City University of Hong Kong

CityU Institutional Repository >
3_CityU Electronic Theses and Dissertations >
ETD - Dept. of Computer Science  >
CS - Doctor of Philosophy  >

Please use this identifier to cite or link to this item:

Title: Notions of security of cryptographic protocols for e-commerce : soundness, impersonation attacks, universally composable security, and anti-spamming
Other Titles: Dian zi shang wu mi ma xie yi de an quan xing gai nian : li lun ji ying yong
電子商務密碼協議的安全性槪念 : 理論及應用
Authors: Cheung, Hung Ching (張紅靖)
Department: Dept. of Computer Science
Degree: Doctor of Philosophy
Issue Date: 2006
Publisher: City University of Hong Kong
Subjects: Computer networks -- Security measures
Data encryption (Computer science)
Electronic commerce -- Security measures
Notes: CityU Call Number: TK5102.94.C46 2006
Includes bibliographical references (leaves 111-120)
Thesis (Ph.D.)--City University of Hong Kong, 2006
viii, 132 leaves ; 30 cm.
Type: Thesis
Abstract: As the Internet is moving to a profitable commercial world from a free and academic domain, electronic commerce (e-commerce) is playing a more and more important role on the Internet. More research activities are focusing on the security issues of e-commerce. We are interested in studying different security notions of cryptographic protocols since the technical basis for all methods to process payments over the networks are cryptographic protocols. This dissertation consists of two parts. In the first part we review basic tools and techniques which are used in the cryptographic protocols we dis- cussed. In the second part, we investigate the following four advanced topics on the security of cryptographic protocols for e-commerce. (1) Soundness in bare public-key model. A new notion of soundness in bare public-key (BPK) model is presented. It is motivated by the recent work of Micali and Reyzin on showing the subtleties and complexities of the soundness notions of public key model. Our new notion just lies in be- tween one-time soundness and sequential soundness. And its reasonableness is justified in the context of resettable zero-knowledge when a resettable zero- knowledge prover is implemented by a device such as a smart card. (2) Impersonation attacks of identification schemes. With more knowl- edge of soundness notions of zero-knowledge (ZK) protocols, in which the verifier has a public-key, we re-investigate the Cramer-Damgård intended- verifier identification schemes. It is claimed to be secure against adaptive man-in-the-middle impersonation attacks. We demonstrate two man-in-the- middle attacks under some reasonable settings. One is a simple replaying attack and the other is an ingenious interleaving attack. Our attacks are independent of the underlying hardness assumptions. (3) Universally composable blind signature functionality. We investigate the blind signature functionality in the framework of universally compos- able (UC) security, since blind signatures play a critical role in digital cash systems. Universally composable security is currently the strongest secu- rity notion for cryptographic protocols over the Internet. In this part, we construct a universally composable blind signature functionality, FBSIG. Our approach is based on a new UC signature functionality FMSIG, which is a modi- fied version of the original signature functionality FSIG presented by Canetti. We also prove that FMSIG and FSIG are actually equivalent with respect to non-adaptive adversaries. Our result is of both theoretical and practical con- sequence to future research studies and practical implementations of digital cash systems with universally composable security. (4) E-stamp in email for anti-spamming. We propose to develop a practi- cal email service with the effect of anti-spamming. Different from the above topics, it is considered as an application project by applying existing practical technologies. It not only guarantees the delivery of emails but also initiates the new concept of embedding stamps in emails. Stamps with different values act as indicators for ranking the importances of emails. This email service is expected to be done by extending some features of simple mail transfer protocols and micropayment technologies.
Online Catalog Link:
Appears in Collections:CS - Doctor of Philosophy

Files in This Item:

File Description SizeFormat
fulltext.html157 BHTMLView/Open
abstract.html157 BHTMLView/Open

Items in CityU IR are protected by copyright, with all rights reserved, unless otherwise indicated.


Valid XHTML 1.0!
DSpace Software © 2013 CityU Library - Send feedback to Library Systems
Privacy Policy · Copyright · Disclaimer