Abstract
Electronic sealed-bid auction schemes usually have a common drawback, the third party (auction host) can conspire with a malicious bidder to leak all bidding prices before the opening stage. It results in the malicious bidder wining the auction with an optimal bidding price. Recently, Liaw et al. proposed an auction protocol for electronic online bidding in which they designed a deposit deduction certification for government procurement. However, it also has above mentioned flaw. Moreover, we further found that there were some extra security drawbacks in their protocol. First, the bidder can forge a bidding receipt to claim that he/she is a valid auction winner. Second, it may suffer from the third party forging attack. Third, their protocol leaked some bidders’ private information to the third party, such as the bidder’s bank account number and the authorization code. Thus, it cannot protect the bidder’s privacy at all. In this paper, we not only point out the drawbacks from the previous scheme but also propose a new electronic auction scheme to overcome the above mentioned drawbacks. Furthermore, the computational complexity can be decreased in our online sealed-bid auction scheme.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
Explore related subjects
Discover the latest articles, news and stories from top researchers in related subjects.References
Franklin M K, Reiter M K. The design and implementation of a secure auction service. IEEE Transactions on Software Engineering, May 1996, 22(5): 302–312.
Kudo M. Secure electronic sealed-bid auction protocol with public key cryptography. IEICE Transactions on Fundamentals, Jan. 1998, E81-A(1): 20–27.
Kikuchi H, Hakavy M, Tygar D. Multi-round anonymous auction protocols. IEICE Transactions on Information and Systems, Apr. 1999, E82-D(4): 769–777.
Chang C C, Chang Y F. Efficient anonymous auction protocols with freewheeling bids. Computers & Security, 2003, 22(8): 728–734.
Jiang R, Pan L, Li J H. An improvement on efficient anonymous auction protocols. Computers & Security, 2005, 24(2): 169–174.
Chang C C, Chang Y F. Enhance anonymous auction protocols with freewheeling bids. In Proc. the 20th International Conference on Advanced Information Networking and Applications (AINA 2006), Vienna, Austria, Vol. 1, Apr. 2006, pp.353–358.
Liaw H T, Juang W S, Lin C K. An electronic online bidding auction protocol with both security and efficiency. Applied Mathematics and Computation, 2006, 174(2): 1487–1497.
Subramanian S. Design and verification of a secure electronic auction protocol. In Proc. IEEE 17th Symposium on Reliable Distributed Systems, Washington DC, USA, 1998, pp.204–210.
Chen T S. An English auction scheme in the online transaction environment. Computers & Security, 2004, 23(5): 389–399.
Rivest R. The MD5 message-digest algorithm. RFC 1321, Internet Activities Board, Internet Privacy Task Force, 1992.
NIST FIPS PUB 180–1. Secure hash standard. National Institute of Standards and Technology, Apr. 1995, Available at http://www.itl.nist.gov/fipspubs/fip180-1.htm
Rivest R, Shamir A, Adleman L. A method for obtaining digital signatures and public-key cryptosystems. Communications of ACM, 1978, 21(2): 120–126.
NBA FIPS PUB 46–1. Data encryption standard. National Bureau of Standard, U.S. Department of Commerce, Jan. 1988.
NIST FIPS PUB 197. Advanced data encryption standard. National Institute of Standards and Technology, Nov. 2001. Available at http://www.csrc.nist.gov/publications/fips/fips197/fips-197.pdf
Turban E. Electronic Commerce 2002: A Managerial Perspective. Second edition, Prentice Hall, 2002.
Maurer U M. Towards the equivalence of breaking the diffiehellman protocol and computing discrete logarithms. In Proc. Advanced in Cryptology-CRYPTO’94, Santa Barbara, USA, Desmedt Y (ed.), Lecture Notes in Computer Science 839, Berlin: Springer-Verlag, 1994, pp.271–281.
Bellare M, Rogaway P. Random oracles are practical: A paradigm for designing efficient protocols. In Proc. the First ACM Conference on Computer and Communications Security, ACM, Nov. 1993, http://www.cs.ucda-vis.edu/research/tech-reports/1995/CSE-95-16.pdf.
RSA Laboratories. PKCS #7: Cryptographic message syntax standard. USA, 1997. Available at http://www.rsasecurity.com/rsalabs/node.asp?id=2129.
O’Mahony D, Pierce M, Tewari H. Electronic Payment Systems. Artech House, 1997.
Schneier B. Applied Cryptography. Second edition, New York: John Wiley & Sons, 1996.
Hwang M S, Lu E J L, Lin I C. Adding timestamps to the electronic auction protocol. Data & Knowledge Engineering, 2002, 40: 155–162.
Waters B. Efficient identity-based encryption without random oracles. In Proc. Advanced in Cryptology-EUROCRYPTO 2005, Aarhus, Denmark, Lecture Notes in Computer Science 3494, Springer-Verlag, 2005, pp.114–27.
Author information
Authors and Affiliations
Corresponding author
Electronic Supplementary Material
Below is the link to the electronic supplementary material.
Rights and permissions
About this article
Cite this article
Wu, CC., Chang, CC. & Lin, IC. New Sealed-Bid Electronic Auction with Fairness, Security and Efficiency. J. Comput. Sci. Technol. 23, 253–264 (2008). https://doi.org/10.1007/s11390-008-9127-x
Received:
Revised:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11390-008-9127-x