ering only one intermediary (Carbonell et al., 2009;
Onieva et al., 2004), and considering more inter-
mediaries (Draper-Gil et al., 2013), (B
ˆ
ırjoveanu and
B
ˆ
ırjoveanu, 2020). In (Carbonell et al., 2009), a
customer can buy products from several providers
through an intermediary agent integrated in 3-D Se-
cure Protocol. In this solution, the intermediary can
not perform aggregate transactions, because in the
same transaction (in which the customer buys many
products), the authorization process is realized sepa-
rately for each individual buying request. Also, the
optional transactions are not considered. In (Onieva
et al., 2004) is proposed a protocol for exchange of
non-repudiation evidences, but without dealing with
aggregate or optional transactions. In (B
ˆ
ırjoveanu
and B
ˆ
ırjoveanu, 2020), a multi-party protocol that al-
lows a customer to fairly acquire physical products
from different providers through many intermediaries
is proposed. However, in this solution the intermedi-
aries are restricted to perform only chained transac-
tions, without the capability to perform aggregate or
optional transactions. In (Draper-Gil et al., 2013), the
intermediaries are used to enable contract signing be-
tween multiple parties ensuring only weak fairness, in
a different scenario then the one approached in our pa-
per. Although this solution considers aggregate trans-
action, it does not consider optional transaction.
The complex transactions rise new challenges for
assuring strong fairness, that are not appearing in two-
party transactions. An issue appears when the cus-
tomer successfully buys only a part of the components
of an aggregate product. In this case, strong fairness is
ensured for all transactions composing the aggregate
transaction, but strong fairness for the entire aggre-
gate transaction is not guaranteed. Another issue ap-
pears when the customer successfully buys more than
one product in an optional transaction. Strong fairness
for the optional transaction is not assured, although
strong fairness is guaranteed for all transactions com-
posing the optional transaction. In a chained trans-
action an intermediary can buy a product on demand,
but afterward he cannot provide it to the customer or
intermediary who requested it due to various reasons
(insufficient funds, malicious behavior, etc). In this
case, strong fairness for all transactions belonging to
the chained transaction is satisfied, even if strong fair-
ness for the chained transaction is not satisfied.
Contributions The related work presented above
emphasizes the absence of multi-party e-commerce
protocols considering intermediaries with complex
trading capabilities. In this paper, we propose the first
multi-party e-commerce protocol that allows inter-
mediaries to perform aggregate, chained or optional
transactions depending on the received request. These
complex trading capabilities of the intermediaries are
more appropriate to the real world applications, such
as supply chain scenarios. Ensuring strong fairness
is a challenging issue in environments where multiple
parties are involved, as we showed above. We design
the complex transaction protocol using a modular ap-
proach by designing a sub-protocol for each type of
transaction from the complex transaction.
This design approach allows us to demonstrate
the correctness of our complex transaction protocol
proposal by demonstrating the correctness of each
sub-protocol using Cl-AtSe model checker. The for-
mal specification and verification is challenging be-
cause we must take into consideration the communi-
cations performed between sub-protocols when they
are integrated in the complex transaction protocol.
The verification results prove that our complex trans-
action protocol satisfies all aimed security require-
ments: strong fairness, effectiveness, timeliness, non-
repudiation and confidentiality.
The paper is structured as follows: Sect. 2 presents
an use case of our protocol, Sect. 3 defines security
requirements, Sect. 4 describes our protocol. Sect. 5
sketches the security analysis of our protocol and
Sect. 6 contains the conclusion.
2 APPLICATIONS
A toy company KidsBots (KB) is preparing the pro-
duction for a new toy robot. To start the production, it
needs the following components: motherboard, 32 led
panel, 12V DC motors, and body plastic parts (bp).
KB identify the necessary components from the on-
line catalog of MasterBroker (MB) intermediary. For
the motherboard, KB identified two options having
similar features: Motherboard ITX (mb
1
), and if it is
not available, Motherboard 4 (mb
2
). For 32 led panel,
KB needs the model 32LP (l p). The toy company
has three options for 12V DC motors: FastDC (m
1
)
or HpDC (m
2
) or MetalDC (m
3
). So, KB prepares
its order to acquire from MB the needed parts, as a
complex transaction: ((mb
1
∨mb
2
)∧l p) ∧(m
1
∨m
2
∨
m
3
) ∧ bp. ∧ represents an aggregate transaction, and
∨ an optional one. The complex transaction is an ag-
gregate transaction in which the first component is an
aggregate transaction, the second is an optional trans-
action and third is an individual product. The complex
transaction is illustrated in Fig. 1.
After MB receives the request from KB, it splits
it in three components: places the order for (mb
1
∨
mb
2
) ∧ l p to PCBShop, the order for (m
1
∨ m
2
∨ m
3
)
to SensorActuatorComp (SensA), and the order for bp
to PlasticRoboP. When receiving the order for (mb
1
∨
SECRYPT 2023 - 20th International Conference on Security and Cryptography
496