The Center for Education and Research in Information Assurance and Security (CERIAS)

The Center for Education and Research in
Information Assurance and Security (CERIAS)

Efficient Primitives For Ensuring Security In E-Commerce Transactions

Download

Download PDF Document
PDF

Author

Jung Min Park

Tech report number

CERIAS TR 2003-36

Entry type

phdthesis

Abstract

Fueled by the exponential growth in the number of people with access to the Internet, electronic-commerce (e-commerce) transactions via the Internet have become a major part of our economy. For a wider range of e-commerce applications to take advantage of the untapped business potential of the Internet, some challenging and interesting security problems need to be solved. In this thesis, we study two such problems, and provide efficient solutions for both. In the foreseeable future, some e-commerce vendors will generate revenue by providing digital streaming applications such as information broadcasts (e.g., stock quotes). For the first issue, we investigate the problem of authenticating packet streams in multicast or broadcast networks. Our approach is to encode the hash values and digital signatures with Rabin's Information Dispersal Algorithm (IDA) to construct an authentication scheme that amortizes a single signature operation over multiple packets. This strategy is especially efficient in terms of space overhead because just the essential elements needed for authentication (i.e., one hash per packet and one signature per group of packets) are used in conjunction with an erasure code that is space optimal. We evaluate the performance of our scheme using both analytical and empirical results. Applications such as e-commerce payment protocols using electronic money require that fair exchange be assured. For the second issue, we investigate the problem of constructing fair-exchange protocols. Our approach uses a novel signature paradigm-the gradational signature scheme-to construct protocols that are efficient and scalable. Unlike previous approaches, our scheme does not employ any costly zero-knowledge proof systems in the exchange protocol. Use of zero-knowledge proofs is needed only in the protocol setup phase-this is a one-time cost. The resulting exchange protocol is more e

Download

PDF

Date

2003 – 08

Key alpha

Park

School

Purdue University

Publication Date

2003-08-01

Contents

LIST OF TABLES LIST OF FIGURES ABSTRACT 1 INTRODUCTION 2 AUTHENTICATION OF PACKET STREAMS IN MULTICAST NETWORKS 3 CONSTRUCTION OF FAIR-EXCHANGE PROTOCOLS FOR E-COMMERCE 4 AN APPLICATION OF FAIR-EXCHANGE PROTOCOLS: CERTIFIED E-MAIL 5 CONCLUSIONS LIST OF REFERENCES VITA

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.