An optimistic fair e-commerce protocol for large e-goods

Suppose two entities that do not trust each other want to exchange some arbitrary data over a public channel. A fair exchange protocol ensures that both parties get what they want or neither gets anything. In this paper, a fair e-commerce protocol for large e-goods is proposed and implemented. The proposed protocol provides a method for the fair exchange of e-money for e-products, and a method for verifying the contents of the exchanged items. The protocol is optimistic and efficient such that when none of the parties tries to cheat, only three messages are sufficient. In case of disputes, three more messages are needed. Furthermore, the customer remains anonymous after the transaction; thus, no information about the customers' shopping habits can be gathered through the protocol. The implementation results show that the protocol is efficient and secure and that only a small number of cryptographic operations is sufficient

Dependability Auditing with Model Checking

Model checking offers a methodology for determining whether a model satisfies a list of correctness requirements. We propose a theory of dependability auditing with model checking based on four principles: (1) The modeling process should be partitioned into computational components and behavioral components as an aid to system understanding; (2) The complex system will be abstracted to create a model; (3) A language must be available that can represent and evaluate states and processes that evolve over time; (4) Given an adequate model and temporal specifications, a model checker can verify whether or not the input model is a model of that specification: the specification will not fail in the model. We demonstrate this theoretical framework with Web Services and electronic contracting

Design and development of crytographic fair exchange protocols

In this thesis, the problem of fair exchange on specific cases is addressed. The main idea of fair exchange is as follows: Two entities that do not trust each other want to exchange some arbitrary data over a communication network. Since they do not trust each other, neither party wants to transmit their own data before receiving the other entity's data. Even though either party could prove an unjust situation after termination of the protocol, if they are in different countries, solving disputes may require time and money due to the bureaucracy of international laws. In this thesis, a special application of fair exchange, a fair e-commerce protocol for large e-goods is designed and implemented. The proposed protocol provides a method for fair exchange of e-money to e-products, and a method for verifying the contents of the exchanged items. The presented protocol is efficient such that when none of the parties tries to cheat, only three messages are sufficient. In case of disputes, three more messages are needed. Furthermore, in most of the previously proposed protocols in the literature, e-goods are transferred multiple times among some entities. This situation is too costly when e-goods are large. In the presented protocol, e-goods are transferred only once. Another important property of the protocol is the anonymity of the customer; no information about the customers shopping habits can be gathered through the protocol. The implementation results show that the protocol is efficient and secure and that small number of cryptographic operations is sufficient. In addition to the fair e-commerce protocol, another special application of fair exchange, a fair multimedia exchange protocol using a different method is designed and implemented. This protocol is designed due to different requirements of different applications. In the fair multimedia exchange protocol, two entities want to exchange some multimedia files such as video or audio files. This protocol requires lower security and has a different a lower degree of fairness as compared to the fair e-commerce protocol. Fair multimedia exchange protocol uses a baby-step approach in which the probability of protocol completion is gradually increased over several cycles. In baby-step approach protocols, entities exchange pieces of the items, which they want to barter. At protocol completion, the complete items are formed by using the pieces exchanged

Design and Evaluate a Fair Exchange Protocol Based on Online Trusted Third Party (TTP)

One of the most crucial factors that e-commerce protocols should address is a fair exchange. In this research, an advanced method of cryptography coupled with the pay per use technique is used. A new electronic commerce protocol for the exchange of commodities is introduced. The proposed new protocol guarantees both features while addressing the main drawbacks associated with other related protocols. The new suggested e-commerce protocol is composed of two stages: pre-exchange and exchange stages. When the suggested new protocol is analysed with scrupulous protocol analysis, it attains fair exchange and a secure method of payment. The suggested new e-commerce protocol is more efficient than other related existing protocols. In this research “protocol prototype” and “model checking” is used for the purpose of authentication. The protocol prototype verifies that the suggested new protocol is executable when it's used in a real context. By experimental designs, this research shows the length of asymmetric keys as the biggest element that affects the efficiency of the protocol. When model-checking is applied in this protocol, the outcome indicates that the suggested protocol achieves the required features of fairness. Protocol extensions give those involved in the protocol the capacity to be resilient to failure. By using three methods of authentication, this research confirms that the new proposed protocol is well formulated. The work reported in this thesis first study the existing fair exchange protocols that solve the fairness problem. Then, propose more efficient protocol to solve the fairness problem. The original idea in this thesis is to reduce the communication overheads, risks and solve the bottleneck problems in the protocols that involve an online TTP

Sixth Workshop and Tutorial on Practical Use of Coloured Petri Nets and the CPN Tools Aarhus, Denmark, October 24-26, 2005

This booklet contains the proceedings of the Sixth Workshop on Practical Use of Coloured Petri Nets and the CPN Tools, October 24-26, 2005. The workshop is organised by the CPN group at the Department of Computer Science, University of Aarhus, Denmark. The papers are also available in electronic form via the web pages: http://www.daimi.au.dk/CPnets/workshop0