Abstract
A contract signing protocol lets two parties exchange digital signatures on a pre-agreed text. Optimistic contract signing protocols enable the signers to do so without invoking a trusted third party. However, an adjudicating third party remains available should one or both signers seek timely resolution. We analyze optimistic contract signing protocols using a game-theoretic approach and prove a fundamental impossibility result: in any fair, optimistic, timely protocol, an optimistic player yields an advantage to the opponent. The proof relies on a careful characterization of optimistic play that postpones communication to the third party. Since advantage cannot be completely eliminated from optimistic protocols, we argue that the strongest property attainable is the absence of provable advantage, i.e., abuse-freeness in the sense of Garay-Jakobsson-MacKenzie.
The authors are partially supported by OSD/ONR CIP/SW URI “Software Quality and Infrastructure Protection for Diffuse Computing” as ONR Grant N00014-01-1-0795. Additional support for Mitchell from NSF Grant CCR-0121403, ITR/SY “Computational Logic Tools for Research and Education,” for Scedrov from NSF Grant CCR-0098096, and for Shmatikov from ONR under Grants N00014-02-1-0109 and N00014-01-1-0837.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Abadi, M.: andA. Gordon.Acalculus for cryptographic protocols: the spi-calculus. Information and Computation 143, 1–70 (1999)
Asokan, N., Schunter, M., Waidner, M.: Optimistic protocols for fair exchange. In: Proc. 4th ACM Conf. on Computer and Communications Security, pp. 7–17 (1997)
Asokan, N., Shoup, V., Waidner, M.: Optimistic fair exchange of digital signatures. IEEE Journal on Selected Areas in Communications 18(4), 593–610 (2000)
Banatre, J., Le Metayer, D.: Computing by multiset transformation. Communications of the ACM (CACM) 36(1), 98–111 (1993)
Ben-Or, M., Goldreich, O., Micali, S., Rivest, R.L.: A fair protocol for signing contracts. IEEE Transactions on Information Theory 36(1), 40–46 (1990)
Berry, G., Boudol, D.: The chemical abstract machine. Theoretical Computer Science 96(1), 217–248 (1992)
Boneh, D., Naor, M.: Timed commitments and applications. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 236–254. Springer, Heidelberg (2000)
Boyd, C., Foo, E.: Off-line fair payment protocols using convertible signatures. In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998. LNCS, vol. 1514, pp. 271–285. Springer, Heidelberg (1998)
Buttyán, L., Hubaux, J.-P.: Toward a formal model of fair exchange — a game theoretic approach. Technical Report SSC/1999/39, Swiss Federal Institute of Technology (EPFL), Lausanne, Switzerland (December 1999)
Cervesato, I., Durgin, N., Lincoln, P.D., Mitchell, J.C., Scedrov, A.: A meta-notation for protocol analysis. In: Proc. 12th IEEE Computer Security Foundations Workshop, pp. 55–69 (1999)
Chadha, R., Kanovich, M., Scedrov, A.: Inductive methods and contract signing protocols. In: Proc. 8th ACM Conf. on Computer and Communications Security, pp. 176–185 (2001)
Damgård, I.B.: Practical and provably secure release of a secret and exchange of signatures. J. Cryptology 8(4), 201–222 (1995)
Dolev, D., Yao, A.: On the security of public-key protocols. In: Proc. 22nd Annual IEEE Symposium on Foundations of Computer Science, pp. 350–357 (1981)
Even, S., Yacobi, Y.: Relations among public key signature schemes. Technical Report 175, Computer Science Dept. Technion, Israel (March 1980)
Thayer Fábrega, F.J., Herzog, J., Guttman, J.: Strand spaces: Why is a security protocol correct? In: Proc. IEEE Symposium on Security and Privacy, pp. 160–171 (1998)
Fagin, R., Halpern, J., Moses, Y., Vardi, M.: Reasoning about Knowledge. MIT Press, Cambridge (1995)
Fischer, M., Lynch, N., Patterson, M.: Impossibility of distributed consensus with one faulty process. JACM 32(2), 374–382 (1985)
Garay, J., Jakobsson, M., MacKenzie, P.: Abuse-free optimistic contract signing. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 449–466. Springer, Heidelberg (1999)
Hintikka, J.: Knowledge and Belief. Cornell University Press (1962)
Kremer, S., Raskin, J.-F.: A game-based verification of non-repudiation and fair exchange protocols. In: Larsen, K.G., Nielsen, M. (eds.) CONCUR 2001. LNCS, vol. 2154, pp. 551–565. Springer, Heidelberg (2001)
Kremer, S., Raskin, J.-F.: Game analysis of abuse-free contract signing. In: Proc. 15th IEEE Computer Security Foundations Workshop, pp. 206–220 (2002)
Pucella, R., Halpern, J.: Modeling adversaries in a logic for security protocol analysis. In: Abdallah, A.E., Ryan, P.Y.A., Schneider, S. (eds.) FASec 2002. LNCS, vol. 2629. Springer, Heidelberg (2003)
Markowitch, O., Saeednia, S.: Optimistic fair exchange with transparent signature recovery. In: Proc. 5th International Conf. on Financial Cryptography, pp. 339–350 (2001)
Pagnia, H., Gaertner, F.: On the impossibility of fair exchange without a trusted third party. Technical Report TUD-BS-1999-02, Department of Computer Science, Darmstadt University of Technology, Germany (March 1999)
Woo, T.Y.C., Lam, S.S.: A semantic model for authentication protocols. In: Proc. IEEE Symposium on Security and Privacy, pp. 178–194 (1993)
Zhou, J., Gollmann, D.: A fair non-repudiation protocol. In: Proc. IEEE Symposium on Security and Privacy, pp. 55–61 (1996)
Zhou, J., Gollmann, D.: Towards verification of non-repudiation protocols. In: Proc. International Refinement Workshop and Formal Methods Pacific, pp. 370–380 (1998)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Chadha, R., Mitchell, J.C., Scedrov, A., Shmatikov, V. (2003). Contract Signing, Optimism, and Advantage. In: Amadio, R., Lugiez, D. (eds) CONCUR 2003 - Concurrency Theory. CONCUR 2003. Lecture Notes in Computer Science, vol 2761. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-45187-7_24
Download citation
DOI: https://doi.org/10.1007/978-3-540-45187-7_24
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-40753-9
Online ISBN: 978-3-540-45187-7
eBook Packages: Springer Book Archive