Analysis and Improvements of a Secure E-Tender Submission Protocol
The Du-Boyd-Foo Extender protocol is the first protocol to address the issue of security in e-tendering. However, it dose not cater for re-submission because each tender is allowed to submit only once. In this paper, we show that the Du-Boyd-Foo protocol is vulnerable to a realistic man-in-the-middle attack, revise the protocol to make it immune to such attack, and extend it to also apply to re-submissions. In doing so, we enhance the protection against both man-in-the-middle and cheating-tenderer attacks that are possible in re-submissions. This work extends the usefulness of the Du-Boyd-Foo protocol by making it more secure and more general.
Shaoying Cai Yingjiu Li Yiming Zhao Yunlei Zhao
Singapore Management University, 80 Stamford Road, Singapore 178902 Fudan University, 220 Handan Roa Singapore Management University, 80 Stamford Road, Singapore 178902 Fudan University, 220 Handan Road, Shanghai, China 200433
国际会议
Fourth International Conference,Inscrypt 2008(第四届中国密码学与信息安全国际会议)
北京
英文
153-163
2008-12-01(万方平台首次上网日期,不代表论文的发表时间)