Two-phase Commit with Security Services: Using Distinctive Proofs to Relieve Fragile Communications

Abstract

Inspired by stand-alone authentication, which can authenticate users when the connection to the central server is down, we present concepts called local proof and delayed proof that can adapt to two scenes when the authentication server is down: the former can solve self- authenticated to make local applications running without online authentication; the latter can solve two nodes to produce a session key for doing some transactions, but firstly they must exchange the delayed proof to prevent the fraud actions, specially, if the transaction is taking on the important process (such as contract signing or cash transaction), they must wait the authentication server is online. The key idea of our scheme is to improve the efficiency, and anyone can make effective use of the time to negotiate or do some unimportant things during the authentication server is down. Next, we propose a novel Chaotic Maps-based scheme against fragile communications, named CMFC, aiming to bypass the crashed authentication server temporarily for kinds of applications running. For important applications, we adopt the idea of two-phase commit protocol in our scheme: (1) the un- available authentication server case, in which the CMFC can self-authenticated or compute a provisional delayed proof and a session key for two-party communicating. (2) the available authentication server case, in which, based on the phase (1) and the authentication server's verification, the two-party decides whether to commit (only if all have voted ＂Yes＂) or abort the transaction (other- wise). Finally, we give the formal security proof about our scheme with BAN logic and efficiency analysis.