A non-repudiation protocol enables the fair exchange of an electronic message and an irrefutable digital receipt between two mistrusting parties over the Internet. That is, at the end of any execution instance of such a protocol, either both parties obtain their expected items or neither party does. In this paper, we first argue that it is really meaningful in practice to exploit generic fair n...

Non-repudiation protocols with session labels have a number of vulnerabilities. Recently Cederquist, Corin and Dashti have proposed an optimistic non-repudiation protocol that avoids altogether the use of session labels. We have specified and analysed this protocol using an extended version of the AVISPA Tool and one important fault has been discovered. We describe the protocol, the analysis me...

In 2004, Sekhar proposed a new signature scheme with message recovery. Based on this signature scheme with message recovery, they also proposed a designated verifier signature scheme with non-repudiation of origin and a convertible designated verifier signature scheme with non-repudiation of origin. This paper, however, presents a security analysis where Sekhar’s signature schemes are vulnerabl...

This work introduces a formal analysis of the non-repudiation property for security protocols. Protocols are modelled in the process calculus LYSA, using an extended syntax with annotations. Non-repudiation is verified using a Control Flow Analysis, following the same approach of M. Buchholtz and H. Gao for authentication and freshness analyses. The result is an analysis that can statically che...

This paper focuses on the provision of a nonrepudiation service for CORBA. The current OMG specification of a CORBA non-repudiation service forces the programmer to augment the application with calls to functions for generating or validating evidence. Furthermore, the application itself has to manage the exchange of this evidence between parties and its storage. The paper describes our design f...

Fairness may be a desirable property of a nonrepudiation service. Protocols can achieve fairness through the involvement of a trusted third party but the extent of the trusted third party's involvement can vary between protocols. Hence, one of the goals of designing an efficient non-repudiation protocol is to reduce the work load of the trusted third party. In this paper we present a variant of...

This paper applies the theory of Communicating Sequential Processes (CSP) to the modelling and analysis of a non-repudiation protocol. Non-repudiation protocols di er from authentication and key-exchange protocols in that the participants require protection from each other, rather than from an external hostile agent. This means that the kinds of properties that are required of such a protocol, ...