Fair Electronic Exchange Based on Fingerprint Biometrics

Fair Electronic Exchange Based on Fingerprint Biometrics

Harkeerat Bedi (University of Tennessee at Chattanooga, USA) and Li Yang (University of Tennessee at Chattanooga, USA)
Copyright: © 2009 |Pages: 31
DOI: 10.4018/jisp.2009100705

Abstract

Fair exchange between two parties can be defined as an instance of exchange such that either both parties obtain what they expected or neither one does. Protocols that facilitate such transactions are known as “fair exchange protocols”. We analyze one such protocol by Micali that demonstrates fair contract signing, where two parties exchange their commitments over an already negotiated contract. In this journal we show that Micali’s protocol is not completely fair and demonstrate the possibilities for one party cheating by obtaining the other party’s commitment and not offer theirs. A revised version of this protocol by Bao provides superior fairness by handling the above mentioned weakness but fails to handle the possibility of a replay attack. Our proposed protocol improves upon Bao’s protocol by addressing the weakness that leads to a replay attack. We also demonstrate a software implementation of our system which provides fair contract signing along with properties like user authentication achieved through the use of a fingerprint based authentication system and features like confidentiality, data-integrity and non-repudiation through implementation of hybrid cryptography and digital signatures algorithms based on Elliptic Curve Cryptography.
Article Preview

Fair Electronic Exchange

Fair electronic exchange can be demonstrated as e-commerce that takes place between two parties who are online where exchange of goods and services is performed such that both parties obtain what they expected or they obtain nothing at all. After an exchange is performed or aborted prematurely, none of the parties should have an unfair advantage over the other. If cheating takes place, where one party refuses to present its part of the exchange, means for providing fairness should be available. This may include use of additional entities like a human judge or electronic ones that can comprehend the situation and act accordingly to provide fairness. Protocols that provide such facilities are termed as fair exchange protocols. Such protocols can be used for the following purposes:

  • a.

    Certified E-Mail (CEM) where Alice sends a message to Bob and gets a receipt from him in return. Providing the quality of fairness would include Alice getting the receipt only when Bob gets the message or Bob getting the message only when Alice gets the receipt.

  • b.

    Electronic Contract Signing (ECS) where both Alice and Bob wish to sign a contract that has been already negotiated. This would involve Alice sending her commitment (digital signature) on the contract to Bob and him sending his commitment (digital signature) on the same in return. Providing fairness would involve Alice receiving Bob’s commitment only when her commitment is received by Bob and vice versa. This example demonstrates contract signing between two parties. However, various multi-party contract signing protocols have also been proposed in (Baum-Waidner, 2001; Ferrer-Gomila, Payeras-Capella, Huguet-Rotger, 2001; Garay & MacKenzie, 1999).

  • c.

    Online payment systems (OPS) where Alice is the seller and Bob is the buyer and payment is given in return of the item of value (Cox, Tygar, & Sirbu, 1995).

In the ideal case, where both Alice and Bob are guaranteed to be honest and the communication channel is secure and provides resilience, fair exchange can be achieved trivially without the aid of any external fairness provider. The above described scenarios can thus be carried out as follows:

Fair Certified E-Mail:

  • Step 1: Alice sends her message to Bob.

  • Step 2: Bob sends his receipt for the message to Alice. Receipt may be the digital signature of Bob on the message which will also provides non repudiation.

Fair Electric Contract Signing:

Complete Article List

Search this Journal:
Reset
Open Access Articles
Volume 13: 4 Issues (2019): 1 Released, 3 Forthcoming
Volume 12: 4 Issues (2018)
Volume 11: 4 Issues (2017)
Volume 10: 4 Issues (2016)
Volume 9: 4 Issues (2015)
Volume 8: 4 Issues (2014)
Volume 7: 4 Issues (2013)
Volume 6: 4 Issues (2012)
Volume 5: 4 Issues (2011)
Volume 4: 4 Issues (2010)
Volume 3: 4 Issues (2009)
Volume 2: 4 Issues (2008)
Volume 1: 4 Issues (2007)
View Complete Journal Contents Listing