An optimistic fair e-commerce protocol for large e-goods

Suppose two entities that do not trust each other want to exchange some arbitrary data over a public channel. A fair exchange protocol ensures that both parties get what they want or neither gets anything. In this paper, a fair e-commerce protocol for large e-goods is proposed and implemented. The proposed protocol provides a method for the fair exchange of e-money for e-products, and a method for verifying the contents of the exchanged items. The protocol is optimistic and efficient such that when none of the parties tries to cheat, only three messages are sufficient. In case of disputes, three more messages are needed. Furthermore, the customer remains anonymous after the transaction; thus, no information about the customers' shopping habits can be gathered through the protocol. The implementation results show that the protocol is efficient and secure and that only a small number of cryptographic operations is sufficient

A Fair and Secure Cluster Formation Process for Ad Hoc Networks

An efficient approach for organizing large ad hoc networks is to divide the nodes into multiple clusters and designate, for each cluster, a clusterhead which is responsible for holding intercluster control information. The role of a clusterhead entails rights and duties. On the one hand, it has a dominant position in front of the others because it manages the connectivity and has access to other node¿s sensitive information. But on the other hand, the clusterhead role also has some associated costs. Hence, in order to prevent malicious nodes from taking control of the group in a fraudulent way and avoid selfish attacks from suitable nodes, the clusterhead needs to be elected in a secure way. In this paper we present a novel solution that guarantees the clusterhead is elected in a cheat-proof manner

PKI Scalability Issues

This report surveys different PKI technologies such as PKIX and SPKI and the issues of PKI that affect scalability. Much focus is spent on certificate revocation methodologies and status verification systems such as CRLs, Delta-CRLs, CRS, Certificate Revocation Trees, Windowed Certificate Revocation, OCSP, SCVP and DVCS.Comment: 23 pages, 2 figure