Trusted third party

About: Trusted third party is a research topic. Over the lifetime, 2919 publications have been published within this topic receiving 60935 citations.

Scrutinizing Trust and Transparency in Cash on Delivery Systems

Abstract: Most of the current decentralized blockchain approaches have disadvantages that need to be improved to have efficiency and completion. First, there is no motivation for any participants to take action honestly. Seller, buyer, and shipper do not trust each other completely. Second, the delivery depends on a trusted third party or arbitrator to act as a deposit and keep all the money from the start of the sales process until the end. Only a trusted third party who keeps money could be a focal point of failure and also costly. Moreover, there is no dispute settlement mechanism if it occurs. Therefore, there will be a loss for the seller, buyer, or both sides for any acts of dishonesty. In this article, we review technology deployment and develop distribution solutions using blockchain technology. We use Hyperledger Composer in our system to protect the rights of merchants and smart contracts to remove any third party or arbitrator.

Method and apparatus for accepting a digital identity of a user based on transitive trust among parties

Abstract: Method and apparatus for accepting a digital identity of a user based on transitive trust among parties are described. One aspect of the invention relates to managing a digital identity of a user. The digital identity is provided to a first party, where the digital identity includes a self-asserted claim. An acceptance token is obtained from the first party. The acceptance token purports authenticity of the self-asserted claim according to the first party. The digital identity and the acceptance token are provided to a second party to request validation of the self-asserted claim by the second party based on the acceptance token.

Cross-Certification Towards Distributed Authentication Infrastructure: A Case of Hyperledger Fabric

Abstract: In Internet of Things ecosystems, where various entities trade data and data analysis results, public key infrastructure plays an important role in establishing trust relationships between these entities to specify who trusts whose private keys. The owner of a private key is provided with a public key certificate issued by a certificate authority (CA) representing a trusted third party. Although this certificate ensures the reliability of the ecosystem by verifying the data source and preventing the denial of trading, it often causes an overconcentration of trust in a particular CA. Consequently, if that CA is infringed, all the related trust relationships become compromised. The paper proposes a distributed authentication infrastructure called Meta-PKI that decentralizes such overconcentration via a cross-certification procedure performed by multiple CAs. Although cross-certification is capable of establishing mutual trust relationships, it does not evaluate the trustworthiness of other CAs in a standardized manner. Therefore, this paper also proposes a new cross-certification method using a distributed ledger technology for building trust relationships based on unified criteria. It also describes the implementation of a Meta-PKI system for Hyperledger Fabric as a proof of concept. Once trust relationships have been established, it takes approximately 65.7 ms to validate them using the proposed system, which is secure against CA takeover and spoofing by outsider attackers.

Malleable Signatures for Resource Constrained Platforms

Abstract: Malleable signatures allow the signer to control alterations to a signed document. The signer limits alterations to certain parties and to certain parts defined during signature generation. Admissible alterations do not invalidate the signature and do not involve the signer. These properties make them a versatile tool for several application domains, like e-business and health care. We implemented one secure redactable and three secure sanitizable signature schemes on secure, but computationally bounded, smart card. This allows for a secure and practically usable key management and meets legal standards of EU legislation. To gain speed we securely divided the computing tasks between the powerful host and the card; and we devise a new accumulator to yield a useable redactable scheme. The performance analysis of the four schemes shows only a small performance hit by the use of an off-the-shelf card.

T-Chain: A General Incentive Scheme for Cooperative Computing

Abstract: In this paper, we propose a simple, distributed, but highly efficient fairness-enforcing incentive mechanism for cooperative computing. The proposed mechanism, called triangle chaining (T-Chain), enforces reciprocity to avoid the exploitable aspects of the schemes that allow free-riding. In T-Chain, symmetric key cryptography provides the basis for a lightweight, almost-fair exchange protocol, which is coupled with a pay-it-forward mechanism. This combination increases the opportunity for multi-lateral exchanges and further maximizes the resource utilization of participants, each of whom is assumed to operate solely for his or her own benefit. T-Chain also provides barrier-free entry to newcomers with flexible resource allocation, allowing them to immediately benefit, and, therefore, is suitable for dynamic environments with high churn (i.e., turnover). T-Chain is distributed and simple to implement, as no trusted third party is required to monitor or enforce the scheme, nor is there any reliance on reputation information or tokens.