School of Computer Science Intranet
"DiSigncryption: An Integration of Agent-based Signature Delegation with Distributed Reputation Management Scheme"
O. Bamasak, N. Zhang, and D. Edwards
This paper presents a Distributed Signcryption with Verifiable Partial Signature (DiSigncryption) protocol that allows a mobile agent owner, participating in ecommerce transaction, to securely delegate and distribute his/her signing capability among a set of trusted third party hosts (TTP-hosts) via a mobile agent. The protocol incorporates three schemes: a novel Distributed Reputation Management scheme, a modified version of the Distributed Signcryption method proposed in [Distributed Signcryption], and the Agent-based Threshold Proxy Signcryption (ATPS) protocol proposed in [A Secure Proxy Signature Protocol for Agent-Based M-Commerce Applications]. The most notable feature of the DiSigncryption protocol is that, in addition to allowing secure distributed proxy signature generation, it enables the agent owner to quantitatively assess the trust and reliability of each of the TTP-hosts that s/he has dealt with. These trust and reliability values are then aggregated into an index to guide the agent owner in making his/her decision as which TTP-hosts should be used in his/her next dealing. The security properties of the proposed protocol are analyzed, and the protocol is compared with the most related work.