Designing a secure e-tender submission protocol

摘要

This paper investigates the fundamental difference between a simple e-tender box and a traditional physical tender box, and highlights a series of security traps created by the functional differences. Based on our findings, we have defined the security requirements for an e-tender submission protocol. We also discuss functional limitations of cryptographic technologies. As a result, two secure e-tender submission protocols are proposed which enable a secure e-tender submission. Protocols are assumed to run under the condition that all tendering parties (principal and tenderers) are dishonest players. Our informal and formal security analysis show that these protocols meet their security goals under well known collusion scenarios. Because security is a process not a product, our approach will have broad industry application for developing secure electronic business processes in areas other than e-tendering.