scispace - formally typeset
Search or ask a question

Showing papers on "Trusted third party published in 2006"


Proceedings ArticleDOI
21 May 2006
TL;DR: In this paper, the authors show how strong mutual authentication can be achieved even with a unidirectional visual channel, without having to switch device roles, by adopting recently proposed improved pairing protocols.
Abstract: Recently several researchers and practitioners have begun to address the problem of how to set up secure communication between two devices without the assistance of a trusted third party. McCune et al., (2005) proposed that one device displays the hash of its public key in the form of a barcode, and the other device reads it using a camera. Mutual authentication requires switching the roles of the devices and repeating the above process in the reverse direction. In this paper, we show how strong mutual authentication can be achieved even with a unidirectional visual channel, without having to switch device roles. By adopting recently proposed improved pairing protocols, we propose how visual channel authentication can be used even on devices that have very limited displaying capabilities.

220 citations


Posted Content
TL;DR: This paper shows how strong mutual authentication can be achieved even with a unidirectional visual channel, without having to switch device roles, even on devices that have very limited displaying capabilities.
Abstract: Recently several researchers and practitioners have begun to address the problem of secure device pairing or how to set up secure communication between two devices without the assistance of a trusted third party. McCune, et al. [12] proposed Seeing-is-Believing (SiB), a system which uses a visual channel. The SiB visual channel consists of one device displaying the hash of its public key in the form of a two-dimensional barcode, and the other device reading this information using a photo camera. Strong mutual authentication in SiB requires running two separate unilateral authentication steps. In this paper, we show how strong mutual authentication can be achieved even with a unidirectional visual channel, where SiB could provide only a weaker property termed as presence. This could help reduce the SiB execution time and improve usability. By adopting recently proposed improved pairing protocols, we propose how visual channel authentication can be used even on devices that have very limited displaying capabilities, all the way down to a device whose display consists of a cheap single light-source, such as an LED. We also describe a new video codec that may be used to improve execution time of pairing in limited display devices, and can be used for other applications besides pairing.

192 citations


Patent
15 Mar 2006
TL;DR: In this paper, a system and a method are disclosed that includes a first party with a terminal and a one-time password token, one or more second parties, each with a host application system and an authentication server, and a third party with an authentication master server.
Abstract: A system and a method are disclosed that includes a first party with a terminal and a one-time password token, one or more second parties, each with a host application system and a service provider authentication server, and a third party with a host application system and a master authentication server. The first party uses a single one-time password token with a single personal identification number (PIN) to access the one or more second parties. A third party issues the token to the first party and synchronizes token secrets and parameters with the one or more second parties. This offloads token management from the second parties and allows the second parties to directly authenticate the first party. The authentication of the first party by the second party does not involve the third party.

182 citations


Book ChapterDOI
27 Feb 2006
TL;DR: In this paper, the authors consider the problem of constructing secure auctions based on techniques from modern cryptography and combine knowledge from economics, threshold cryptography and security engineering to implement secure auctions for practical real-world problems.
Abstract: In this paper we consider the problem of constructing secure auctions based on techniques from modern cryptography We combine knowledge from economics, threshold cryptography and security engineering to implement secure auctions for practical real-world problems

114 citations


Patent
10 Mar 2006
TL;DR: In this article, a method and system for authenticating the identity of a consumer is disclosed, and the consumer designates accounts that the consumer wishes to "lock" without requiring further input from the consumer.
Abstract: A method and system for authenticating the identity of a consumer is disclosed. After the consumer is authenticated by a trusted third party, the consumer designates accounts that the consumer wishes to “lock.” When a party requests access to that account, the consumer is notified through the consumer's phone and asked to input a PIN. If the consumer provides the PIN, the requestor is granted access to the consumer's account without requiring further input from the consumer. If the party authorizing the transaction in this “two-factor” authentication does not possess both the phone and the consumer's PIN, or that party elects not to provide the PIN, the request will not be authenticated.

84 citations


Patent
25 Jan 2006
TL;DR: In this article, the authentication of parties involved in transactions performed remotely over a network, such as the Internet, is discussed, where a first party initiates a transaction with a second party, and the second party can request authentication of the first party.
Abstract: The present invention relates to the authentication of parties involved in transactions performed remotely over a network, such as the Internet. When a first party initiates a transaction with a second party, the second party can request authentication of the first party. Authentication is carried out by sending a communication to the first party, which includes a redirection to a transaction specific location,. At the transaction specific location the first party is required to approve the transaction as well as answer some identifying question or questions. If the transaction is approved and the question or questions answered correctly, the second party is informed that the transaction can be approved.

80 citations


Journal ArticleDOI
03 Apr 2006
TL;DR: A secure buyer-seller watermarking protocol without the assistance of a TTP is proposed in which there are only two participants, a seller and a buyer, which can trace piracy and protect the customer's rights.
Abstract: In the existing watermarking protocols, a trusted third party (TTP) is introduced to guarantee that a protocol is fair to both the seller and buyer in a digital content transaction. However, the TTP decreases the security and affects the protocol implementa- tion. To address this issue, in this article a secure buyer-seller watermarking protocol without the assistance of a TTP is proposed in which there are only two participants, a seller and a buyer. Based on the idea of sharing a secret, a watermark embedded in digital content to trace piracy is composed of two pieces of secret information, one produced by the seller and one by the buyer. Since neither knows the exact watermark, the buyer cannot remove the watermark from watermarked digital content, and at the same time the seller cannot fabricate piracy to frame an innocent buyer. In other words, the proposed protocol can trace piracy and protect the customer's rights. In addition, because no third party is introduced into the proposed protocol, the problem of a seller (or a buyer) colluding with a third party to cheat the buyer (or the seller), namely, the conspiracy problem, can be avoided.

71 citations


Patent
26 Jul 2006
TL;DR: In this paper, a payment system (1300) builds a database of reasonably verified voice prints for verifying a consumer's (1308) authorization for a transaction, which is then digitized into a voice print and stored in the database with the payment request.
Abstract: Improved systems and methods for financial transactions through a trusted third party entity that improve the security of the transactions. A payment system (1300) may build a database of reasonably verified voice prints for verifying a consumer's (1308) authorization for a transaction. The method comprises receiving a payment request from a consumer (1308) to transfer a valued asset from an account to a seller (1310). The method further comprises receiving from the consumer (1308) a vocal authorization for the payment request. The vocal authorization may then be digitized into a voice print and stored in the database with the payment request. In response to receiving the voice authorization, the payment system (1300) completes the payment request for the consumer (1308) and transfers the valued asset from the account to the seller (1310). The voice print may then be used for verifying the identity of a consumer (1308) making a subsequent payment from the account.

61 citations


Book ChapterDOI
18 Sep 2006
TL;DR: This work introduces the TrustedPals framework, an efficient smart card based implementation of SMC for any number of participating entities in such a model, and shows that in this model SMC can be implemented by reducing it to a fault-tolerance problem at the level of security modules.
Abstract: We study the problem of Secure Multi-party Computation (SMC) in a model where individual processes contain a tamper-proof security module, and introduce the TrustedPals framework, an efficient smart card based implementation of SMC for any number of participating entities in such a model. Security modules can be trusted by other processes and can establish secure channels between each other. However, their availability is restricted by their host, that is, a corrupted party can stop the computation of its own security module as well as drop any message sent by or to its security module. We show that in this model SMC can be implemented by reducing it to a fault-tolerance problem at the level of security modules. Since the critical part of the computation can be executed locally on the smart card, we can compute any function securely with a protocol complexity which is polynomial only in the number of processes (that is, the complexity does not depend on the function which is computed), in contrast to previous approaches.

49 citations


Journal ArticleDOI
TL;DR: The design, correctness, and fault tolerance of authentication over insecure asynchronous networks are addressed, and an anti-entropy version of the protocol is developed to provide lazy authentication with logarithmic messaging cost.

48 citations


Patent
29 Jun 2006
TL;DR: In this article, a system for establishing anonymous communications includes a plurality of party terminals, a majority of requester terminals, and a central controller, which receives and stores party data about respective parties.
Abstract: A system for establishing anonymous communications includes a plurality of party terminals, a plurality of requester terminals, and a central controller. The system receives and stores party data about respective parties. In some embodiments, a party may be a homeowner. Upon receiving criteria for parties of interest from a requester terminal and authorization from respective parties, the central controller releases to the requester party associated with the parties. The system also establishes communications channels between parties and the requestor, while maintaining their anonymity.

Proceedings ArticleDOI
05 Jun 2006
TL;DR: In this article, the authors describe a group key management protocol for hierarchical sensor networks where instead of using pre-deployed keys, each sensor node generates a partial key dynamically using a function.
Abstract: In this paper, we describe group key management protocols for hierarchical sensor networks where instead of using pre-deployed keys, each sensor node generates a partial key dynamically using a function. The function takes partial keys of its children as input. The design of the protocol is motivated by the fact that traditional cryptographic techniques are impractical in sensor networks because of high energy and computational overheads. The group key management protocol supports the establishment of two types of group keys; one for the sensor nodes within a group, and the other in a group of cluster heads. The protocol handles freshness of the group key dynamically, and eliminates the involvement of a trusted third party (TTP). We have experimentally evaluated the time and energy consumption in broadcasting partial keys and group key under two sensor routing protocols (tiny-AODV and tiny-diffusion) by varying the number of nodes and key sizes. The performance study provides the optimum number of partial keys needed for computing the group key to balance the available security and power consumption. The experimental study also concludes that the energy consumption in SPIN increases rapidly as the number of group members increases in comparison to our protocol.

Journal ArticleDOI
TL;DR: This work presents a multiparty simultaneous quantum identity authentication protocol based on entanglement swapping that can be authenticated by a trusted third party simultaneously.
Abstract: We present a multiparty simultaneous quantum identity authentication protocol based on entanglement swapping. In our protocol, the multi-user can be authenticated by a trusted third party simultaneously.

01 Jan 2006
TL;DR: The name, construct and specify an implementation for this new cryptographic primitive, “Time-Lapse Cryptography”, with which a sender can encrypt a message so that it is guaranteed to be revealed at an exact moment in the future, even if this revelation turns out to be undesirable to the sender.
Abstract: The notion of “sending a secret message to the future” has been around for over a decade. Despite this, no solution to this problem is in common use, or even attained widespread acceptance as a fundamental cryptographic primitive. We name, construct and specify an implementation for this new cryptographic primitive, “Time-Lapse Cryptography”, with which a sender can encrypt a message so that it is guaranteed to be revealed at an exact moment in the future, even if this revelation turns out to be undesirable to the sender. Our solution combines new ideas with Pedersen distributed key generation, Feldman verifiable threshold secret sharing, and ElGamal encryption, all of which rest upon the single, broadly accepted Decisional Diffie-Hellman assumption. We develop a Time-Lapse Cryptography Service (“the Service”) based on a network of parties who jointly perform the service. The protocol is practical and secure: at a given time T the Service publishes a public key so that anyone can use it, even anonymously. Senders encrypt their messages with this public key whose private key is not known to anyone – not even a trusted third party – until a predefined and specific future time T + δ, at which point the private key is constructed and published. At or after that time, anyone can decrypt the ciphertext using this private key. The Service is envisioned as a public utility publishing a continuous stream of encryption keys and subsequent corresponding time-lapse decryption keys. We complement our theoretical foundation with descriptions of specific attacks and defenses, and describe important applications of our service in sealed bid auctions, insider stock sales, clinical trials, and electronic voting. ∗Supported in part by National Science Foundation grant CNS-0205423.

Patent
Lauri Tarkkala1, Nadarajah Asokan1
11 May 2006
TL;DR: In this article, the authors present an approach to establish a trusted relationship between two mutually unknown communication parties in a communication system without the use of a trusted third party, which is based on non-interactive proofs of work being purpose-bound for establishing the trusted relationship.
Abstract: The present invention provides an establishment of a trusted relationship between two mutually unknown communication parties in a communication system without the use of a trusted third party. The invention is based on non-interactive proofs-of-work being purpose-bound for establishing the trusted relationship and cryptographically signing information to be transferred between the communication parties using such proofs-of- work for the solving of a problem instance along with verifying the proofs-of-work and generating a session object for a trusted relationship, when the verifying yields an affirmative result.

Patent
21 Mar 2006
TL;DR: In this paper, a knowledge-based challenge is issued to the user, and the response is compared to stored data by the verification service, to authenticate the user identity, capability and authorization for the proposed transaction without disclosing private data to the vendor.
Abstract: Risk of personal identity theft, especially in connection with on-line commerce, is mitigated by maintaining private data in a secure database maintained by a trusted third party verification service. To authenticate the identity of a user or customer, in one embodiment, a knowledge-based challenge is issued to the user, and the response is compared to stored data by the verification service. The verification service reports to the vendor, to authenticate the user identity, capability and or authorization for the proposed transaction without disclosing private data to the vendor.

Journal ArticleDOI
TL;DR: It is argued that it is really meaningful in practice to exploit generic fair non-repudiation protocols with transparent off-line trusted third party (TTP) to overcome some limitations and shortcomings in previous schemes.
Abstract: A non-repudiation protocol enables the fair exchange of an electronic message and an irrefutable digital receipt between two mistrusting parties over the Internet. That is, at the end of any execution instance of such a protocol, either both parties obtain their expected items or neither party does. In this paper, we first argue that it is really meaningful in practice to exploit generic fair non-repudiation protocols with transparent off-line trusted third party (TTP). Namely, in those protocols, each involved party could use any secure digital signature algorithm to produce non-repudiation evidences; and the issued evidences are the same regardless of whether the TTP is involved or not. Then, we present such a fair non-repudiation protocol to overcome some limitations and shortcomings in previous schemes. Technical discussions are provided to show that our protocol is not only secure but also the most efficient solution, compared with existing non-repudiation protocols. In addition, some potential extensions are also pointed out.

Journal ArticleDOI
01 Dec 2006
TL;DR: The results indicate that the transactions facilitated by the admediary can create significant value whereby every participating entity realizes increased benefits, underscore the potential of admediation to restore email as an effective communication media for online advertising.
Abstract: Since the advent of the Internet, email has emerged as an important new form of personal communication. The focus of this research is on commercial advertising through the email channel. We analyze the underlying economics of a business model termed admediation that facilitates effective first-contact email advertising. Admediary is a trusted third party that facilitates a mutually desirable communication between buyers and sellers via email, and operates under the 'opt-in' mode widely supported by the consumer advocacy groups. Our analytical model examines the incentive structures for all participating entities, and derives pricing strategies, profit implications and characteristics of the email lists. We develop and model a form of price discrimination we term sequential elimination price discrimination that can be practiced via email. Our results indicate that the transactions facilitated by the admediary can create significant value whereby every participating entity realizes increased benefits. These findings underscore the potential of admediation to restore email as an effective communication media for online advertising.

Journal ArticleDOI
TL;DR: The first part of this paper describes how to use software watermarking techniques in the mobile agent to detect manipulation attacks, and how the broker can be used to punish the malicious hosts.

Journal ArticleDOI
TL;DR: This work presents a multiparty simultaneous quantum identity authentication protocol based on entanglement swapping that can be authenticated by a trusted third party simultaneously.
Abstract: We present a multiparty simultaneous quantum identity authentication protocol based on entanglement swapping. In our protocol, the multi-user can be authenticated by a trusted third party simultaneously.

Journal ArticleDOI
TL;DR: In this article, the authors highlight the potential importance of aggregation and the role of trusted third parties in facilitating SMEs in e-business, against the background of low engagement by SMEs.
Abstract: It is against the background of low engagement by SMEs in e-business that this article seeks to highlight the potential importance of aggregation and of the role of trusted third parties in facilit

Proceedings ArticleDOI
04 Dec 2006
TL;DR: This paper discusses how a scalable solution to enabling secure and decentralized discovery protocols can be implemented and put to use, and how to extend the WS-discovery Web service protocol with such mechanisms.
Abstract: Dynamic and self-organizing systems like those found in ubiquitous computing or semantic web based scenarios raise numerous challenges regarding trust and privacy. Service discovery is a basic feature of SOA deployment in such systems, given that entities need to locate services they can describe but that they do not necessarily know. PKI based solutions to securing this mechanism, which require a preliminary key distribution, are therefore rendered awkward and contrived. In contrast, the new concept of Attribute Based Encryption, derived from Identity Based Encryption schemes, makes it possible to create secret communication channels with unknown services based solely on some attributes that are part of their description and in a decentralized fashion, that is, without the introduction of any additional trusted third party like a registry. This paper discusses how such a scalable solution to enabling secure and decentralized discovery protocols can be implemented and put to use. After reviewing the security properties that are expected, the paper then goes on to detail how to extend the WS-Discovery Web Service protocol with such mechanisms. Preliminary experimental results based on an implementation of this extended protocol are finally presented.

Patent
28 Jun 2006
TL;DR: In this paper, a system for anonymous communication where a first party, subscriber, stores private contact address information with a server controlled by a trusted third party is described, and the subscriber is associated with a token in the server database.
Abstract: A system for anonymous communication wherein a first party, subscriber, stores private contact address information with a server controlled by a trusted third party. The subscriber is associated with a token in the server database. The subscriber may publish the token with information of interest to a second party. The second party may then contact the server and provide the token. The server then enables communications between the first and second parties without either knowing the necessary contact information to independently make contact. The token may be published in any media and may be used to establish connection with email, voice, voice mail, e-chat rooms, or other communication media. In one embodiment, the third party may establish an account with the first party and may charge the first party for the communication service.

01 Jan 2006
TL;DR: Roles and market actors enabling new forms of co-operation and competition using Ambient Networks technology and concepts are described, which will stimulate an unbundled value network but will also facilitate the dynamic and flexible way of doing business in an environment with many access and service providers.
Abstract: This paper will describe roles and market actors enabling new forms of co-operation and competition using Ambient Networks technology and concepts. According to the Ambient Networks vision “any” user will be able to connect to “any” network, which will challenge traditional “one operator – one subscriber” solutions. Ambient Networks will stimulate an unbundled value network but will also facilitate the dynamic and flexible way of doing business in an environment with many access and service providers. The roles described in more detail in this paper are the Local Access Provider, Access Aggregator, Access Broker, Trusted Third Party, ClearingHouse, Compensation Service Provider and Service Aggregator

Book ChapterDOI
10 Jul 2006
TL;DR: A Dolev-Yao-based definition of abuse freeness for optimistic contract-signing protocols is proposed which incorporates a rigorous notion of what it means for an outside party to be convinced by a dishonest party that it has the ability to determine the outcome of the protocol with an honest party.
Abstract: We propose a Dolev-Yao-based definition of abuse freeness for optimistic contract-signing protocols which, unlike other definitions, incorporates a rigorous notion of what it means for an outside party to be convinced by a dishonest party that it has the ability to determine the outcome of the protocol with an honest party, i.e., to determine whether it will obtain a valid contract itself or whether it will prevent the honest party from obtaining a valid contract. Our definition involves a new notion of test (inspired by static equivalence) which the outside party can perform. We show that an optimistic contract-signing protocol proposed by Asokan, Shoup, and Waidner is abusive and that a protocol by Garay, Jakobsson, and MacKenzie is abuse-free according to our definition. Our analysis is based on a synchronous concurrent model in which parties can receive several messages at the same time. This results in new vulnerabilities of the protocols depending on how a trusted third party reacts in case it receives abort and resolve requests at the same time

01 Jan 2006
TL;DR: This work proposes a new model in which trust values are derived from a bilattice that preserves valuable trust provenance information including partial trust, partial distrust, ignorance and inconsistency and presents initial results on the first learning step, namely trust propagation through trusted third parties (TTPs).
Abstract: Social networks in which users or agents are connected to other agents and sources by trust relations are an important part of many web applications where information may come from multiple sources. Trust recommendations derived from these social networks are supposed to help agents develop their own opinions about how much they may trust other agents and sources. Despite the recent developments in the area, most of the trust models and metrics proposed so far tend to lose trust-related knowledge. We propose a new model in which trust values are derived from a bilattice that preserves valuable trust provenance information including partial trust, partial distrust, ignorance and inconsistency. We outline the problems that need to be addressed to construct a corresponding trust learning mechanism. We present initial results on the first learning step, namely trust propagation through trusted third parties (TTPs).

Journal ArticleDOI
TL;DR: The unlinkability property to anonymous accesses together with a tracing facility to existing proposals is added, which allows for anonymity revocation and tracing of unlinkable accesses.
Abstract: Purpose – To provide a cryptographic protocol for anonymously accessing services offered on the web. Such anonymous accesses can be disclosed or traced under certain conditions.Design/methodology/approach – The “traceable signature” scheme was used in conjunction with the “privilege management infrastructure”.Findings – The cryptographic primitive provides a suitable tool for anonymous and unlinkable access to web resources based on the privileges that users hold. Moreover, the scheme allows for anonymity revocation and tracing of unlinkable accesses.Research limitations/implications – The power of the attribute authority should be divided into several entities, one of them being a trusted third party, to avoid illicit disclosing of information.Practical implications – New systems with support for anonymous access to web resources can be developed.Originality/value – This paper adds the unlinkability property to anonymous accesses together with a tracing facility to existing proposals.

Journal ArticleDOI
TL;DR: This work proposes a new e-lottery scheme that can satisfy all the identified requirements without the presence of TTP for generating the winning numbers, yet the result of this generation is publicly verifiable.

Book ChapterDOI
01 Aug 2006
TL;DR: An authentication protocol for secure communications is proposed for secure home network environments and is designed to accept existing home networks based on public key infrastructure (PKI) and Authentication, Authorization, and Accounting (AAA), which both use Kerberos.
Abstract: The home network is a new IT technology environment for making an offer of convenient, safe, pleasant, and blessed lives to people, making it possible to be provided with various home network services by constructing home network infrastructure regardless of devices, time, and places. This can be done by connecting home devices based on wire and wireless communication networks, such as mobile communication, Internet, and sensor network. However, there are many risks involved, for example user privacy violations and service interference. Therefore, security service is required to block these risk elements, and user authentication is an essential component for secure home network service. It enables non-authorized persons not to use home network. In this paper, an authentication protocol for secure communications is proposed for secure home network environments. The proposed authentication protocol is designed to accept existing home networks based on public key infrastructure (PKI) and Authentication, Authorization, and Accounting (AAA), which both use Kerberos

01 Jan 2006
TL;DR: This thesis explores techniques for privacy-preserving distributed information sharing that are efficient, secure, and applicable to many situations, and proposes efficient techniques for Privacy-Preserving operations on multisets.
Abstract: In many important applications, a collection of mutually distrustful parties must share information, without compromising their privacy. Currently, these applications are often performed by using some form of a trusted third party (TTP); this TTP receives all players' inputs, computes the desired function, and returns the result. However, the level of trust that must be placed in such a TTP is often inadvisable, undesirable, or even illegal. In order to make many applications practical and secure, we must remove the TTP, replacing it with efficient protocols for privacy-preserving distributed information sharing. Thus, in this thesis we explore techniques for privacy-preserving distributed information sharing that are efficient, secure, and applicable to many situations. As an example of privacy-preserving information sharing, we propose efficient techniques for privacy-preserving operations on multisets. By building a framework of multiset operations, employing the mathematical properties of polynomials, we design efficient, secure, and composable methods to enable privacy-preserving computation of the union, intersection, and element reduction operations. We apply these techniques to a wide range of practical problems, including the Set-Intersection, Over-Threshold Set-Union, Cardinality Set-Intersection, and Threshold Set-Union problems. Additionally, we address the problem of determining Subset relations, and even use our techniques to evaluate CNF boolean formulae. We then examine the problem of hot item identification and publication, a problem closely related to Over-Threshold Set-Union. Many applications of this problem require greater efficiency and robustness than any previously-designed secure protocols for this problem. In order to achieve sufficiently efficient protocols for these problems, we define two new privacy properties: owner privacy and data privacy. Protocols that achieve these properties protect the privacy of each player's personal input set, as well as protecting information about the players' collective inputs. By designing our protocols to achieve owner and data privacy, we are able to significantly increase efficiency over our privacy-preserving set operations, while still protecting the privacy of participants. In addition, our protocols are extremely flexible - nodes can join and leave at any time.