Study for Automatically Analysing Non-repudiation

While security issues such as secrecy and authentication have been studied intensively, most interest in non-repudiation protocols has only come in recent years. Non-repudiation services must ensure that when two parties exchange informations over a network, neither one nor the other can deny having participated in this communication. Consequently a non-repudiation protocol has to generate evidences of participation to be used in the case of a dispute. In this paper, we present a description of non-repudiation services, and illustrate them on the Fair Zhou-Gollmann protocol. Then we show how to define non-repudiation properties with the AVISPA tool and explain how they can be automatically verified

Criteria for Evaluating Authentication Systems

User authentication is an important component of information security. It is critical in addressing many concerns that consumers and business have over the risk of identity theft. However, there is no systematic method to measure how good an authentication mechanism is in a given business context. This paper outlines nine criteria businesses can use to assess authentication systems. With these criteria, businesses are better equipped to select authentication systems that meet the needs of both their organization and their customers, and provide better protection against identity theft and other computer crimes

Continuous certification of non-repudiation in cloud storage services

This paper presents a certification model for Non-repudiation (NR) of cloud storage services. NR, i.e., The possession of proofs that certain exchanges have taken place amongst interacting parties, is a significant security property for cloud data storage services. Our model for certifying NR is based on continuous monitoring and has been defined and realised according to the CUMULUS approach. It also corresponds to certification of level 3 maturity in the reference certification framework of Cloud Security Alliance

Automatic Methods for Analyzing Non-repudiation Protocole with an Active Intruder

International audienceNon-repudiation protocols have an important role in many areas where secured transactions with proofs of participation are necessary. Formal methods are clever and without error, therefore using them for verifying such protocols is crucial. In this purpose, we show how to partially represent non-repudiation as a combination of authentications on the Fair Zhou-Gollmann protocol. After discussing the limitations of this method, we define a new one based on the handling of the knowledge of protocol participants. This second method is general and of natural use, as it consists in adding simple annotations in the protocol specification. It is very easy to implement in tools able to handle participants knowledge. We have implemented it in the AVISPA Tool and analyzed the optimistic Cederquist-Corin-Dashti protocol, discovering two attacks. This extension of the AVISPA Tool for handling non-repudiation opens a highway to the specification of many other properties, without any more change in the tool itself

A Fair Multi-Party Non-Repudiation Scheme for Storage Clouds

ABSTRAC

A new dependable exchange protocol

Abstract As electronic transaction becomes common practice in real-world business, its dependability develops into a major concern, especially in critical transactions, e.g., electronic payment and electronic contract signing. Many recent fair-exchange protocols can recover the transaction from network failures; however, few can survive local system failures. In this paper, we propose a new Dependable Exchange Protocol. With proper convertible signature scheme and message logging method, the exchange protocol provides a recovery method for network and local system failures. To the best of our knowledge, this protocol is the first fault-tolerant exchange protocol in the context of offline TTP and asynchronous channels

DT-CP: a double-TTPs based contract-signing protocol with lower computational cost

This paper characterizes a contract signing protocol with high efficiency in Internet of Things. Recent studies show that existing contract-signing protocols can achieve abuse-freeness and resist inference attack, but cannot meet the high-efficiency and convenience requirement of the future Internet of things applications. To solve this problem, we propose a novel contract-signing protocol. Our proposed protocol includes two main parts: 1) we use the partial public key of the sender, instead of the zero-knowledge protocol, to verify the intermediate result; 2) we employ two independent Trusted Third Parties (TTPs) to prevent the honest-but-curious TTP. Our analysis shows that our double TTP protocol can not only result in lower computational cost, but also can achieve abuse-freeness with trapdoor commitment scheme. In a word, our proposed scheme performs better than the state of the art in terms of four metrics: encryption time, number of exponentiations, data to be exchanged and exchange steps in one round contract-signing

Design and implementation of extensible middleware for non-repudiable interactions

PhD ThesisNon-repudiation is an aspect of security that is concerned with the creation of irrefutable audits of an interaction. Ensuring the audit is irrefutable and verifiable by a third party is not a trivial task. A lot of supporting infrastructure is required which adds large expense to the interaction. This infrastructure comprises, (i) a non-repudiation aware run-time environment, (ii) several purpose built trusted services and (iii) an appropriate non-repudiation protocol. This thesis presents design and implementation of such an infrastructure. The runtime environment makes use of several trusted services to achieve external verification of the audit trail. Non-repudiation is achieved by executing fair non-repudiation protocols. The Fairness property of the non-repudiation protocol allows a participant to protect their own interests by preventing any party from gaining an advantage by misbehaviour. The infrastructure has two novel aspects; extensibility and support for automated implementation of protocols. Extensibility is achieved by implementing the infrastructure in middleware and by presenting a large variety of non-repudiable business interaction patterns to the application (a non-repudiable interaction pattern is a higher level protocol composed from one or more non-repudiation protocols). The middleware is highly configurable allowing new non-repudiation protocols and interaction patterns to be easily added, without disrupting the application. This thesis presents a rigorous mechanism for automated implementation of non-repudiation protocols. This ensures that the protocol being executed is that which was intended and verified by the protocol designer. A family of non-repudiation protocols are taken and inspected. This inspection allows a set of generic finite state machines to be produced. These finite state machines can be used to maintain protocol state and manage the sending and receiving of appropriate protocol messages. A concrete implementation of the run-time environment and the protocol generation techniques is presented. This implementation is based on industry supported Web service standards and services.EPSRC, The Hewlett Packard Arjuna La

Design and implementation of extensible middleware for non-repudiable interactions

Non-repudiation is an aspect of security that is concerned with the creation of irrefutable audits of an interaction. Ensuring the audit is irrefutable and verifiable by a third party is not a trivial task. A lot of supporting infrastructure is required which adds large expense to the interaction. This infrastructure comprises, (i) a non-repudiation aware run-time environment, (ii) several purpose built trusted services and (iii) an appropriate non-repudiation protocol. This thesis presents design and implementation of such an infrastructure. The runtime environment makes use of several trusted services to achieve external verification of the audit trail. Non-repudiation is achieved by executing fair non-repudiation protocols. The Fairness property of the non-repudiation protocol allows a participant to protect their own interests by preventing any party from gaining an advantage by misbehaviour. The infrastructure has two novel aspects; extensibility and support for automated implementation of protocols. Extensibility is achieved by implementing the infrastructure in middleware and by presenting a large variety of non-repudiable business interaction patterns to the application (a non-repudiable interaction pattern is a higher level protocol composed from one or more non-repudiation protocols). The middleware is highly configurable allowing new non-repudiation protocols and interaction patterns to be easily added, without disrupting the application. This thesis presents a rigorous mechanism for automated implementation of non-repudiation protocols. This ensures that the protocol being executed is that which was intended and verified by the protocol designer. A family of non-repudiation protocols are taken and inspected. This inspection allows a set of generic finite state machines to be produced. These finite state machines can be used to maintain protocol state and manage the sending and receiving of appropriate protocol messages. A concrete implementation of the run-time environment and the protocol generation techniques is presented. This implementation is based on industry supported Web service standards and services.EThOS - Electronic Theses Online ServiceEPSRC : Hewlett Packard Arjuna LabGBUnited Kingdo