Scroll Top


Non-repudiation (NR) is one of the security services (or dimensions as defined in the document X.805 by the ITU) for point to point communications. Secure communications need to integrate a service in charge of generating digital evidence (rather than simply information logs) in order to resolve disputes arisen in case of network errors or entities’ misbehaviour when digital information is exchanged between both points. This is the case of fair exchange protocols, certified emil applications (in which a digital message is exchanged for a proof of receipt) and contract signing protocols (in which digital signatures on a document need to be fairly exchanged). Research on non-repudiation started with typical security scenario in which Alice and Bob need to exchange information items. But in real applications, in many cases, multiple entities participate in the scenario.

This is the start point of the research performed in NICS. Firstly we have analysed the number of protocol messages as well as the number of evidences to be verified by participating entities. The conclusions show that efficient specific NR protocols need to be designed. The resulting protocols are known as Multiparty Non-Repudiation protocols (MNR). The first step is to review existing NR protocols (and its different versions with respect to TTP involvement) and extend them to multiparty scenarios, improving the efficiency and the need for crypto operations further than using multiple instances of the simple NR protocols. This is done for on-line and optimistic designs of the non-repudiation protocols.

Collect, verify and store transactions’ evidence are additional tasks required as part of non-repudiation service, but may be undesirable for end users where such transactions are undertaken with numerous entities. Therefore, intermediary institutions may be useful in these scenarios if they help end entities to make their electronic transactions. Furthermore, these intermediate entities can act as “hubs”, increasing the market and opportunities for customers and merchants. Therefore, we analysed a new entity that participates in the non-repudiation protocol. This intermediary institution may be just another module in an existing system, facilitating and helping agencies to conduct electronic transactions. We provide different scenarios in which our solution can be easily adapted, and demonstrate the benefits to end users in the use of intermediary service in reducing the storage of evidence and contact with various recipientss. In our intermediary protocol, the originator can remain anonymous with respect to recipients, and vice versa, since the originator and the receivers do not need to check each other’s evidence. Even without putting complete trust on the intermediary, our solution maintains the security requirements defined for non-repudiation.

Payments protocols need to be fair as well. Therefore we introduce a new entity that without being completely reliable, helps distributors in the possibly small collection of payments and in the announcement of such digital content. We use an underlying P2P payment protocol and applies it to our content distribution in P2P networks where the originator’s workload relies heavily on a broker, so that each entity may well be involved in distributing digital content and collecting payment through this agent. We also discussed the trust that is presumed to each of the entities in our model and integrate a non-repudiation security service design [1].

Although we omit the details of implementation, Intermediary entities in non-repudiation protocols can be implemented as mobile agents (in fact its function is independent of how they are implemented). The development of mobile agents needs careful design of protocols with free roaming agents to meet the desired characteristics, or otherwise, truncation attacks in the path of a free-roaming agent could be successful. Moreover, as digital evidence could be truncated, the user can deny sending a specific offer (or message). Therefore, NICS also investigated in the field of free-roaming mobile agents for the implementation of intermediary entities in multiparty non-repudiation protocols [2].

Undoubtedly, the role of TTP is essential for many Internet security protocols. Moreover, we have seen that most of the non-repudiation protocols include parameters whose values are not easy to specify, and some of these parameters are directly related to the operation of TTP. We have shown how event-driven simulation can be considered as a tool to estimate the temporal parameters of non-repudiation protocols. We have proposed a simulation model to estimate appropriate values for the efficient use of a TTP in MNR protocols. In addition, the model has been checked with some tests that have helped us to estimate the parameter values.

As in the case of P2P applications, the designs of this security service need to be integrated into real life applications. We have designed a non-repudiation protocol for DRM platforms [3] in which all participants were considered during the acquisition of rights, namely the user, the network operator and the issuer of digital rights, thus providing everyone with sufficient evidence to be used in case of any conflict during acquisition. At the same time, the protocol has been implemented, tested and integrated in a mobile DRM framework designed for the UBISEC project.

Most of the work in this area of research has been published in [4].

In certified email applications (CEM), making an extension that supports multiple entities (receivers) means constructing a notification system (certified and with timeliness property) for users. Pursuing this objective, we have extended a protocol with timeliness property and participation of multiple entities. In other words, the protocol allows the distribution of the same email (message) to various entities in a way that is certified so that only those who answer with evidence of receipt will get the message. The timeliness property is also considered here and although the TTP (or digital post office) has to deal with several entities if an error occurs, no significant complexity is introduced. Since NICS research conducted on CEM protocols has been inspired by different perspectives, and in collaboration with other researchers, some results are of key importance to the CEM service (see [5]). In this work different definitions and properties’ compatibility are revisited.

The digital signing of contracts is a critical service for businesses. The work has been focused primarily on digital contracts involving two entities. In some applications, however, a contract may need to be signed by different users. In fact, we daily sign documents, and in many cases, these documents require the signatures of several entities. NICS has presented a multiparty synchronous contract signing protocol with optimal number of steps. Additionally, in our protocol we consider additional features typical of this type of applications, such as abuse and lack of timeliness property. In relation to timeliness, introducing the concept of threshold subprotocol cancellation, we reach a timeliness property that depends on a threshold. Without additional requirements and, more importantly, without introducing additional steps in the protocol, we avoid the abuse attack, property which is very important in these applications. This property means that no entity can demonstrate to an external entity that the output depends exclusively on the activities it carries out (see [6]).


  1. Jose A. Onieva and Jianying Zhou and Javier Lopez (2003): Practical Service Charge for P2P Content Distribution. In: Fifth International Conference on Information and Communications Security, pp. 112 – 123, Springer Springer, 2003.
  2. Jose A. Onieva and Jianying Zhou and Javier Lopez (2008): Multi-Party Nonrepudiation: A survey. In: ACM Comput. Surveys, vol. 41, no. 1, pp. 5, 2008, ISSN: 0360-0300.
  3. Jose A. Onieva and Javier Lopez and Rodrigo Roman and Jianying Zhou and Stefanos Gritzalis (2007): Integration of non-repudiation services in mobile DRM scenarios. In: Telecommunications Systems, vol. 35, pp. 161-176, 2007, ISSN: 1572-9451.
  4. Jose A. Onieva and Javier Lopez and Jianying Zhou (2009): Secure Multi-Party Non-Repudiation Protocols and Applications. Springer, 2009, ISBN: 978-0-387-75629-5.
  5. Josep L. Ferrer-Gomila and Jose A. Onieva and Magdalena Payeras and Javier Lopez (2010): Certified electronic mail: Properties revisited. In: Computers & Security, vol. 29, no. 2, pp. 167 – 179, 2010, ISSN: 0167-4048.
  6. Jianying Zhou and Jose A. Onieva and Javier Lopez (2006): A Synchronous Multi-Party Contract Signing Protocol Improving Lower Bound of Steps. In: 21st International Information Security Conference (IFIP SEC’06), pp. 221-232, Springer Springer, 2006.