Birgit Pfitzmann

Collision-free accumulators and fail-stop signature schemes without trees

One-way accumulators, introduced by Benaloh and de Mare, can be used to accumulate a large number of values into a single one, which can then be used to authenticate every input value without the need to transmit the others. However, the one-way property does is not sufficient for all applications. n nIn this paper, we generalize the definition of accumulators and define and construct a collision-free subtype. As an application, we construct a fail-stop signature scheme in which many one-time public keys are accumulated into one short public key. In contrast to previous constructions with tree authentication, the length of both this public key and the signatures can be independent of the number of messages that can be signed.

Vertrauenswürdiger Entwurf portabler Benutzerendgeräte und Sicherheitsmodule

Portable Benutzerendgerate (POBs) und Sicherheitsmodule (SMs) mussen hohe Sicherheitsanforderungen erfullen, um fur Anwendungen wie elektronische Zahlungssysteme oder elektronisches Unterschreiben von Dokumenten einsetzbar zu sein. Insbesondere mussen die Benutzer selbst ihren POBs und SMs vertrauen konnen. Es werden daher praktikable „vertrauensbildende“ Masnahmen fur Entwurf, Entwicklung, Produktion, Initialisierung und Nutzung von POBs und SMs vorgestellt. Insbesondere werden Methoden zur Unterschrift groser Dokumente auf kleinen POBs und Alternativen zu Smartcards fur SMs vorgestellt sowie flexiblere Verfahren zur Benutzeridentifikation diskutiert.

Future Directions in Secure Electronic Commerce

The previous chapters presented results of SEMPER. In this last chapter, we step back and review issues that we encountered in SEMPER where more work–research, development or deployment–is necessary in the future. We do not aim at reviewing the state of the art, but rather present the open problems and the directions the work should take.

Loss-tolerance for electronic wallets

Assuming the existence of tamper-resistant devices with computational power and storage capacity similar to those of PCs and secure cryptosystems, the authors present loss tolerance schemes that leave the security, autonomy, and untraceability of the basic payment system that uses electronic wallets almost unchanged. These schemes are the distributed account list protocol and the marked standard value (MSV) protocol. The two schemes are compared. It is noted that more important than the problem of loss tolerance is that of constructing really secure temperature resistant devices.<<ETX>>

Chapter 11: The Payment Framework

The core of SEMPER consists of several blocks. Each block is a generic and extensible framework for a particular service. This chapter describes the design of the Payment Block: the SEMPER generic payment service framework (GPSF).

The Commerce Layer: A Framework for Commercial Transactions

This chapter presents the SEMPER proposal for a general framework for commercial applications. Its main concept is a commerce context called a deal, by which SEMPER keeps track of the flow of a business process even if that flow is controlled by an untrusted business application. The benefit of such support is that one can then allow arbitrary applications to be downloaded from business partners, thus combining the use of SEMPER services and the support of partner-specific business models. Hence authorization of security-critical actions triggered by the applications, the relation to access control, and downloading are also described in this chapter.

The Fair Internet Trader

This chapter presents the Fair Internet Trader (FIT) in detail. It is a new type of business application, designed for convenient and secure person-to-person electronic commerce. By this we mean electronic commerce where human interaction is needed at both ends, such as in business-to-business scenarios. We discuss our rationale, describe our prototype, and present results from interviews made during trials with this prototype.

Secure Electronic Commerce

This chapter sets the stage for the subsequent presentation of our results. We present examples of electronic commerce and the need for security, existing approaches and their shortcomings, and the overall goals and the specific focus of SEMPER.

Chapter 12: Trust Management in the Certificate Block

This chapter describes the trust management in the SEMPER Certificate Block. First, we briefly outline the use of public-key cryptography and public key infrastructures (PKI), mainly focusing on certificates and certificate authorities (CAs). The existence of several CAs offering services of different quality and certificates with different semantics is one of the main reason why trust management is needed. More precisely, trust management provides the means for enabling:

Fair Exchange: A New Paradigm for Electronic Commerce

This chapter describes the protocols and the design of the SEMPER Transfer and-Exchange Layer, in particular its generic and optimistic fair exchange protocols.