• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.6
• /
• pp.3-15
• /
• 2002

In this paper, we propose an efficient and secure sealed-bid auction protocol with two servers, a seller S and a third party A . The proposed scheme uses the idea of the conditional oblivious transfer protocol proposed by Crescenzo-Ostrovskey-Rajagopalan. A server A is not a trusted third party, but is assumed not to collude with a server S. In the proposed auction protocol, barring collusion between A and S, neither party gains any information about the bids, and moreover, the outcome of the auction will be correct. And the computational complexity of our auction protocol is considerably efficient and the communication overhead is similar to that of Naor-Pinkas-Sumner's scheme.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.14 no.6
• /
• pp.678-686
• /
• 2004

This paper presents a new method to securely conduct online sealed-bid auctions with a single auctioneer server The sealed-bid auctions have several vulnerable security problems when they are performed on the Internet. One of such problems is the trust establishment between an auctioneer and bidders who participate in an auction. Several online sealed-bid auction methods have been developed to address this trust problem. The proposed method solves the security problems that would happen in the sealed-bid auction using a blind signature scheme and a contract signature protocol. It prevents the auctioneer from illegally manipulating the bidders' bidding information, repudiating the reception of some bid, manipulating the auction period, and illegally adding or deleting bids. In addition, it keeps the bidders from modifying the bidding information after issuing their bid and doing intentional mistake to invalidate their own bid. The method can be easily implemented using the multiagent architecture.

• Journal of the Korean Operations Research and Management Science Society
• /
• v.28 no.2
• /
• pp.17-33
• /
• 2003

The explosive growth of the internet-based transactions requires not only a secure payment system but also an appropriate trust measuring methodology and secure transaction protocols to guarantee the minimal risk for the transacting entities involved in specific transactions. Especially, in internet auction systems where either buyers or sellers or both can be more than one in one transaction, providing those systems that make sure no one transacting entity takes a major risk becomes critical. In this paper, an improved trust measuring method using a relationship-based internet community for an auction system is proposed. The proposed system incorporates fuzzy set and calculation concepts to help build trust matrices and models, which is used to measure the level of risk involved in a specific auction trade concerned. Also, to optimize the auction trade process in terms of cost and time, the proposed system recommends a differentiated trade protocol according to the risk level involved in each auction trade. To test the appropriateness of the proposed trusted auction system, a prototype system has been developed under a Windows-NT environment.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2003.12a
• /
• pp.518-522
• /
• 2003

We propose a new auction protocol scheme that uses the publicly verifiable secret sharing (PVSS) scheme. Unlike the existing scheme where a verifiable encryption scheme is employed when there is a dispute between a bidder and the auctioneer, the proposed scheme essentially removes the potential of a dispute. In addition, it has a robust registration phase and any entities participating in or observing the auction can verify the correctness of the auction process. The manager does not directly chooses the private key for the bidders, but only verifies the correctness between the private key and the public key, thereby improving the security, such as a bid submission of a malicious manager using the private key of a bidder.

• The Journal of Society for e-Business Studies
• /
• v.12 no.4
• /
• pp.29-36
• /
• 2007

Recently, Jaiswal et al. proposed a protocol to improve the multi-agent negotiation test-bed which was proposed by Collins et al. Using publish/subscribe system, time-release cryptography and anonymous communication, their protocol gives an improvement on the old one. However, it is shown that the protocol also has some security weaknesses: such as replay data attack and DOS (denial-of-service) attack, anonymity disclosure, collusion between customers and a certain supplier. So proposed protocol reduces DOS attack and avoids replay data attack by providing ticket token and deal sequence number to the supplier. And it is proved that the way that market generates random number to the supplier is better than the supplier do by himself in guaranteeing anonymity. Market publishes interpolating polynomial for sharing the determination process data. It avoids collusion between customer and a certain supplie

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.11
• /
• pp.5537-5555
• /
• 2017

Having the characteristics of unlinkability, anonymity, and unforgeability, blind signatures are widely used for privacy-related applications such as electronic cash, electronic voting and electronic auction systems where to maintain the anonymity of the participants. Among these applications, the blinded message is needed for a certain purpose by which users delegate signing operation and communicate with each other in a trusted manner. This application leads to the need of proxy blind signature schemes. Proxy blind signature is an important type of cryptographic primitive to realize the properties of both blind signature and proxy signature. Over the past years, many proxy blind signature algorithms have been adopted to fulfill such task based on the discrete logarithm problem (DLP) and the elliptic curve discrete log problem (ECDLP), and most of the existing studies mainly aim to provide effective models to satisfy the security requirements concerning a single blinded message. Unlike many previous works, the proposed scheme applies the signcryption paradigm to the proxy blind signature technology for handling multiple blinded messages at a time based on elliptic curve cryptography (ECC). This innovative method thus has a higher level of security to achieve the security goals of both blind signature and proxy signature. Moreover, the evaluation results show that this proposed protocol is more efficient, consuming low communication overhead while increasing the volume of digital messages compared to the performance from other solutions. Due to these features, this design is able to be implemented in small low-power intelligent devices and very suitable and easily adoptable for e-system applications in pervasive mobile computing environment.