Skip to main content
SpringerLink
Log in

Signing Contracts and Paying Electronically

  • Chapter
  • First Online:
Lectures on Data Security (EEF School 1998)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 1561))

Included in the following conference series:

Abstract

Motivated by the increasing use of cryptography, in particular digital signatures, to secure electronic commerce this paper discusses applications of digital signatures. The aim is to give an overview of some problems, which on one hand are related to electronic commerce and, on the other hand, are challenging from a cryptographic point of view. The paper first deals with fundamental techniques for establishing a public key infrastructure and for creating non-repudiation tokens. The latter makes it possible to use digital signatures to solve disputes which is often the ultimate goal when using digital signatures in practice. Next more advanced cryptographic protocols are discussed by giving an overview of protocols for fair exchange of signed documents as well as for implementing electronic cash (prepaid payment systems).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. ISO/IEC JTC 1/SC27. Information technology-Security techniques-Digital signature schemes giving message recovery-Part 1: Mechanisms using redundancy. Final draft of ISO International Standard 9796-1, 1991

    Google Scholar 

  2. ISO/IEC JTC 1/SC27. Information technology-Security techniques-Non repudiation-Part 1: General Model. ISO International Standard 13888-1, 1997.

    Google Scholar 

  3. ISO/IEC JTC 1/SC27. Information technology-Security techniques-Non repudiation-Part 3: Using asymmetric techniques. ISO International Standard 13888-3, 1997.

    Google Scholar 

  4. ISO/IEC JTC 1/SC27. Information technology-Security techniques-Digital signatures with appendix-Part 3: Certificate-based mechanisms. Final draft of ISO International Standard 14888-3, 1998.

    Google Scholar 

  5. ISO/IEC JTC 1/SC27. Information technology-Security techniques-Digital signatures with appendix-Part 1: General. Final draft of ISO International Standard 14888-1, 1998.

    Google Scholar 

  6. N. Asokan, Phil Janson, Michael Steiner, and Michael Waidner. State of the art in electronic payment systems. IEEE Computer, 30(9):28–35, September 1997.

    Google Scholar 

  7. R. Anderson, C. Manifavas, and C. Sutherland. NetCard-A Practical Electronic-Cash System. In Security Protocols, Lecture Notes in Computer Science, pages 49–58. Springer-Verlag, 1997.

    Google Scholar 

  8. N. Asokan, Matthias Schunter, and Michael Waidner. Optimistic Protocols for Fair Exchange. In 4th ACM Conference on Computer and Communications Security, pages 6–17. ACM Press, April 1997.

    Google Scholar 

  9. N. Asokan, Victor Shoup, and Michael Waidner. Optimistic Fair Exchange of Digital Signatures. In Advances in Cryptology-proceedings of EUROCRYPT 98, number 1403 in Lecture Notes in Computer Science, pages 591–606, Berlin, 1998. Springer-Verlag.

    Chapter  Google Scholar 

  10. [BBC+94]_J.-P. Boly, A. Bosselars, R. Cramer, R. Michelsen, S. Mjølsnes, F. Muller, B. Pfitzmann, P. de Rooij, B. Schoenmakers, M. Schunter, L. Vallé, and M. Waidner. The ESPRIT Project CAFE-High Security Digital Payment Systems. In Computer Security-ESORICS’94, volume 875 of Lecture Notes in Computer Science. Springer-Verlag, 1994.

    Google Scholar 

  11. E. Brickell, D. Chaum, I. Damgård, and J van de Graaf. Gradual and Verifiable Release of a Secret. In Advances in Cryptology-proceedings of CRYPTO 87, Lecture Notes in Computer Science, Berlin, 1988. Springer-Verlag.

    Google Scholar 

  12. M. Bellare and S. Micali. How to Sign given any Trapdoor Permutation. Journal of the Association for Computing Machinery, 39:214–233, 1992.

    MATH  MathSciNet  Google Scholar 

  13. Ben-Or, Goldreich, Micali, and Rivest. A Fair Protocol for Signing Contracts. IEEE trans. on Information Theory, 36:40–46, 1990.

    Article  Google Scholar 

  14. M. Bellare and P. Rogaway. Random Oracles are Practical: A Paradigm for Designing Efficient Protocols. In First ACM Conference on Computer and Communications Security, 1993.

    Google Scholar 

  15. S. Brands. Untraceable Off-line Cash in Wallet with Observers. In Advances in Cryptology-proceedings of CRYPTO 93, Lecture Notes in Computer Science, pages 302–318. Springer-Verlag, 1994.

    Chapter  Google Scholar 

  16. S. Brands. Off-Line Electronic Cash Based on Secret-Key Certificates. In Proceedings of LATIN’95, 1995. Also available as CWI technical report, CS-R9506.

    Google Scholar 

  17. D. Chaum, A. Fiat, and M. Naor. Untraceable Electronic Cash. In Advances in Cryptology-proceedings of CRYPTO 88, Lecture Notes in Computer Science, pages 319–327. Springer-Verlag, 1990.

    Chapter  Google Scholar 

  18. D. Chaum. Blind signatures for untraceable payments. In Advances in Cryptology-proceedings of CRYPTO 82, pages 199–203, 1983.

    Google Scholar 

  19. D. Chaum and T. P. Pedersen. Transferred Cash Grows in Size. In Advances in Cryptology-proceedings of EURO CRYPT 92, Lecture Notes in Computer Science, pages 390–407. Springer-Verlag, 1993.

    Google Scholar 

  20. Cryptomathic. Mandate. See http://www.cryptomathic.dk. Describes a payment system based on electronic cheques.

  21. I. Damgård. Practical and Provably Secure Release of a Secret and Exchange of Signatures. In Advances in Cryptology-proceedings of EURO-CRYPT 93, number 765 in Lecture Notes in Computer Science, pages 200–217, Berlin, 1994. Springer-Verlag.

    Google Scholar 

  22. DEC. Milliscent. See http://www.millicent.digital.com.

  23. W. Diffie and M. E. Hellman. New Directions in Cryptography. IEEE Trans. Inform. Theory, IT-22(6):644–654, November 1976.

    Google Scholar 

  24. Digital Signature Standard. Federal Information Processing Standards Publication 186, U.S. National Institute of Standards and Technology (NIST), February 1993. Draft.

    Google Scholar 

  25. T. El Gamal. A Public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms. In Advances in Cryptology-proceedings of CRYPTO 84, Lecture Notes in Computer Science, pages 10–18. Springer-Verlag, 1985.

    Google Scholar 

  26. U. Feige, A. Fiat, and A. Shamir. Zero-knowledge proofs of identity. Journal of Cryptology, 1(2):77–94, 1988.

    Article  MATH  MathSciNet  Google Scholar 

  27. A. Fiat and A. Shamir. How to prove yourself: Practical solutions to identification and signature problems. In Advances in Cryptology-proceedings of EUROCRYPT 86, Lecture Notes in Computer Science, pages 186–194. Springer-Verlag, 1987.

    Google Scholar 

  28. FSTC. Electronic check proposal. Technical report, Financial Services Technology Consortium, 1995.

    Google Scholar 

  29. S. Goldwasser, S. Micali, and R. L. Rivest. A Digital Signature Scheme Secure against Adaptive Chosen Message Attack. SI AM Journal on Computing, 17(2):281–308, April 1988.

    Google Scholar 

  30. S. Goldwasser, S. Micali, and C. Rackoff. The Knowledge Complexity of Interactive Proof-Systems. SI AM Journal of Computation, 18(1):186–208, 1989.

    Article  MATH  MathSciNet  Google Scholar 

  31. O. Goldreich, S. Micali, and A. Wigderson. Proofs that yield nothing but their validity and a methodology of cryptographic protocol design. In Proceedings of the 27th IEEE Symposium on the Foundations of Computer Science, pages 174–187, 1986.

    Google Scholar 

  32. L. C. Guillou and J.-J. Quisquater. A Practical Zero-Knowledge Protocol Fitted to Security Microprocessor Minimizing both Transmission and Memory. In Advances in Cryptology-proceedings of EUROCRYPT 88, Lecture Notes in Computer Science, pages 123–128. Springer-Verlag, 1989.

    Google Scholar 

  33. S. Haber and W.S. Stornetta. How To Time-Stamp a Digital Document. Journal of Cryptology, 3(2):99–111, 1991.

    Article  Google Scholar 

  34. R. Hauser, M. Steiner, and M. Waidner. Micro-Payments based on iKP. Technical Report RZ 2791, IBM Zürich Research Laboratory, February 1996.

    Google Scholar 

  35. IBM. See http://www.hrl.il.ibm.com/mpay/.

  36. Electronic Data Interchange for Administration, Commerce and Transport (EDIFACT)-Application Level Syntax Rules, Part 9: Security Key and Certificate Management Message (KEYMAN). ISO/DIS 9735-9.

    Google Scholar 

  37. S. Jarecki and A. M. Odlyzko. An efficient micropayment system based on probabilistic polling. In Financial Cryptography, Lecture Notes in Computer Science, pages 173–191. Springer-Verlag, 1997.

    Google Scholar 

  38. Mastercard and Visa. SET Secure Electronic Transactions Protocol, version 1.0 edition, May 1997. Book One: Business Specifications, Book Two: Technical Specification, Book Three: Formal Protocol Definition. Available from http://www.setco.org/setspecifications.html.

  39. M. Naor and M. Yung. Universal One-Way Hash Functions and their Cryptographic Applications. In Proceedings of the 21st Annual ACM Symposium on the Theory of Computing, pages 33–43, 1989.

    Google Scholar 

  40. T. Pedersen. Electronic Payments of Small Amounts. In Security Protocols, Lecture Notes in Computer Science, pages 59–68. Springer-Verlag, 1997.

    Google Scholar 

  41. Public-Key Infrastructure (X.509) (pkix). Internet Working Group. The task of the working group is to develop standards needed to support an X.509-based PKI.

    Google Scholar 

  42. M. O. Rabin. Digitalized Signatures and Public-Key Functions as Intractable as factorization. Technical Report MIT/LCS/TR-212, Laboratory for Computer Science, MIT, January 1979.

    Google Scholar 

  43. J. Rompel. One-way functions are necessary and sufficient for secure signatures. In Proceedings of the 22nd Annual ACM Symposium on the Theory of Computing, 1990.

    Google Scholar 

  44. R. Rivest and A. Shamir. PayWord and MicroMint: Two Simple Micropayment Schemes. In Security Protocols, Lecture Notes in Computer Science, pages 69–88. Springer-Verlag, 1997.

    Google Scholar 

  45. R. Rivest, A. Shamir, and L. Adleman. A Method for Obtaining Digital Signatures and Public-key Cryptosystems. Communications of the ACM, 21, 1978.

    Google Scholar 

  46. C. P. Schnorr. Efficient identification and signatures for smart cards. In Advances in Cryptology-proceedings of CRYPTO 89, Lecture Notes in Computer Science, pages 239–252. Springer-Verlag, 1990.

    Chapter  Google Scholar 

  47. Secure Hash Standard. Federal Information Processing Standards Publication 180-1, U.S. National Institute of Standards and Technology (NIST), April 1995.

    Google Scholar 

  48. H. C. Williams. A modification of the RSA public-key encryption procedure. IEEE Transaction on Information Theory, 26(6):726–729, 1980.

    Article  MATH  Google Scholar 

  49. Information technology-open systems interconnection-the directory: Authentication framework. ISO/IEC 9594-8, 1995. See also Amendment 1 to ISO/IEC 9594-8:1995-Certificate extensions.

    Google Scholar 

  50. Y. Yeong, T. Howes, and S. Kille. Lightweight Directory Access Protocol. RFC 1777, March 1995.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Cryptomathic, Denmark

    Torben P. Pedersen

Authors
  1. Torben P. Pedersen
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. BRICS, University of Aarhus, Ny Munkegade, Building 540, DK-8000, Aarhus C, Denmark

    Ivan Bjerre Damgård

Rights and permissions

Reprints and permissions

Copyright information

© 1999 Springer-Verlag Berlin Heidelberg

About this chapter

Cite this chapter

Pedersen, T.P. (1999). Signing Contracts and Paying Electronically. In: Damgård, I.B. (eds) Lectures on Data Security. EEF School 1998. Lecture Notes in Computer Science, vol 1561. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-48969-X_7

Download citation

  • DOI: https://doi.org/10.1007/3-540-48969-X_7

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-65757-6

  • Online ISBN: 978-3-540-48969-6

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation