This Article 
 Bibliographic References 
 Add to: 
Accountability in Electronic Commerce Protocols
May 1996 (vol. 22 no. 5)
pp. 313-328

Abstract—In most commercial and legal transactions, the ability to hold individuals or organizations accountable for transactions is important. Hence, electronic protocols that implement commercial transactions must be designed to provide adequate accountability assurances for transacting parties. Without such assurances, electronic transactions can be susceptible to disputes. Currently, protocol design for electronic commerce is done in an ad-hoc manner, a technique which has been shown to be error-prone by past experience with key distribution protocols [4]. Despite the importance of accountability in electronic commerce, and the subtlety of designing error-free protocols, currently, there are no analysis methods to examine whether a protocol design conforms to the accountability goals of the transaction that it implements. Since most current protocol analysis methods have been developed to analyze key management protocols, they focus on properties such as message replay detection, and key origin authentication (e.g., [20], [4], [11], [14], [18]).

In this paper, a new framework is proposed for the analysis of communication protocols that require accountability, such as those for electronic commerce. This framework can be used to analyze protocol designs to detect accountability (or lack thereof). Arguments are presented to show that a heretofore unexplored property "provability" is pertinent to examining the potential use of communication protocols in the context of litigation, and in the context of audit. A set of postulates which are applicable to the analysis of proofs in general and the proofs of accountability in particular, are proposed. The proposed approach is more natural for the analysis of accountability than the existing belief logics (e.g., [4]) that have been used in the past for the analysis of key distribution protocols. Some recently proposed protocols for electronic commerce and public-key delegation are analyzed to illustrate the use of the new analysis framework in detecting (and suggesting remedies for eliminating) their lack of accountability, and in detecting and eliminating redundancies.

[1] M. Abadi, M. Burrows, B. Lampson, and G. Plotkin, "A Calculus for Access Control in Distributed Systems," Proc. Crypto '91, Springer Verlag 1992. Also research report 70, Systems Research Center, Digital Equipment Corp., Palo Alto, Calif., Mar. 1991
[2] M. Abadi and M. Tuttle, "A semantics for a logic of authentication," Proc. of ACM Symp. Principles of Distributed Computing, Aug. 1991.
[3] P.W. Brown, "Digital Signatures: Can They Be Accepted as Legal Signatures in EDI ?" Proc. ACM Conf. Computer and Comm. Security, Nov. 1993.
[4] M. Burrows, M. Abadi, and R. Needham, "A logic of authentication," ACM Trans. Computer Systems, vol. 8, no. 1, pp. 18-36, Feb. 1990. Also see Research Report no. 39, DEC SRC, 48 pp., 1989.
[5] D. Chaum, A. Fiat, and N. Naor, "Untraceable Electronic Cash," Proc. Crypto '88, 1988.
[6] D. Chaum and H. van Antwerpen, "Undeniable Signatures," Advances in Cryptology—Proc. Crypto '88,Berlin: Springer-Verlag, 1990.
[7] D. Chaum, B. Boer, E. Heyst, S. Mjolsnes, and A. Steenbeek, "Efficient Off-Line Electronic Checks," Proc. Eurocrypt '89, 1989.
[8] Richard A. DeMillo, Richard J. Lipton, and Alan J. Perlis, "Social Processes and Proofs of Theorems and Programs," Comm. ACM, vol. 22, p. 271, May 1979.
[9] W. Diffie and M.E. Hellman, New Directions in Cryptography IEEE Trans. Information Theory, vol. 22, pp. 644-654, 1976.
[10] V.D. Gligor, R. Kailar, S. Stubblebine, and L. Gong, "Logics for Cryptographic Protocols—Virtues and Limitations," IEEE Computer Security Foundations Workshop, June 1991.
[11] L. Gong, R. Needham, and R. Yahalom, “Reasoning About Belief in Cryptographic Protocols,” Proc. 14th IEEE Symp. Research in Security and Privacy, pp. 234–248, May 1990.
[12] L.C. Guillou and J.-J. Quisquater, "A 'Paradoxical' Identity-Based Signature Scheme Resulting from Zero-Knowledge," S. Goldwasser, ed., Proc. Advances in Cryptology—Crypto 88, Vol. 403, Lecture Notes in Computer Sciences, Springer Verlag, New York, 1990, pp. 216-231.
[13] R. Kailar, "Reasoning about Accountability in Protocols for Electronic Commerce," Proc. IEEE Symp. Security and Privacy, May 1995.
[14] R. Kailar and V. Gligor, "On Belief Evolution in Authentication Protocols," Proc. IEEE Computer Security Foundations Workshop, June 1991.
[15] R. Kailar, V. Gligor, and L. Gong, "Effectiveness Analysis of Cryptographic Protocols," Proc. IFIP Conf. Dependable Computing for Critical Applications, Jan. 1995.
[16] C. Lai, G. Medvinsky, and B.C. Neuman, "Endorsements, Licensing, and Insurance for Distributed System Services," Proc. ACM Conf. Computer and Comm. Security, Nov. 1994.
[17] Y.I. Manin, A Course in Mathematical Logic. Springer-Verlag, 1977.
[18] C. Meadows, "Using Narrowing in the Analysis of Key Management Protocols," Proc. IEEE Computer Symp. Security and Privacy, May 1989.
[19] G. Medvinsky and B.C. Neuman, "NetCash: A design for practical electronic currency on the internet," Proc. 1993 ACM Conf. Computer and Comm. Security, pp. 102-106.
[20] J.K. Millen, S.C. Clark, and S.B. Freedman, "The Interrogator: Protocol Security Analysis," IEEE Trans. Software Eng., vol. 13, no. 2, 1987.
[21] B.C. Neuman and G. Medvinsky, "Requirements for Network Payment: The NetCheque™Perspective," Proc. IEEE CompCon'95,San Francisco, Mar. 1995.
[22] T. Okamoto and K. Ohta, "Universal Electronic Cash," Proc. Crypto '91, 1991.
[23] K.R. O'Toole, "The Internet Billing Server Transaction Protocol Alternatives," Carnegie Mellon Univ. Information Networking Inst., INI TR 1994-1, Apr. 1994.
[24] B. Pfitzmann and M. Waidner, "How to Break and Repair a 'Provably Secure' Untraceable Payment System," Proc. Crypto '91, 1991.
[25] R. Anderson, "Why Cryptosystems Fail," Proc. ACM 1st Conf. Computer and Comm. Security, ACM Press, New York, 1993.
[26] B. Schneier, Applied Cryptography, John Wiley&Sons, 1993.
[27] P. Syverson, "The use of logic in the analysis of cryptographic protocols," Proc. 1991 IEEE Symp. Research in Security and Privacy, May 1991.
[28] J. Tardo and K. Alagappan, "SPX: Global Authentication Using Public Key Certificates," Proc. IEEE Symp. Security and Privacy, May 1991.
[29] V.L. Voydock and S.T. Kent, "Security mechanisms in high-level network protocols," Computing Surveys, vol. 15, no. 2, pp. 135-171, 1983.
[30] C. Wilder, "Digital Dollars," Information Week, Oct.31, 1994.

Index Terms:
Accountability, electronic commerce, protocol analysis, logic, formal analysis, cryptographic protocols.
Rajashekar Kailar, "Accountability in Electronic Commerce Protocols," IEEE Transactions on Software Engineering, vol. 22, no. 5, pp. 313-328, May 1996, doi:10.1109/32.502224
Usage of this product signifies your acceptance of the Terms of Use.