WO2001025883A2 - A method for preventing repudiation of an executed transaction without a trusted third party - Google Patents
A method for preventing repudiation of an executed transaction without a trusted third party Download PDFInfo
- Publication number
- WO2001025883A2 WO2001025883A2 PCT/US2000/027070 US0027070W WO0125883A2 WO 2001025883 A2 WO2001025883 A2 WO 2001025883A2 US 0027070 W US0027070 W US 0027070W WO 0125883 A2 WO0125883 A2 WO 0125883A2
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- party
- message
- repudiation
- sending
- cryptographic
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/12—Payment architectures specially adapted for electronic shopping systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3823—Payment protocols; Details thereof insuring higher security of transaction combining multiple encryption tools for a transaction
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/389—Keeping log of transactions for guaranteeing non-repudiation of a transaction
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/126—Applying verification of the received information the source of the received data
Definitions
- the present invention relates to protocols for ensuring security during electronic
- Entities initially utilized in inter-business trading by entities in certain industries. Entities
- VAN value added network
- VAN service providers typically provide data communication services and assist
- This preparation typically includes
- Internet users may utilize
- EDI transaction is secured, security requirements, such as confidentiality, integrity, authenticity, authorization and non-repudiation, must be satisfied.
- each user typically has a password that is kept secret and when the user needs access to
- Encryption in essence, scrambles bits of a message in such a way that only the
- the encryption algorithms enable a sender to encrypt a message in a non-distinguishable
- hash functions may be used to generate a
- a digital signature mechanism that includes a pair of keys may also be used.
- the sender signs the message with one
- the recipient uses the other key in the pair of keys, for example the sender's public key,
- original message may also contain a date/time stamp, i.e., the date and time that the
- the inventive protocol prohibits one or more transacting parties from
- the non-repudiation requirement is a communication attribute that prohibits one
- one transacting party may not trust the other party or both parties
- the sender includes a digital signature in a first message and the
- recipient may use the digital signature as evidence of non-repudiation of origin.
- recipient retrieves desired information from the first message and is thereafter expected to
- the sender has no way of determining if the first message
- This protocol cannot properly ensure non-repudiation of receipt.
- This protocol may
- the sender's trust level for the recipient is likely to change.
- Some methods employ a trusted third party in each transaction, that is, each
- the trusted third party must pass through the trusted third party.
- the present invention relates to a protocol for prohibiting subsequent denial by
- a sending party transmits to a receiving party, an encrypted first
- the receiving party uses the encrypted first message as evidence of non-repudiation
- the receiving party transmits to the sending party a second message requesting for the
- the sending party may use the second message as evidence of non-
- the sending party publishes a third message with the required
- the session key is required to decrypt the desired product in the
- the receiving party is therefore unable to access the desired
- the receiving party may use the
- the sending party may use
- the session key in the third message is
- the sending party is thereafter required to go to the sending party's web site to retrieve the third message.
- the sending party is thereafter required to go to the sending party's web site to retrieve the third message.
- the sending party can prove to the appropriate authorities during subsequent
- the present invention provides a method
- the method includes the steps of sending, to a receiving party from a sending
- the invention alternatively provides a system for ensuring non-repudiation by
- the system comprises
- the first encrypted message not including a
- Fig. 1 illustrates a computer network in which the inventive non-repudiation
- Fig. 2 illustrates the TCP/IP Layering Model Protocol used during
- Fig. 3 illustrates a preferred embodiment of the inventive non-repudiation
- Fig. 4 illustrates the steps implemented according to the preferred embodiment of
- Fig. 5 illustrates a security architecture in which the inventive non-repudiation
- Fig. 1 is an example of a local area network (LAN) 100 that is configured to
- LAN 100 comprises a server 102, four computer
- peripherals such as printers and other devices 112, that may be
- Computer systems 104-110 may serve as clients for
- server 102 and/or as clients and/or servers for each other and/or for other components connected to LAN 100.
- Components on LAN 100 are preferably connected together by
- cable media for example copper or fiber-optic cable
- network topology may be a
- wireless media such as optical and radio frequency
- Data may be transferred between components on LAN 100 in packets, i.e., blocks
- Routers 120, 122 create an
- Routers are hardware devices that are connected to the Internet, other LANs or Wide Area Networks (WAN). Routers are hardware devices that are connected to the Internet.
- the processor may include a conventional processor, memory, and separate I/O interface for each
- components on the expanded network may share
- TCP/IP Layering Model comprises an application layer or
- Layer 5 (Layer 5) 202, a transport layer or (Layer 4) 204, an Internet layer or (Layer 3) 206, a
- Layer 2 network interface layer or (Layer 2) 208, and a physical layer or (Layer 1) 210.
- Application layer protocols 202 specify how each software application connected to the network uses the network.
- Transport layer protocols 204 specify how to ensure reliable
- Internet layer protocols 206 specify the format of
- Network interface layer
- protocols 208 specify how to organize data into frames and how a computer transmits
- a browser application such as Microsoft Explorer TM or Netscape Internet
- Browser TM connects users on computer systems 104-110 to the Internet. Most browser
- applications display information on computer 104-110 screens and permit a user to
- the browser application displays the document for the user.
- HTTP HyperText Transport Protocol
- HTTP defines the exact format for request sent from the browser application to the server application as well as
- transacting party enters the URL of another transacting party and the browser application
- the transacting party may submit a transaction to the other
- a third party may intercept the transaction or the system may malfunction
- one of the transacting parties may later deny that the transaction actually
- transacting party security requirements such as confidentiality, integrity, authenticity,
- the browser may enter the URL of a seller into the browser application.
- the browser displays the
- the seller may transmit the software application
- Fig. 3 illustrates a preferred embodiment of an inventive protocol 300 that
- sender 302 sends an
- Message 306 also includes sender's 302 digital signature
- the session key is required to decrypt encrypted product
- receiver 304 is unable to retrieve the product.
- receiver 304 must acknowledge receipt of message 306. If
- receiver 304 is no longer interested in encrypted message 306 after receiving it, receiver
- receiver 304 is not required to request the session key and the protocol ends. If receiver 304 did
- sender 302 is then alerted by the fact that receiver 304 did not
- Sender 302 may thereafter inquire why receiver 304 did not
- Receiver 304 may use encrypted message 306 as evidence of non-repudiation of
- receiver 304 requests the session key from sender 302 in a message
- sender 302 that contains receiver's 304 digital signature. Sender 302 may then use message 308 as evidence of non-repudiation of receipt. Upon receipt of the message 308, sender 302
- Receiver 304 needs to actively retrieve
- FTP Transfer Protocol
- sender 302 is responsible for taking care of the key repository
- sender 302 can determine when receiver 304 retrieved the session key. If
- receiver 304 later denies retrieving the key from the key repository, sender 302 can prove
- Fig 4 illustrates the steps implemented in the inventive protocol.
- sender 302 sends the desired product that is encrypted with the session key
- Encrypted message 306 includes sender's 302 digital
- the session key is required to decrypt the
- receiver 304 may use encrypted
- receiver 304 requests
- Sender 302 may then use message 308 as evidence of non-repudiation of receipt.
- sender 302 publishes, in public key repository 312 on sender's 302
- third message 310 that includes the encrypted session key.
- the session key is
- sender may use message
- Fig. 5 illustrates a security architecture 500 in which the inventive protocol may
- security hardware 502 At the base layer of security architecture 500 is a security hardware 502 that
- cryptography system 506 are built on security hardware 502 for providing additional
- Cryptographic algorithms 508 are built on cryptographic systems 504 and 506.
- the inventive non-repudiation protocol 510 and cryptographic protocols 512 are built on
- Examples of the directory services include Microsoft ExchangeTM directory, Lotus NotesTM directory, and Novell NetwareTM
- PKI public key infrastructure
- EDI INT 526 a standard making organization, is also in the layer with
- the final layer of architecture 500 includes non-EDI applications 528 and EDI
Abstract
Description
Claims
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
AU77452/00A AU7745200A (en) | 1999-10-01 | 2000-10-02 | A method for prohibiting transacting parties from subsequently repudiating an executed transaction without trusted third party |
CA002386522A CA2386522A1 (en) | 1999-10-01 | 2000-10-02 | A method for preventing repudiation of an executed transaction without a trusted third party |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US41074199A | 1999-10-01 | 1999-10-01 | |
US09/410,741 | 1999-10-01 |
Publications (2)
Publication Number | Publication Date |
---|---|
WO2001025883A2 true WO2001025883A2 (en) | 2001-04-12 |
WO2001025883A3 WO2001025883A3 (en) | 2001-10-18 |
Family
ID=23626027
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/US2000/027070 WO2001025883A2 (en) | 1999-10-01 | 2000-10-02 | A method for preventing repudiation of an executed transaction without a trusted third party |
Country Status (3)
Country | Link |
---|---|
AU (1) | AU7745200A (en) |
CA (1) | CA2386522A1 (en) |
WO (1) | WO2001025883A2 (en) |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2006112759A1 (en) * | 2005-04-20 | 2006-10-26 | Docaccount Ab | Method and device for ensuring information integrity and non-repudiation over time |
US7890757B2 (en) | 2005-12-30 | 2011-02-15 | Novell, Inc. | Receiver non-repudiation |
US8171293B2 (en) | 2005-12-30 | 2012-05-01 | Apple Inc. | Receiver non-repudiation via a secure device |
US8458477B2 (en) | 2008-12-01 | 2013-06-04 | Novell, Inc. | Communication with non-repudiation |
US8806214B2 (en) | 2008-12-01 | 2014-08-12 | Novell, Inc. | Communication with non-repudiation and blind signatures |
US9654294B2 (en) | 2015-02-26 | 2017-05-16 | Red Hat, Inc. | Non-repudiable atomic commit |
US10228967B2 (en) | 2016-06-01 | 2019-03-12 | Red Hat, Inc. | Non-repudiable transaction protocol |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5960411A (en) * | 1997-09-12 | 1999-09-28 | Amazon.Com, Inc. | Method and system for placing a purchase order via a communications network |
-
2000
- 2000-10-02 AU AU77452/00A patent/AU7745200A/en not_active Abandoned
- 2000-10-02 CA CA002386522A patent/CA2386522A1/en not_active Abandoned
- 2000-10-02 WO PCT/US2000/027070 patent/WO2001025883A2/en active Application Filing
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5960411A (en) * | 1997-09-12 | 1999-09-28 | Amazon.Com, Inc. | Method and system for placing a purchase order via a communications network |
Non-Patent Citations (5)
Title |
---|
COFFEY T ET AL: "NON-REPUDIATION WITH MANDATORY PROOF OF RECEPT" COMPUTER COMMUNICATIONS REVIEW,ASSOCIATION FOR COMPUTING MACHINERY. NEW YORK,US, vol. 26, no. 1, 1996, pages 6-17, XP000580016 ISSN: 0146-4833 * |
KIM,PARK,BAEK: "Improving fairness and privacy of Zhou-Gollman's fair non-repudiation protocol" PROCEEDINGS INTERNATION WORKSHOP PARALLEL PROCESSING 1999 IEEE, May 1999 (1999-05), pages 140-145, XP002164808 * |
LIEW,LIM,TAN,ONG: "Non-Repudiation in an agent-based electronic commerce system" PROCEEDINGS 10TH INTERNATIONAL WORKSHOP ON DATABASE AND EXPERT SYSTEMS APPLICATIONS 1999 IEEE, February 1996 (1996-02), pages 864-868, XP002164806 * |
ZHOU, GOLLMAN: "An efficient non-repudiation protocol" PROCEEDINGS 10TH COMPUTER SECURITY FOUNDATIONS WORKSHOP 1997 IEEE, May 1997 (1997-05), pages 126-132, XP002164807 * |
ZHOU,GOLLMAN: "A fair non-repudiation protocol" SYMPOSIUM ON SECURITY AND PRIVACY 1996 IEEE, February 1996 (1996-02), pages 55-61, XP002164809 * |
Cited By (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2006112759A1 (en) * | 2005-04-20 | 2006-10-26 | Docaccount Ab | Method and device for ensuring information integrity and non-repudiation over time |
US8756413B2 (en) | 2005-04-20 | 2014-06-17 | Brandsign Ab | Method and device for ensuring information integrity and non-repudiation over time |
US9253186B2 (en) | 2005-04-20 | 2016-02-02 | Brandsign Ab | Method and device for ensuring information integrity and non-repudiation over time |
US7890757B2 (en) | 2005-12-30 | 2011-02-15 | Novell, Inc. | Receiver non-repudiation |
US8171293B2 (en) | 2005-12-30 | 2012-05-01 | Apple Inc. | Receiver non-repudiation via a secure device |
US8688989B2 (en) | 2005-12-30 | 2014-04-01 | Apple Inc. | Receiver non-repudiation via a secure device |
US8458477B2 (en) | 2008-12-01 | 2013-06-04 | Novell, Inc. | Communication with non-repudiation |
US8806214B2 (en) | 2008-12-01 | 2014-08-12 | Novell, Inc. | Communication with non-repudiation and blind signatures |
US9654294B2 (en) | 2015-02-26 | 2017-05-16 | Red Hat, Inc. | Non-repudiable atomic commit |
US10228967B2 (en) | 2016-06-01 | 2019-03-12 | Red Hat, Inc. | Non-repudiable transaction protocol |
US11150938B2 (en) | 2016-06-01 | 2021-10-19 | Red Hat, Inc. | Non-repudiable transaction protocol |
Also Published As
Publication number | Publication date |
---|---|
WO2001025883A3 (en) | 2001-10-18 |
CA2386522A1 (en) | 2001-04-12 |
AU7745200A (en) | 2001-05-10 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US7360079B2 (en) | System and method for processing digital documents utilizing secure communications over a network | |
US6988199B2 (en) | Secure and reliable document delivery | |
US8370444B2 (en) | Generating PKI email accounts on a web-based email system | |
US7596689B2 (en) | Secure and reliable document delivery using routing lists | |
JP3251917B2 (en) | Electronic bidding system and electronic bidding method | |
JP2005517348A (en) | A secure electronic messaging system that requires a key search to derive a decryption key | |
US8145707B2 (en) | Sending digitally signed emails via a web-based email system | |
US20140136839A1 (en) | Methods and systems for dynamic updates of digital certificates | |
AU2003300244A1 (en) | Method for ensuring privacy in electronic transactions with session key blocks | |
US8615653B2 (en) | Methods and systems for dynamic updates of digital certificates via subscription | |
US8352742B2 (en) | Receiving encrypted emails via a web-based email system | |
Gritzalis et al. | A digital seal solution for deploying trust on commercial transactions | |
WO2001030016A2 (en) | A method for non-repudiation using a trusted third party | |
WO2001025883A2 (en) | A method for preventing repudiation of an executed transaction without a trusted third party | |
WO1998013970A1 (en) | A system and method for securely transferring plaindata from a first location to a second location | |
WO2002046861A2 (en) | Systems and methods for communicating in a business environment | |
WO2002021793A2 (en) | System and method for encrypted message interchange | |
Vandenwauver et al. | Securing internet electronic mail | |
WO2003081840A1 (en) | Method and system relating to a non-repudiation message exchange | |
KR19990087911A (en) | a mechanism for secure tendering in an open electronic network | |
Spinellis et al. | Deploying a Secure Cyberbazaar by adding Trust on Commercial Transactions | |
Crall et al. | Ssl/tls in windows server 2003 | |
CA2339564A1 (en) | A method and system for encrypting digital messages | |
Sirisawatdiwat | Using of security protocols | |
Al-Hammadi | Certified exchange of electronic mail (CEEM): A nonrepudiation protocol to protect both originator and recipient |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A2 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG UZ VN YU ZA ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A2 Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
DFPE | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101) | ||
AK | Designated states |
Kind code of ref document: A3 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG UZ VN YU ZA ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A3 Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2386522 Country of ref document: CA |
|
REG | Reference to national code |
Ref country code: DE Ref legal event code: 8642 |
|
122 | Ep: pct application non-entry in european phase | ||
NENP | Non-entry into the national phase in: |
Ref country code: JP |