Fix the RSA Based Certified E-Good Delivery Protocol

Nenadic etc(2004,2005) proposed RSA-CEGD protocol for certified e-goods delivery to guarantee strong fairness with the help of transparent Semi-Trust Third Party. Alcaide, Juan, etc(2005) pointed out it is vulnerable for replay attack and the NRO message can be abused. In this paper, we illustrate the STTP can not verify the message submitted by initiator which results in unfairness. In order to implement the Certified E-Good Delivery, this paper, first, defines the policy of Non-Repudiation messages, second, proposes a fixed protocol without changing the structure of the RSA-CEGD protocol. In the fixed protocol, the validity of the parameters, used to recover decryption key, can be checked by TTP and timestamps are added in messages to ensure the timeliness. Also in the fixed protocol, the messages composed the NRO and NRR satisfy the policy defined in this paper. At the same time, timeliness, fairness and non-repudiation of original and receipt are satisfied.