Abstract
This paper investigates the fundamental difference between a simple e-tender box and a traditional physical tender box, and highlights a series of security traps created by the functional differences. Based on our findings, we have defined the security requirements for an e-tender submission protocol. We also discuss functional limitations of cryptographic technologies. As a result, two secure e-tender submission protocols are proposed which enable a secure e-tender submission. Protocols are assumed to run under the condition that all tendering parties (principal and tenderers) are dishonest players. Our informal and formal security analysis show that these protocols meet their security goals under well known collusion scenarios. Because security is a process not a product, our approach will have broad industry application for developing secure electronic business processes in areas other than e-tendering.
Similar content being viewed by others
References
Hughes Aircraft Systems International v Airservices Australis (1997). 558 FCA (Technical Report). Federal Court of Australia, June 1997.
Abe, M., & Suzuki, K. (2002). M+1-st price auction using homomorphic encryption. In Lecture notes in computer science : Vol. 2288. Public key cryptology 2002 (pp. 115–124). Berlin: Springer.
Boneh, D., & Franklin, M. (2001). Identity-based encryption from the Weil pairing. In LNCS : Vol. 2139. Advances in cryptology—CRYPTO 2001: 21st annual international cryptology conference (pp. 213–229). Santa Barbara, California, USA, August 19–23, 2001. Berlin: Springer.
Boyd, C., & Kearney, P. (2000). Exploring fair exchange protocol using specification animation. In E. Okamoto, J. Pieprzyk, & J. Seberry (Eds.), LNCS : Vol. 1975. Information security—ISW 2000 (pp. 209–223). Berlin: Springer.
Brandt, F. (2002). Secure and private auctions without auctioneers (Technical Report FKI-245-02). http://wwwbrauer.in.tum.de/~brandtf/studies.html.
Brandt, F., & Sandholm, T. (2004). (Im)possibility of unconditionally privacy-preserving auctions. In Proceedings of the third international joint conference on autonomous agents and multiagent systems AAMAS’04. New York, July 19–23, 2004. New York: Assoc. Comput. Mach.
Buldas, A., & Laud, P. (1998). New linking schemes for digital time-stamping. In Information security and cryptology (pp. 3–13). Berlin: Springer.
Buldas, A., Laud, P., Lipmaa, H., & Villemson, J. (1998). Time-stamping with binary linking schemes. In H. Krawczyk (Ed.), Lecture notes in computer science : Vol. 1462. Advances on cryptology—CRYPTO’98 (pp. 486–501). Santa Barbara, USA, August 1998. Berlin: Springer.
Casassa, M., Harrison, K., & Sadler, M. (2003). The HP time vault service: exploiting IBE for timed release of confidential information. In Proceedings of the twelfth international conference on World Wide Web (pp. 160–169). Budapest, Hungary, May 2004. New York: Assoc. Comput. Mach.
Christensen, S., & Duncan, W. (2006). Maintaining the integrity of electronic tendering—reflections on the capacity of the Australian legal framework to meet this challenge. eLaw Journal, Murdoch University Electronic Journal of Law, 13(2), 8–36.
Cocks, C. (2001). An identity based encryption scheme based on quadratic residues. In Proceedings of the 8th IMA international conference on cryptography and coding (pp. 360–363). London, UK. Berlin: Springer.
Damgard, I. (1999). Commitment schemes and zero-knowledge protocols. In Lecture notes in computer science (Vol. 1561, pp. 63–86). Berlin: Springer.
Dawson, E., Christensen, S., Duncan, B., Foo, E., Du, R., Nieto, J. G., & Black, P. (2006). eTendering—security and legal issues (Technical Report). CRC Construction Innovation, www.construction-innovation.info
Du, R., Foo, E., Boyd, C., & Choo, K.-K.R. (2006). Formal analysis of secure contracting protocol for e-tendering. In R. Safavi-Naini, C. Steketee, & W. Susilo (Eds.), CRPIT : Vol. 54. Fourth Australasian information security workshop (network security) (AISW 2006) (pp. 155–164). Hobart, Australia. Adelaide: Australian Computer Society.
Du, R., Foo, E., Boyd, C., & Fitzgerald, B. (2004). Defining security services for electronic tendering. In The Australasian information security workshop (AISW2004) (Vol. 32, pp. 43–52). Adelaide: Australian Computer Society.
Du, R., Foo, E., Boyd, C., & Fitzgerald, B. (2004). Secure communication protocol for preserving e-tendering integrity. In Fifth Asia-Pacific industrial engineering and management systems conference (APIEMS’2004) (Vol. 14, pp. 16.1–16.15). Brisbane: Asian Pacific Industrial Engineering and Management Society.
Du, R., Foo, E., Nieto, J. G., & Boyd, C. (2005). Designing secure e-tendering systems. In S. Katsikas, J. Lopez, & G. Pernul (Eds.), LNCS : Vol. 3592. TrustBus 2005 (pp. 70–79). Berlin: Springer.
Gennaro, R., Jarecki, S., Krawczyk, H., & Rabin, T. (1999). Secure distributed key generation for discrete-log based cryptosystems. In LNCS : Vol. 1592. Advances in cryptology—Eurocrypt’99 (pp. 295–310). Berlin: Springer.
Gürgens, S., & Rudolph, C. (2002). Security analysis of (un-) fair non-repudiation protocols. In P. Ryan, A. E. Abdallah, & S. Schneider (Eds.), LNCS : Vol. 2629. Formal aspects of security 2002-BCS FASec 2002 (pp. 97–114). Berlin: Springer.
Haber, S., & Stornetta, W. S. (1991). How to time-stamp a digital document. Journal of Cryptology, 3(2), 99–111.
Harkavy, M., Tygar, J.D., & Kikuchi, H. (1998). Electronic auctions with private bids. In 3rd Usenix workshop on electronic commerce (pp. 61–83).
Kikuchi, H., Hotta, S., Abe, K., & Nakanishi, S. (2000). Distributed auction servers resolving winner and winning bid without revealing privacy of bids. In Proc. of international workshop on next generation internet (NGITA2000) (pp. 307–312). New York: IEEE Press.
Lopez, N., Nunez, M., Rodriguez, I., & Rubio, F. (2004). Improving privacy in Vickrey auctions. SIGecom Exchanges, 5(1), 1–12.
Massias, H., Serret, X., & Quisquater, J.-J. (1999). Main issues on their use and implementation. In Infrastructure for collaborative enterprises—Fourth international workshop on enterprise security (pp. 178–183). IEEE 8th International Workshops on Enabling Technologies. New York: IEEE Press. ISBN 0-7695-0365-9.
Ochsenschläger, P., Repp, J., Rieke, R., & Nitsche, U. (1999). The SH-verification tool-abstraction-based verification of co-operating systems. Formal Aspects of Computing, 11, 1–24.
Pedersen, T. (1991). A threshold cryptosystem without a trusted party (extended abstract). In D. W. Davies (Ed.), LNCS : Vol. 547. Advances in cryptology—EUROCRYPT’91 (pp. 522–526). Berlin: Springer.
Rodriguez, I., & Lopez, N. (2005). Implementing private Vickrey auctions. In SAC’05: Proceedings of the 2005 ACM symposium on applied computing (pp. 796–800). New York, NY, USA. New York: Assoc. Comput. Mach.
Sako, S. (2000). An auction scheme which hides the bids of losers. In Lecture notes in computer science : Vol. 1880. Public key cryptology 2000 (pp. 422–432). Berlin: Springer.
Shamir, A. (1979). How to share a secret. Communications of ACM, 22(11), 612–613.
Shamir, A. (1985). Identity-based cryptosystems and signature schemes. In Proceedings of CRYPTO 84 on advances in cryptology (pp. 47–53). New York: Springer.
Thorpe, C. P., & Bailey, J. C. L. (1996). Commercial contracts, a practical guide to deals, contracts, agreements and promises. Cambridge: Woodhead.
Une, M. (2001). The security evaluation of time stamping schemes: The present situation and studies. In IMES institute for monetary and economic studies, No. 2001-E-18 in IMES Discussion Paper Series. Bank of Japan, C.P.O. BOX 203 Tokyo 100-8630 Japan.
Une, M., & Matsumoto, T. (2002). A framework to evaluate security and cost of time stamping schemes. IEICE Transactions on Fundamentals, E85-A, 125–139.
Zhou, J., & Gollmann, D. (1996). A fair non-repudiation protocol. In Proceedings of the IEEE symposium on research in security and privacy (pp. 55–61). Oakland, CA. Los Alamitos: IEEE Comput. Soc..
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Du, R., Foo, E. & Boyd, C. Designing a secure e-tender submission protocol. Electron Commerce Res 8, 115–142 (2008). https://doi.org/10.1007/s10660-008-9017-x
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10660-008-9017-x