We present new protocols for fair exchange of electronic data (digital signatures, payment and confidential data) between two parties A and B. Novel properties of the proposed protocols include: 1) off-line trusted third party (TTP), i.e., TTP does not take part in the exchange unless one of the parties behaves improperly; 2) only three message exchanges are required in the normal situation; 3) true fair exchange, i.e., either A and B obtain each other's data or no party receives anything useful; no loss can be incurred to a party no matter how maliciously the other party behaves during the exchange. This last property is in contrast to previously proposed protocols with off-line TTP ([1] and [21]), where a misbehaving party may get other party's data while reuse to send his document to the other party, and the TTP can provide affidavits attesting to what happened during the exchange. To our knowledge, the protocols presented here are the first exchange protocols which use off-line TTP and at the same time guarantee true fair-exchange of digital messages. We introduce...

We propose a micro-payment scheme for multi-hop cellular networks that encourages collaboration in packet forwarding by letting users benefit from relaying others' packets. At the same time as proposing mechanisms for detecting and rewarding collaboration, we introduce appropriate mechanisms for detecting and punishing various forms of abuse. We show that the resulting scheme -- which is exceptionally lightweight -- makes collaboration rational and cheating undesirable.

Computational Grids are emerging as a new infrastructure for Internet-based parallel and distributed computing. They enable the sharing, exchange, discovery, and aggregation of resources distributed across multiple administrative domains, organizations and enterprises. To accomplish this, Grids need infrastructure that supports various services: security, uniform access, resource management, scheduling, application composition, computational economy, and accounting. Although several initiatives are engaged in the development of Grid technologies, Grid accounting issues are yet to be addressed. To overcome this limitation, we propose a new infrastructure called Grid Bank that provides services for accounting. The support of computational economy and accounting services can lead to a self-regulated accountability in grid computing. This paper presents requirements of Grid accounting and different economic models within which it can operate and proposes a Grid Accounting Services Architecture to meet them. The paper highlights implementation issues with a detailed discussion on the format for various records/databases that the GridBank needs to maintain. It also presents protocols for interaction between the GridBank and various components within Grid computing environments.

In this work, we aim to reduce the computational costs of using public-key digital signatures in securing routing protocols. Two protocols (COSP and IOSP) using one-time digital signatures are introduced to provide the functionality of public-key digital signatures. Our protocols are intended to be used in place of public-key digital signatures for signing all kinds of message exchanges among routers. We obtained more than ten-fold increase in speed compared with public-key signatures. Our protocols overcome the shortcomings identified in previous works, such as timing constraints, limited applications and high storage and computational costs for volatile environments [12].

We present new micropayment schemes that are more efficient and user friendly than previous ones.

Micro-payments are payments too small in amount to warrant the overhead costs of current financial clearing networks. Furthermore one can expect that content servers for the global information infrastructure (GII) will have to process so many of these low value transactions that computationally complex and costly cryptographic protocols will be impractical. This report proposes a micro-payment scheme that can be bootstrapped with the already well-known payment protocols for larger amounts, but does not depend on them for each micro-transaction. Special attention is given to its integration into IBM's Internet Keyed Payment Systems (iKP). 1 Introduction Micro-payments have a broad application area in the marketing of information distributed in an electronic form. Modern network information browsing tools (WWW [1]) enable users/clients to wander arbitrarily through the global networks and obtain such documents. We assume that a specific client normally is consuming enough low-value docu...

) Markus Jakobsson Information Sciences Research Center, Bell Labs, Murray Hill, New Jersey 07974 www.markus-jakobsson.com Ari Juels RSA Laboratories, 20 Crosby Drive, Bedford, MA 01730 ari@rsa.com Abstract We formalize the notion of a proof of work (POW). In many cryptographic protocols, a prover seeks to convince a verifier that she possesses knowledge of a secret or that a certain mathematical relation holds true. By contrast, in a POW, a prover demonstrates to a verifier that she has performed a certain amount of computational work in a specified interval of time. POWs have served as the basis of a number of security protocols in the literature, but have hitherto lacked careful characterization. In this paper, we offer definitions treating the notion of a POW and related concepts. We also introduce the dependent idea of a bread pudding protocol. Bread pudding is a dish that originated with the purpose of reusing bread that has gone stale. In the same spirit, we define a...

We introduce a novel amortization technique for computation of consecutive preimages of hash chains, given knowledge of the seed. While all previously known techniques have a memory-times-computational complexity of O(n) per chain element, the complexity of our technique can be upper bounded at O(log 2 n), making it a useful primitive for low-cost applications such as authentication, signatures and micro-payments. Our technique uses a logarithmic number of pebbles associated with points on the hash chain. The locations of these pebbles are modified over time.

Abstract. This paper reconsiders the established Merkle-Damg˚ard design principle for iterated hash functions. The internal state size w of an iterated n-bit hash function is treated as a security parameter of its own right. In a formal model, we show that increasing w quantifiably improves security against certain attacks, even if the compression function fails to be collision resistant. We propose the wide-pipe hash, internally using a w-bit compression function, and the double-pipe hash, with w = 2n and an n-bit compression function used twice in parallel.

Abstract not found