Anonymous reputation based reservations in e-commerce (AMNESIC)

Online reservation systems have grown over the last recent years to facilitate the purchase of goods and services. Generally, reservation systems require that customers provide some personal data to make a reservation effective. With this data, service providers can check the consumer history and decide if the user is trustable enough to get the reserve. Although the reputation of a user is a good metric to implement the access control of the system, providing personal and sensitive data to the system presents high privacy risks, since the interests of a user are totally known and tracked by an external entity. In this paper we design an anonymous reservation protocol that uses reputations to profile the users and control their access to the offered services, but at the same time it preserves their privacy not only from the seller but the service provider

Secure Mobile Agents in Electronic Commerce by Using Undetachable Signatures from Pairings

It is expect that mobile agents technology will bring significant benefits to electronic commerce. But security issues, especially threats from malicious hosts, become a great obstacle of widespread deployment of applications in electronic commerce based on mobile agents technology. Undetachable digital signature is a category of digital signatures to secure mobile agents against malicious hosts. An undetachable signature scheme by using encrypted functions from bilinear pairings was proposed in this paper. The security of this scheme base on the computational intractability of discrete logarithm problem and computational Diffe-Hellman problem on gap Diffle-Hellman group. Furthermore, the scheme satisfies all the requirements of a strong non-designated proxy signature i.e. verifiability, strong unforgeability, strong identifiability, strong undeniability and preventions of misuse. An undetachable threshold signature scheme that enable the customer to provide n mobile agents with ‘shares’ of the undetachable signature function is also provided. It is able to provide more reliability than classical undetachable signatures

A Novel Identity Based Blind Signature Scheme using DLP for E-Commerce

Abstract— Blind signatures are used in the most of the application where confidentiality and authenticity are the main issue. Blind signature scheme deals with concept where requester sends the request that the signer should sign on a blind message without looking at the content. Many ID based blind signature are proposed using bilinear pairings and elliptic curve. But the relative computation cost of the pairing in bilinear pairings and ID map into an elliptic curve are huge. In order to save the running time and the size of the signature, this paper proposed a scheme having the property of both concepts identity based blind signature that is based on Discrete Logarithm Problem, so as we know that DLP is a computational hard problem and hence the proposed scheme achieves all essential and secondary security prematurity. With the help of the proposed scheme, this paper implemented an E-commerce system in a secure way. E-commerce is one of the most concern applications of ID based blind signature scheme. E-commerce consisting selling and buying of products or services over the internet and open network. ID based blind signature scheme basically has been used enormously as a part of today’s focussed business. Our proposed scheme can be also be used in E-business, E-voting and E-cashing anywhere without any restriction DOI: 10.17762/ijritcc2321-8169.15060

Improvement of a convertible undeniable partially blind signature scheme

Undeniable signatures are the digital signatures that should be verified with the help of the signer. A signer may disavow a genuine document, if the signature is only verifiable with the aid of the signer under the condition that the signer is not honest. Undeniable signatures solve this problem by adding a new feature called the disavowal protocol in addition to the normal components of signature and verification. Disavowal protocol is able to prevent a dishonest signer from disavowing a valid signature. In some situations, an undeniable signature should be converted into a normal digital signature in order that the signature can be universally verified. Blind signatures are the digital signatures that help a user to get a signature on a message without revealing the content of the message to a signer. For the blind signatures, if the signer is able to make an agreement with the user, then the underlying signer may include some common information that is known to the user, then such signatures are partially blind signatures. Convertible undeniable partially blind signatures are of the features of undeniable signatures, blind signatures, convertible undeniable signatures, and partially blind signatures. Recently, a convertible undeniable partially blind signature scheme was presented. In this paper, we first analyse a security flaw of the convertible undeniable partially blind signature scheme. To address the security flaw, we present an improvement on the disavowal protocol. The improved scheme can prevent the signer from either proving that a given valid signature as invalid, or cheating the verifier

The Security Flaw of an Untraceable Signature Scheme

In 2003, Hwang et al. proposed a new blind signature based on the RSA cryptosystem. The Extended Euclidean algorithm is employed in their proposed scheme. They claimed that the proposed scheme was untraceable and it could meet all requirements of a blind signature. However, we find that the signer can still trace the blind signature applicant in some cases. Thus, we present the security flaw of Hwang et al.’s scheme in this paper

A two authorities electronic vote scheme

[EN] In this paper we propose a new electronic multi-authority voting system based on blind signatures. We focus on the open problem of the efficiency of electronic voting systems. Most of the proposed systems rely on complex architectures or expensive proofs, in this work we aim to reduce the time-complexity of the voting process, both for the voter and the authorities involved. Our system is focused on simplicity and it is based on the assumption of two unrelated entities. This simplicity makes our approach scalable and flexible to multiple kinds of elections. We propose a method that limits the number of authorities to only 2 of them; we reduce the overall number of modular operations; and, propose a method which cut downs the interactions needed to cast a vote. The result is a voting protocol whose complexity scales linearly with the number of votes.Larriba-Flor, AM.; Sempere Luna, JM.; López Rodríguez, D. (2020). A two authorities electronic vote scheme. Computers & Security. 97:1-12. https://doi.org/10.1016/j.cose.2020.101940S11297Bloom, B. H. (1970). Space/time trade-offs in hash coding with allowable errors. Communications of the ACM, 13(7), 422-426. doi:10.1145/362686.362692Brams S., Fishburn P.C.. 2007. Approval voting Springer ScienceCarroll, T. E., & Grosu, D. (2009). A secure and anonymous voter-controlled election scheme. Journal of Network and Computer Applications, 32(3), 599-606. doi:10.1016/j.jnca.2008.07.010Chaum, D. L. (1981). Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM, 24(2), 84-90. doi:10.1145/358549.358563Cramer, R., Gennaro, R., & Schoenmakers, B. (1997). A secure and optimally efficient multi-authority election scheme. European Transactions on Telecommunications, 8(5), 481-490. doi:10.1002/ett.4460080506Desmedt, Y. G. (2010). Threshold cryptography. European Transactions on Telecommunications, 5(4), 449-458. doi:10.1002/ett.4460050407Elgamal, T. (1985). A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Transactions on Information Theory, 31(4), 469-472. doi:10.1109/tit.1985.1057074Juang, W.-S. (2002). A Verifiable Multi-Authority Secret Election Allowing Abstention from Voting. The Computer Journal, 45(6), 672-682. doi:10.1093/comjnl/45.6.672Menezes A., van Oorschot P.C., Vanstone S.A.. 1996. Handbook of Applied Cryptography.Parhami, B. (1994). Voting algorithms. IEEE Transactions on Reliability, 43(4), 617-629. doi:10.1109/24.370218Rabin, M. O. (1980). Probabilistic Algorithms in Finite Fields. SIAM Journal on Computing, 9(2), 273-280. doi:10.1137/0209024Rabin, M. O. (1983). Transaction protection by beacons. Journal of Computer and System Sciences, 27(2), 256-267. doi:10.1016/0022-0000(83)90042-9Salazar, J. L., Piles, J. J., Ruiz-Mas, J., & Moreno-Jiménez, J. M. (2010). Security approaches in e-cognocracy. Computer Standards & Interfaces, 32(5-6), 256-265. doi:10.1016/j.csi.2010.01.004Nguyen, T. A. T., & Dang, T. K. (2013). Enhanced security in internet voting protocol using blind signature and dynamic ballots. Electronic Commerce Research, 13(3), 257-272. doi:10.1007/s10660-013-9120-5Wu, Z.-Y., Wu, J.-C., Lin, S.-C., & Wang, C. (2014). An electronic voting mechanism for fighting bribery and coercion. Journal of Network and Computer Applications, 40, 139-150. doi:10.1016/j.jnca.2013.09.011Yang, X., Yi, X., Nepal, S., Kelarev, A., & Han, F. (2018). A Secure Verifiable Ranked Choice Online Voting System Based on Homomorphic Encryption. IEEE Access, 6, 20506-20519. doi:10.1109/access.2018.2817518Yi, X., & Okamoto, E. (2013). Practical Internet voting system. Journal of Network and Computer Applications, 36(1), 378-387. doi:10.1016/j.jnca.2012.05.00

Implementation of a Secure Internet Voting Protocol

Voting is one of the most important activities in a democratic society. In a traditional voting environment voting process sometimes becomes quite inconvenient due to the reluctance of certain voters to visit a polling booth to cast votes besides involving huge social and human resources. The development of computer networks and elaboration of cryptographic techniques facilitate the implementation of electronic voting. In this work we propose a secure electronic voting protocol that is suitable for large scale voting over the Internet. The protocol allows a voter to cast his or her ballot anonymously, by exchanging untraceable yet authentic messages. The e-voting protocol is based on blind signatures and has the properties of anonymity, mobility, efficiency, robustness, authentication, uniqueness, and universal verifiability and coercion-resistant. The proposed protocol encompasses three distinct phases - that of registration phase, voting phase and counting phase involving five parties, the voter, certification centre, authentication server, voting server and a tallying server

Non-conventional digital signatures and their implementations – A review

The final publication is available at Springer via http://dx.doi.org/10.1007/978-3-319-19713-5_36The current technological scenario determines a profileration of trust domains, which are usually defined by validating the digital identity linked to each user. This validation entails critical assumptions about the way users’ privacy is handled, and this calls for new methods to construct and treat digital identities. Considering cryptography, identity management has been constructed and managed through conventional digital signatures. Nowadays, new types of digital signatures are required, and this transition should be guided by rigorous evaluation of the theoretical basis, but also by the selection of properly verified software means. This latter point is the core of this paper. We analyse the main non-conventional digital signatures that could endorse an adequate tradeoff betweeen security and privacy. This discussion is focused on practical software solutions that are already implemented and available online. The goal is to help security system designers to discern identity management functionalities through standard cryptographic software libraries.This work was supported by Comunidad de Madrid (Spain) under the project S2013/ICE-3095-CM (CIBERDINE) and the Spanish Government project TIN2010-19607