This paper addresses the issue of fair (signature or key) exchange in emerging ubiquitous commerce (u-commerce). Such an application poses new security challenges. In particular, it involves distributed and autonomous operations running in a much open, dynamic and resource-diversified networking environment, which makes an exchange highly susceptible to security attacks and system failures. Existing approaches to fair exchange are ineffective in dealing with the new challenges as their design did not envisage such complex operational situations. In this paper, we aim to propose a novel fair exchange protocol specifically for u-commerce in response to the new challenges. The protocol is supported by an integration of several techniques, such as threshold proxy signatures, purpose-restricted encryption key certification and threshold verifiable proxy encryption, to accomplish the fairness of exchange in u-commerce settings. The protocol analysis is also provided for the proof of its fairness.
Read full abstract