment, APG found new protocols for two-party mutual authentication with a TTP using symmetric keys. In our second experiment, APG also found new protocols for three different sets of security properties for two-party authentication and key agreement. Our new list of security properties for key agreement also uncovered an undocumented deficiency in the Yahalom protocol.

Methods and apparatus for facilitating transactions

Abstract: Methods and apparatus are described for facilitating transactions in a wide area network. Information relating to a transaction between a first party and a second party is provided to a third party via the wide area network. The third party is then enabled to facilitate consummation of the transaction between the first and second parties via the wide area network. According to a specific embodiment, the information includes a bid price associated with the first party and an ask price associated with the second party, the third party being enabled to cover at least part of a difference between the bid and ask prices via the wide area network.

An Optimistic Fair Exchange E-commerce Protocol with Automated Dispute Resolution

Abstract: In this paper we propose an e-commerce protocol with the following features: (1) ensures true fair exchange, (2) does not require manual dispute resolution in case of unfair behavior by any party, (3) does not require the active involvement of a trusted third party, (4) allows the customer to verify that the product he is about to receive is the one he is paying for, and (5) can be used for the fair exchange of any two digital items.

An authentication method

Abstract: An authentication method for authenticating communication between a first and a second party using a third party which is trusted by said first and second parties comprising the steps of calculating by the trusted third party the value of a first authentication output using a paramater of the first party and a second authentication output using the first authentication output and sending the second authentication output to the second party; calculating by the first party the first authentication output and sending the first authentication output to the second party; and calculating by the second party the second authentication output based on the first authentication output received from the first party and comparing the calculated second authentication output with the second authentication output received from the trusted third party whereby if the two second authentication outputs are the same, the first party is authenticated.

A Multi-party Optimistic Non-repudiation Protocol

Abstract: In this paper we consider the optimistic approach of the non-repudiation protocols. We study a non-repudiation protocol with off-line trusted third party and we keep on with the definition of the multi-party non-repudiation, compare it to multi-party fair exchange and show some fundamental differences between these two problems. Finally, we generalize our protocol and propose a multi-party nonrepudiation protocol with off-line trusted third party.

Apparatus and method for selling personal information

Abstract: A system for selling personal information through a trusted third party. An owner of the personal information provides policy governing the sale of the owner's personal information and authorizes information sources to provide the personal information to the trusted third party. The trusted third party provides for validation of the personal information and sells it to requesters in accordance with the policy, and provides payment or credit to the owner as compensation for the sale.

The Dynamics of the Electronic Market: An Evolutionary Game Approach

Abstract: The capabilities afforded by network technologies have facilitated the growth of electronic commerce. However, online frauds pose serious challenges to the further adoption of the electronic market. In order to promote trust and reduce transaction risks, various trusted third parties have emerged and new models have been proposed. Will people use the trusted third parties while conducting online transactions? How will the electronic market evolve? This research attempts to identify the different equilibria of the electronic market using an evolutionary game theoretic approach and to explore the best strategy to do transactions in the electronic market. Also, the work provides a theoretical justification to the emergence and necessity of trusted third parties for electronic transactions.

System, method, and computer program product for maintaining consumer privacy and security in electronic commerce transactions

Abstract: A system, method, and computer program product for maintaining the anonymity of a consumer (100) in a transaction with a retailer. The consumer (100) provides payment method information and ship-to address information to a trusted third party (102, 103). The consumer (100) purchases products from a retailer (101) by providing the trusted third party (102, 103) anonymous identifiers (e.g., nicknames, unique codes, or one time use codes either supplied by the consumer (100) or by the trusted third party (102, 103)) corresponding to the selected payment methods and ship-to addresses. The retailer (101) requests payment approval from the trusted third party (102, 103). The trusted third party (102, 103) receives payment approval from a payment partner (105, 106) using the payment method information determined from the anonymous identifier received from the consumer (100). The trusted third party (102, 103) provides payment approval to the retailer (101) along a transaction unique shipment identifier to place on the parcel. The trusted third party (102, 103) sends the same transaction unique shipment identifier and the actual shipping address determined from the anonymous identifier received from the consumer (100) to a shipping partner (107) who re-labels the package and delivers it to the consumer (100). The trusted third party (102, 103) acts as an e-mail conduit for messages sent to member consumers (100).

Analysis of Abuse-Free Contract Signing

Abstract: Optimistic contract signing protocols may involve subprotocols that allow a contract to be signed normally or aborted or resolved by a third party. Since there are many ways these subprotocols might interact, protocol analysis involves consideration of a number of complicated cases. With the help of Murk?, a finite-state verification tool, we analyze the abuse-free optimistic contract signing protocol of Garay, Jakobsson, and MacKenzie. In addition to verifying a nmnber of subtle properties, we discover an attack in which negligence or corruption of the trusted third party may allow abuse or unfairness. Contrary to the intent of the protocol, the cheated party is not able to hold the third party accountable. In addition to analyzing a modification to the protocol that avoids these problems, we discuss issues involved in the application of finite-state analysis to fair exchange protocols, in particular models of fairness guarantees, abuse, and corrupt protocol participants.

A Fair-exchange E-commerce Protocol with Automated Dispute Resolution

Abstract: In this paper, we present a fair-exchange electronic commerce (e-commerce) protocol, based on using an online trusted third party, that ensures fairness and prevents any party from gaining advantage by quitting prematurely from the transaction or otherwise misbehaving. An important contribution of this protocol is that the dispute resolution is taken care of within the protocol itself and does not require manual intervention. Thus even if one of the parties disappear after the transaction completion, the other party does not suffer in any manner. Another noteworthy contribution is that the protocol allows the customer to verify that the product he is about to receive is the one he actually ordered, before the customer pays for the product. At the same time it ensures that the customer receives the product if and only if the merchant gets paid for the product. All these features are achieved without significantly increasing the communication overhead or interactions with the third party as compared with similar protocols.

An Efficient Protocol for Certified Electronic Mail

Abstract: Certified electronic mail is a kind of fair exchange of values: a message for a receipt. An exchange is fair if at the end of the exchange, either each party receives the item it expects or neither party receives any useful information about the other's item. Fairness can be achieved through the involvement of a trusted third party (TTP). It is very interesting (and practical) the optimistic approach of involving a third party only in the case of exceptions: one party cannot obtain the expected item from the other party. Previous solutions using this approach implicitly assumed that players had reliable communication channels to the third party [2]. In this paper, we present an efficient (only three steps, the minimum), optimistic and fair protocol for certified electronic mail.

Method and apparatus for a secure communications session with a remote system via an access-controlling intermediate system

Abstract: A security protocol entity ( 20 ) is provided that includes a mechanism for enabling a first party ( 11 ) to communicate securely with a second party ( 60 ) through an access-controlling intermediate party ( 13 ) by nesting within a first security session ( 64 ) established with the intermediate party ( 13 ) a second security session ( 65 ) with the second party ( 60 ). The protocol data units, PDUs, associated with the second security session ( 65 ) are encapsulated in PDUs associated with the first security session ( 64 ) when sent out by the first party, the intermediate party extracting the encapsulated PDUs for sending on to the second party (possibly with a change to the destination address included in the PDU to be sent on). Each PDU includes a message type field explicitly indicating to the intermediate party ( 13 ) if a received PDU encapsulates another PDU intended to be sent on. The establishment of a security session between two parties is made dependent on each party proving by attribute certificates that it has certain attributes required of it by the other party. Where the intermediate party ( 13 ) fronts for the second party ( 60 ) and the first party ( 11 ) initially contacts the intermediate party in the belief that it is the second party, then the latter will indicate its relay status to the first party which can then request the intermediate party ( 13 ) to permit a tunnel to be established through it to the second party ( 60 ). The first party may place different attribute requirements on the intermediate party in its tunnel role to those initially expected of it when the first party thought it was the second party.

Secure Mobile Agent-Based Merchant Brokering in Distributed Marketplaces

Abstract: Cooperating merchants establish a distributed marketplace under the auspices of an independent market authority. Each merchant’s server is equipped with a trusted device, a smart card for example, provided by the market authority. The market authority plays the role of a trusted third party for the customer as well as for the merchants. This paper describes protocols that prevent the malicious alteration of the data collected by visiting mobile agents roaming through the marketplace without being detectable by subsequent servers or by the owner of the agent upon its return. Another protocol makes the trusted device a secure execution platform for routines provided by the agent owner.

Used trusted co-servers to enhance security of web interaction

Abstract: A trusted co-server, and a method of using a trusted co-server, for a service provider. The co-server executes a program such that: for multiple parties P 0 –P n (where P o is said co-server), each party P i may (optionally) provide input I i , and then said co-server carries out N functions: F i (i o . . . I n ) describes what the co-server returns to party P i . The preferred embodiment of the invention raises the trust level of the computation and data storage at the server. For instance, this invention may be witness to authenticity of certain data coming back to the client. This data can include assertions from the trusted co-server about the server content and configuration. The invention, also, can provide privacy of data going back to the server, by keeping it encrypted between the client and the co-server, and then re-encrypting it before inserting it into the server. With this invention, the user can trust the integrity of the computation occurring at the co-server—even if the server operator might be motivated to subvert it. The co-server also provides a trusted haven for computation relevant to third parties who may also have an interest in the client-server interaction.

Avoiding loss of fairness owing to process crashes in fair data exchange protocols

Abstract: Fair exchange between two or more potentially mutually distrusted parties has been identified as an important issue in electronic commerce. However, the correctness (fairness) of the existing fair exchange protocols that use a trusted third party (TTP) is based on the assumption that, during an exchange, there are no failures at any of the local systems involved in the exchange, which is too strong in many situations. This paper points out that (1) system failures could cause loss of fairness, and (2) existing fair exchange protocols that use TTPs cannot ensure fairness in presence of system failures. We present a systematic way to develop such data exchange systems that can recover from system failures without losing fairness. We identify a set of fairness loss risks caused by local system failures. We identify a fault-tolerance correctness criterion for fair data exchange, denoted "fairness-lossless recoverability". A fairness-lossless recoverable fair exchange system is immune from the set of fairness loss risks. Standard message logging approaches are then studied and extended to achieve fairness-lossless recoverability with good performance.

Negotiating for software services

Abstract: We are investigating how the routine use of engineering meta-applications can be made financially viable by using a software and hardware on-demand business model supported by an agent based electronic marketplace. The authors explains how their work has combined Web, agent and security technologies to create a robust and secure Internet based marketplace in which a trusted third party provides negotiation services between software application users and third party hardware and software service providers.

System for secure transactions

Abstract: A multimedia network (1) with connected customer stations (2), merchant servers (3), and a payment server (5). Secure electronic transactions are performed using a secure electronic transactions protocol (SET), including exchange of digital certificates, managed by a Trusted Third Party Server (9). The customer stations comprise transactions management means (10), fit for performing said SET protocol and for managing said certificates for the customer station. A remote customer agent (13) represents the customer station in the negotiation and payment process. The customer station (2) comprises an agent interface (12), fit for transmission of codes, parameters and certificates between the customer agent (13) and the transactions management means (10). A remote merchant agent (14) represents the merchant station (3) in the negotiation and payment process with the customer agent (13) or the customer station (3), to have paid for the selected products in a secure way, under control of SET protocol.

Certified electronic mail protocol resistant to a minority of malicious third parties

Abstract: We present the design of a protocol for certified e-mail. Some proposed certified e-mail protocols involve a third party in order to guarantee a fair exchange. Users, therefore, have to deposit a great amount of trust in a remote third party. In addition to that, the third party can become a communication bottleneck. We propose a protocol that involves an organisation of third parties, but only in case of exception. It reduces the amount of trust deposited in the third parties, because a minority of malicious third parties cannot compromise the fairness of the exchange, since all the third parties make a decision voted on by members.

Fair on-line gambling

Abstract: This paper proposes a fair electronic gambling scheme for the Internet. The proposed scheme provides a unique link between payment and gambling outcome so that the winner can be ensured to get the payment. Since an optimal fair exchange method is used in gambling message exchange the proposed system guarantees that no one can successfully cheat during a gambling process. Our system requires an off-line Trusted Third Party (TTP). If a cheating occurs, the TTP can resolve the problem and make the gambling process fair.

Method and apparatus for leveraging an existing cryptographic infrastructure

Abstract: A method for creating a digital certificate for a user issued by a reliant party, where the reliant party relies on an established cryptographic infrastructure by a registration or certificate authority is described. The registration authority, typically a large financial or credit institution, has already performed the initial overhead steps necessary for a digital authentication system using a chip card. These steps include minting and distributing the chip card, establishing that the key pair and card are given to the right person, and creating the certificate library. The reliant party leverages this cryptographic infrastructure to issue its own digital certificate and certificate chain to a user already having a chip card from the registration authority. Consequently, a user can have additional digital certificates issued to him without having his chip card modified in any way. All additional digital certificates created for a user are stored at a user-specific memory area in a remote certificate library.

Agent negotiation in trusted third party mediated uncertain games

Abstract: Traditional game theoretic reasoning for agent negotiation usually bases on the assumption of rationality of agents who are supposed to be expected utility maximizers. The utility functions that express preferences of agents over goods, states or money are essential in decision making of rational agents. However, the utility functions are very sensitive to agent wealth levels. Furthermore, to obtain the utility functions and wealth levels of other agents during the negotiation are extremely difficult tasks that are almost impractical in reality. In this paper, we propose a way of get around with the problems by assuming the game theoretic decision making of rational agents be based on a monetary payoff game matrix instead of a utility payoff matrix. We extend the work of Wu and Soo [14,15,16] who developed the negotiation mechanisms with a trusted third party as a mediator for agents to ri~ach a stable equilibrium state under uncertain games. We discuss how the negotiation results based on the monetary payoff game matrix may be affected by different risk preferences of negotiating rational agents.

Key Recovery in Third Generation Wireless Communication Systems

Abstract: Future mobile communications networks, so called third generation systems, may need end-to-end security in some applications involving value-added services such as providing secure communications between a user and a bank in electronic commerce The provision of end-to-end security may require mechanisms for key recovery In this paper we identify security flaws with a previous published protocol for key recovery in such networks A new key recovery protocol which overcomes these flaws is presented