This article presents an efficient public-key protocol for mutual authentication and key exchange designed for third generation mobile communications systems. The paper also demonstrates how a micropayment scheme can be integrated into the authentication protocol; this payment protocol allows for the provision of incontestable charging. The problem of establishing authenticated public keys through crosscertification is addressed.

Abstract. We present a new micropayment scheme based on the use of "electronic lottery tickets. " This scheme is exceptionally efficient since the bank handles only winning tickets, instead of handling each micropayment. 1 Introduction We present a paradigm for micropayments: probabilistic payments with "electronic lottery tickets. " The probabilistic nature of lottery tickets makes payment of small values simple. For example, an electronic lottery ticket for a $10.00 prize with a 1/1000 chance of winning has an expected value of one cent. A user can pay a vendor one cent by giving the vendor such a lottery ticket. With conventional payment schemes, a bank or broker must process each payment: the bank issues each digital coin, and processes it again when it is redeemed. Electronic lottery tickets are the first payment scheme in which the bank does not have to process each payment, since the bank only sees the "winners. " From a bank's point of view, lottery tickets are significantly more efficient than all previously known micropayment schemes.

Distributed Denial of Service (DDoS) attacks exploit the acute imbalance between client and server workloads to cause devastation to the service providers. We propose a distributed gateway architecture and a payment protocol that imposes dynamically changing prices on both network, server, and information resources in order to push some cost of initiating service requests — in terms of monetary payments and/or computational burdens — back onto the requesting clients. By employing different price and purchase functions, the architecture can provide service quality differentiation and furthermore, select good client behavior and discriminate against adversarial behavior. If confirmed by additional experiments, judicious partitioning of resources using different pricing functions can improve overall service survivability. 1 1.

Abstract. This paper describes economic aspects of gnunet, a peer-topeer framework for anonymous distributed file-sharing. gnunet is decentralized; all nodes are equal peers. In particular, there are no trusted entities in the network. This paper describes an economic model to perform resource allocation and defend against malicious participants in this context. The approach presented does not use credentials or payments; rather, it is based on trust. The design is much like that of a cooperative game in which peers take the role of players. Nodes must cooperate to achieve individual goals. In such a scenario, it is important to be able to distinguish between nodes exhibiting friendly behavior and those exhibiting malicious behavior. gnunet aims to provide anonymity for its users. Its design makes it hard to link a transaction to the node where it originated from. While anonymity requirements make a global view of the end-points of a transaction infeasible, the local link-to-link messages can be fully authenticated. Our economic model is based entirely on this local view of the network and takes only local decisions. 1

Electronic commerce and electronic business greatly need new payment systems that will support their further development. To better understand problems and perspectives of the electronic payment systems this article describes a classification and different characteristic aspects of payment systems.

Due to business relationships, alliances, trust, and distribution of liability, distribution of power is an important issue in financial systems. At the same time as the security of the scheme is strengthened by this decentralization, the perception of the security is also strengthened, which is important from a business point of view. Furthermore, apart from increasing the security, client trust and availability of the system, distribution of power can also increase its functionality, as we demonstrate. We suggest an anti-trust mechanism, namely, a method for distribution of the centralized parties into many modules (potentially controlled by different entities), and apply it to a versatile electronic-money system. The method diffuses a task into distributed modules using recent cryptographic technology; doing so, it achieves increased security, privacy, availability and functionality without introducing any noticeable disadvantage. It uses Magic Ink Signatures [29], which are blind ...

: : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : viii I Introduction : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : 1 A. The Need for Balanced E-Money Systems : : : : : : : : : : : : : : : : : : : : 1 1. Outline : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : 2 2. What we achieve : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : 3 3. Avoiding abuse : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : 4 4. Method : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : 5 5. Tools for Privacy and Authenticity : : : : : : : : : : : : : : : : : : : : : 6 6. Tools for Robustness : : : : : : : : : : : : : : : : : : : : : : : : : : : : : 7 B. Related Work : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : 7 II A Versatile and Efficient E-Money Scheme : : : : : : : : : : : : : : : : : : : : : 11 A. System Model : : : : : : : : : : : : : : : : : : : ...

This dissertation presents an architectural model and a reference implementation for push systems. Push systems reverse the pull-based communication paradigm on the world-wide web and in most other distributed systems to support easier information dissemination and discovery for users. The pull model requires the user to issue a request whenever information is needed, whereas push systems support asynchronous information distribution: Whenever information of the user's choice becomes available, it gets distributed. In the push communication model, an information producer announces the availability of certain types of information, an interested consumer subscribes to this information, and the producer periodically publishes the information (pushes it to the consumer). This simplifies the discovery of information and provides timely information dissemination but introduces complex problems that challenge the widespread deployment of push systems: scalability to large numbers of users in terms of network bandwidth, timely notification of information availability, authenticity and integrity of information, and support for payment methods and business models. Current systems fall short in addressing these issues. Most available push systems actually use a pull-based distribution approach where clients check for new information at configurable intervals; frequently scalability is limited, many systems lack services to provide information authenticity and integrity, and moreover, the important issue of payment models is not adequately addressed by any existing system.

We study the problem of traversing a hash chain with a constant bound, m, on the number of hash-function evaluations allowed per each exposed link in the chain. We present a new, general protocol that solves this problem, and prove that its storage requirements are k n chain links, where k = m + 1. We propose a new, natural criterion for evaluating the utility of a hash chain traversal protocol, which measures the length of the hash chain that the protocol traverses under fixed storage constraints. We present a new, specific protocol, tailored for the case m = 1, which improves the performance of the general protocol (with respect to the above criterion) by more than twice, and prove that the specific protocol is optimal in that sense.

Honeypots have been proposed to act as traps for malicious attackers. However, because of their deployment at fixed (thus detectable) locations and on machines other than the ones they are supposed to protect, honeypots can be avoided by sophisticated attacks. We propose roaming honeypots, a mechanism that allows the locations of honeypots to be unpredictable, continuously changing, and disguised within a server pool. A (continuously changing) subset of the servers is active and providing service, while the rest of the server pool is idle and acting as honeypots. We utilize our roaming honeypots scheme to mitigate the effects of service-level DoS attacks, in which many attack machines acquire service from a victim server at a high rate, against back-end servers of private services. The roaming honeypots scheme detects and filters attack traffic from outside a firewall (external attacks), and also mitigates attacks from behind a firewall (internal attacks) by dropping all connections when a server switches from acting as a honeypot into being active. Through ns-2 simulations, we show the effectiveness of our roaming honeypots scheme. In particular, against external attacks, our roaming honeypots scheme provides service response time that is independent of attack load for a fixed number of attack machines. 1.