Abstract
Certified e-mail delivery (CEMD) has become one of the basic requirement in performing business transactions over the Internet securely. How to construct fair protocols for certified e-mail delivery based on the RSA cryptosystem is of great interest.
Recently, Nenadic etc. proposed a novel RSA-based method for the verifiableand recoverable encrypted signature (VRES), and utilized it to construct a security protocol for certified e-mail delivery, which are claimed to provide strong fairness to ensure that the recipient receives the e-mail if and only if the sender receives the receipt. However, as a building block, their RSA-based VRES is totally breakable. This papers shows that an adversary can generate a valid VRES which cannot be recovered by the designated TTP, and hence the proposed certified e-mail delivery protocol cannot guarantee the required fairness.
Based on probabilistic signatures, we proposed a novel fair CEMD protocol which works with the RSA cryptosystem and guarantees strong fairness. Moreover, there is no need for a registration phase between a party and TTP, and the proposed protocol is more computation and communication efficient.
This is a preview of subscription content, log in via an institution to check access.
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Asokan, N., Shoup, V., Waidner, M.: Optimistic fair exchange of digital signatures. IEEE Journal on Selected Areas in Communications 18(4), 593–610 (2000)
Ateniese, G.: Verifiable encryption of digital signatures and applications. ACM Transactions on Information and System Security 7,1, 1–20 (2004)
Ateniese, G., Nita-Rotaru, C.: Stateless-recipient certified E-mail system based on verifiable encryption. In: Preneel, B. (ed.) CT-RSA 2002. LNCS, vol. 2271, pp. 182–199. Springer, Heidelberg (2002)
Bao, F., Deng, R., Mao, W.: Efficient and practical fair exchange protocols with off-line TTP. In: Proc. IEEE Symposium on Security and Privacy, pp. 77–85 (1998)
Boyd, C., Foo, E.: Off-line fair payment protocols using convertible signatures. In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998. LNCS, vol. 1514, pp. 271–285. Springer, Heidelberg (1998)
Camenisch, J.L., Michels, M.: Separability and efficiency for generic group signature schemes. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 106–121. Springer, Heidelberg (1999)
Chen, L.: Efficient fair exchange with verifiable confirmation of signatures. In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998. LNCS, vol. 1514, pp. 286–299. Springer, Heidelberg (1998)
Deng, R.H., Gong, L., Lazar, A.A., Wang, W.: Practical Protocols for Certified Electronic Mail. J. of Network and System Management 4(3), 279–297 (1996)
Even, S., Yacobi, Y.: Relations among public key signature schemes. Technical Report 175, Computer Science Dept., Technion, Israel (1980)
Franklin, M., Reiter, M.: Fair exchange with a semi-trusted third party. In: Proc. ACM conference on computer and communications security, Zurich, pp. 1–5 (1997)
Garay, J.A., Jakobsson, M., MacKenzie, P.D.: Abuse-free optimistic contract signing. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 449–466. Springer, Heidelberg (1999)
Schneier, B., Riordan, J.: A certified E-mail protocol. In: Proc. 13th Computer Security Applications Conference, pp. 347–352. ACM Press, New York (1998)
Ray, I., Ray, I.: An optimistic fair exchange E-commerce protocol with automated dispute resolution. In: Bauknecht, K., Madria, S.K., Pernul, G. (eds.) EC-Web 2000. LNCS, vol. 1875, pp. 84–93. Springer, Heidelberg (2000)
Nenadic, A., Zhang, N., Barton, S.: Fair certified E-mail delivery. In: Proc. ACM Symposium on Applied Computing (SAC 2004) - Computer Security Track, Nicosia, Cyprus, pp. 391–396 (2004)
Nenadic, A., Zhang, N., Barton, S.: FIDES-A middleware E-commerce security solution. In: Proc. 3rd European Conference on Information Warfare and Security (ECIW 2004), London, UK, pp. 295–304 (2004)
S/MIME. Secure Multipurpose Internet Mail Extensions, Available at, http://www.rsasecurity.com/standards/smime/
OpenPGP, An Open Specification for Pretty Good Privacy, Available at, http://www.ietf.org/html.charters/openpgp-charter.html
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Zhang, Z., Feng, D. (2005). Efficient Fair Certified E-Mail Delivery Based on RSA. In: Chen, G., Pan, Y., Guo, M., Lu, J. (eds) Parallel and Distributed Processing and Applications - ISPA 2005 Workshops. ISPA 2005. Lecture Notes in Computer Science, vol 3759. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11576259_41
Download citation
DOI: https://doi.org/10.1007/11576259_41
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-29770-3
Online ISBN: 978-3-540-32115-6
eBook Packages: Computer ScienceComputer Science (R0)