Research On Fair Exchange Protocols And The Fairness Of The Protocol

Electronic commerce has played an important role in global economic activity. The basic requirement for electronic commerce is to guarantee the fairness and efficiency in exchange.The basic guarantee meeting the requirement is fair exchange protocol,which is a security protocol how to exchange electronic data between two potentially distrusted parties in an efficient and fair manner. Fair exchange protocol will ensure that any party can't take any advantage in any stage of the whole exchange course,and the last result of the exchange is either both parties getting the opposing parties'data items, or neither party getting the opposing parties'ones.How to design fairer and higher efficient exchange protocol is the most primary content of fair exchange research.This dissertation mainly focuses attention on two parties fair exchange protocol which is applied extensively. On the basis of international current fair exchange research works, this dissertation investigates fair exchange protocol with and without trusted third party (TTP) in depth and presents two practical fair exchange protocols respectively. Moreover, in order to better bound parties'behavior and make exchange fairer, a generic protocol framework is presented which meets the accountability of parties'behavior, and provides the foundation for deciding who should be responsible for error data in the bonus-malus mechanism behind.And then, the conception of incentive fairness is presented and a fair exchange protocol with bonus-malus incentive function is proposed based on the conception.The main contributions in this dissertation are summarized as follows:(1)Based on perfect concurrent signature, a fair exchange protocol is presented without TTP.In this protocol anyone can't identify who has signed which signature when two parties have exchanged their two ambiguous signatures and relative data items.Not until the initial signer publishes a secret information,are the two signatures bound to respective signer concurrently. After that, the other party sends the key of decrypting goods,and thus the two parties can fairly get each other's data items without the trusted third party (TTP),which avoids the possibility of two parties'collusion and the bottleneck of the TTP involvement.(2)Based on verifiable committed signature, an optimistic fair exchange protocol with punishment function is proposed.Firstly, a verifiable committed signature is constructed based on Fischlin's signature scheme, and is proved of its security in the standard complexity model,and then this protocol is designed.It will punish the misbehavior of either party in order to ensure the fairness of the exchange.Because of the introduction of punishment idea, both parties'behavior is confined better, which makes the protocol fairer, simpler and more efficient.And this protocol also ensures other important properties of fair exchange, such as timeliness, abuse-free etc.(3)A generic protocol framework meeting the accountability of parties'behavior is proposed.This framework makes use of the tamper-proof property of security module, records each operation by assigning each state during the protocol running and taking hash overlapping operate for state value and received message or message to be sent when each state shifting.In the end, the hash value overlapping the end state is stored as the proof of parties' behavior. This framework realizes the accountability of each step behavior and is a powerful tool for determining a party whether to execute a certain operation and whether to be responsible for a certain dispute.It has only hash operation, so the computation is low, which makes sure that any security protocol will not be much affected if using it.(4)A fair exchange protocol based on bonus-malus mechanism of the trust score is proposed. Bonus-malus mechanism is introduced to fair exchange protocol for the first time.This protocol is designed based on the improved Beth trust model,and encourages parties to complete each exchange actively through giving two parties bonus for the success of the exchange and giving the initiative withdrawing or cheating party a certain degree of penalty depending on his misbehavior. It not only guarantees fairness in the normal sense, but also achieves fairness in the sense of bonus-malus mechanism. In addition, this protocol is designed based on security module with the theory of cross validation, and it is a generic fair exchange protocol supporting the exchange of both signature and other digital items.