Flaw and modification of the iKP electronic payment protocols

We found that the 2KP/3KP electronic payment protocols as well as the 1KP electronic payment protocol do not possess a probably important property. The property is that if an acquirer authorizes a payment, then both the buyer and seller concerned always agree on it, which is called agreement property in this article. We also propose a modification to have 2KP/3KP possess the property.     

新的复合型电子商务安全协议

针对典型电子商务安全协议存在的安全目标单一,不能满足日益增加的安全需求等问题,提出了一种能够满足多种安全属性的复合型电子商务安全协议,该协议包含认证子协议和支付子协议两部分。认证子协议基于令牌概念实现了高效认证及协商会话密钥。改进匿名电子现金支付协议,提出了支付子协议,引入电子证书证明交易主体的身份,确保协议非否认性的实现;借助可信方传递付款收据,避免交易主体不诚实所导致的公平性缺失;引入FTP传输方式传送电子货币和付款收据,确保实现可追究性与公平性,进一步增强协议的鲁棒性。     

On the security of the verifiably-encrypted signature scheme of Boneh, Gentry, Lynn and Shacham

We discuss the security of the verifiably-encrypted signature scheme of Boneh, Gentry, Lynn and Shacham. It is quite realistic to allow adversaries access to adjudication oracles for different users but the same adjudicator. This presents an extension of the security model considered by Boneh, Gentry, Lynn and Shacham and we describe an efficient attack on their scheme in that model. We then show how to obtain security in this extended model by applying a small modification to their scheme.     

Cloning and tampering threats in e-Passports

e-Passports present different security measures designed to safeguard their authenticity and more specifically to protect them from tampering and cloning attempts. Security protocols defined by International Civil Aviation Organization for this purpose (Passive Authentication, Active Authentication) should be enough to prevent such attacks. However, according to current specifications that regulate the Logical Data Structure of the e-Passport’s chip, it is feasible to bypass these protocols exploiting some flaws in the Inspection System. In this paper we show that as long as new documents will not be issued in compliance with new logical data structure’s specifications (currently under discussion), a careless implementation of the inspection procedure may lead to unsuccessful detection of cloned e-Passports.     

Known-plaintext cryptanalysis of the Domingo-Ferrer algebraic privacy homomorphism scheme

We propose cryptanalysis of the First Domingo-Ferrer's algebraic privacy homomorphism where n=pq. We show that the scheme can be broken by (d+1) known plaintexts in O(d³log²n) time. Even when the modulus n is kept secret, it can be broken by 2(d+1) known plaintexts in O(d⁴logdn+d³log²n+?(m)) time with overwhelming probability.     

Local and global deadlock-detection in component-based systems are NP-hard

Interaction systems are a formal model for component-based systems. Combining components via connectors to form more complex systems may give rise to deadlock situations. We present here a polynomial time reduction from 3-SAT to the question whether an interaction system contains deadlocks.     

Diversity and fault avoidance for dependable replication systems

In the hot-standby replication system, the system cannot process its tasks anymore when all replicated nodes have failed. Thus, the remaining living nodes should be well-protected against failure when parts of replicated nodes have failed. Design faults and system-specific weaknesses may cause chain reactions of common faults on identical replicated nodes in replication systems. These can be alleviated by replicating diverse hardware and software. Going one-step forward, failures on the remaining nodes can be suppressed by predicting and preventing the same fault when it has occurred on a replicated node. In this paper, we propose a fault avoidance scheme which increases system dependability by avoiding common faults on remaining nodes when parts of nodes fail, and analyze the system dependability.     

计算机网络安全技术在电子商务中的应用探究

随着我国经济的飞速发展以及互联网技术在各行各业中的应用,电子商务已经成为我国商业模式中新的宠儿。但同时,由于电子商务主要是依托网络技术进行办公,网络安全与信息安全已经越来越引起人们的担忧。尤其是伴随着现代网络技术的进步,为电子商务的发展既带来了机遇同时又带来了挑战。电子商务交易过程的安全性成为制约该行业未来发展的瓶颈。本文对于网络安全技术在电子商务中的应用做了探讨,并就如何提高电子商务交易过程中的安全性,从而为该行业未来的发展提供有力的技术保障提出了一些建议和措施。     

PalmHashing: a novel approach for cancelable biometrics

We propose a novel cancelable biometric approach, known as PalmHashing, to solve the non-revocable biometric issue. The proposed method hashes palmprint templates with a set of pseudo-random keys to obtain a unique code called palmhash. The palmhash code can be stored in portable devices such tokens and smartcards for verification. Multiple sets of palmhash codes can be maintained in multiple applications. Thus the privacy and security of the applications can be greatly enhanced. When compromised, revocation can also be achieved via direct replacement of a new set of palmhash code. In addition, PalmHashing offers several advantages over contemporary biometric approaches such as clear separation of the genuine-imposter populations and zero EER occurrences. In this paper, we outline the implementation details of this method and also highlight its potentials in security-critical applications.     

A practical anonymous payment scheme for electronic commerce

We propose a practical anonymous payment scheme with anonymous accounts. By means of our proposed scheme, the size of a bank's database is dramatically reduced. Also, the issue of e-coins for an anonymous account is controlled by several issuers, who represent a bank and who can be chosen by the customer or assigned by the system, on the current available issuers list according to the internet conditions. Our scheme does not require the assistance of a mutually entrusted third party.     

电子商务签密方案的改进与安全性分析

首先介绍了数字签密与传统的"签名+加密"的方法相比所具有的优势,并给出了构成数字签密方案的四个子算法。然后简要介绍了签密方案涉及到的数学基础,并对现有的几种标准模型下的基于身份的数字签密方案进行了回顾,对Yu等所提方案的安全性进行了分析,指出它在挑选密文攻击方面是不安全的。接下来提出一种改进的数字签密方案,分别对构成该方案的系统建立、密钥提取、数字签密、解签密四个子算法进行了分析。从适应性选择消息下的不可伪造性和选择密文攻击下的密文不可区分性两个方面对方案的安全性进行了简要的说明。最后对改进方案的效率与其它几种方案进行了比较,得出了改进的方案在密文长度等方面存在一定优势的结论,并提出了下一步的研究计划。     

Combinatorial lower bounds for secret sharing schemes

In a perfect secret sharing scheme, it holds that , where S denotes the secret and denotes the set of the share of user i. On the other hand, it is well known that if S is not uniformly distributed, where denotes the set of secrets. In this case, . Then, which is bigger, or We first prove that for any distribution on S by using a combinatorial argument. This is a more sharp lower bound on for not uniformly distributed S. Our proof makes it intuitively clear why must be so large. Next, we extend our technique to show that max_i for some access structure.     

Improvement of the Miyazaki-Takaragi threshold digital signature scheme

To enhance the applications of smart cards, Miyazaki and Takaragi recently proposed a (t,n) threshold digital signature scheme based on the security of elliptic curve discrete logarithm problem (ECDLP). The advantages of their scheme are low communication bandwidth and computational complexity, which provides critical benefits for the use of smart cards in the distributed environments. Unfortunately, this paper will show that their scheme cannot withstand the forgery attack, which violates their security claim. We further amend the scheme against the attack with a simple improvement.     

若干盲签名方案及其在电子商务中的应用

介绍了４类盲签名方案：盲消签名，盲参数签名，弱盲中和强盲签名，并列举了上述几类合流主案在电子商务中的一些实际应用。     

Modeling the customer in electronic commerce

This paper reviews interface design of web pages for e-commerce. Different tasks in e-commerce are contrasted. A systems model is used to illustrate the information flow between three subsystems in e-commerce: store environment, customer, and web technology. A customer makes several decisions: to enter the store, to navigate, to purchase, to pay, and to keep the merchandize. This artificial environment must be designed so that it can support customer decision-making. To retain customers it must be pleasing and fun, and create a task with natural flow. Customers have different needs, competence and motivation, which affect decision-making. It may therefore be important to customize the design of the e-store environment. Future ergonomics research will have to investigate perceptual aspects, such as presentation of merchandize, and cognitive issues, such as product search and navigation, as well as decision making while considering various economic parameters. Five theories on e-commerce research are presented.     

E-passport EAC scheme based on Identity-Based Cryptography

Extended Access Control (EAC) is a security mechanism specified to allow only authorized Inspection System (IS) to read sensitive biometric data such as fingerprints from e-passports. Although European Union EAC scheme offers more flexibility than Singapore scheme, there is clearly room for improvement. By adopting Identity-Based Cryptography (IBC) technology, a simple and secure EAC implementation scheme (IBC-EAC) is proposed. The authorization mechanism based on IBC is more trustable because the access right to sensitive data is granted directly to the IS through Authorized Smartcard. A new authentication protocol based on IBC is performed between the e-passport chip and the Authorized Smartcard. The protocol also provides an important contribution towards terminal revocation. By using IBC-EAC scheme, the complexity of deploying and managing PKI can be reduced. And the computational cost for e-passport to verify the certificate chain in EU-EAC scheme can be saved.     

Fuzzy Role-Based Access Control

RBAC (Role-Based Access Control) is a widely used access control model, which reduces the maintenance cost of classical identity-based access control. However, despite the benefits of RBAC, there are environments in which RBAC can hardly be applied. We present FRBAC (Fuzzy Role-Based Access Control), a generalization of RBAC through fuzzy relations that extends the applicability of RBAC to environments where authorization-related information is vague. Moreover, FRBAC deals with environments where the actions that can be executed over the resources have a fractional meaning, as data lying in databases and risk-based access control.     

Cryptographic key assignment schemes for any access control policy

The access control problem deals with the management of sensitive information among a number of users who are classified according to their suitability in accessing the information in a computer system. The set of rules that specify the information flow between different user classes in the system defines an access control policy. Akl and Taylor first considered the access control problem in a system organized as a partially ordered hierarchy. They proposed a cryptographic key assignment scheme, where each class is assigned an encryption key that can be used, along with some public parameters generated by a central authority, to compute the key assigned to any class lower down in the hierarchy. Subsequently, many researchers have proposed schemes that either have better performances or allow insertion and deletion of classes in the hierarchy.In this paper we show how to construct a cryptographic key assignment scheme for any arbitrary access control policy. Our construction uses as a building block a cryptographic key assignment scheme for partially ordered hierarchies. The security of our scheme holds with respect to adversaries of limited computing power and directly derives from the security of the underlying scheme for partially ordered hierarchies. Moreover, the size of the keys assigned to classes in our scheme is exactly the same as in the underlying scheme.