Abstract
Assume that two parties, A and B, want to sign a contract over a communication network, i.e. they want to exchange their “commitments“ to the contract. We consider a contract signing protocol to be fair if, at any stage in its execution, the following hold: the conditional probability that party A obtains B's signature to the contract given that B has obtained A's signature to the contract, is close to 1. (Symmetrically, when switching the roles of A and B).
Contract signing protocols cannot be fair without relying on a trusted third party. We present a fair, cryptographic protocol for signing contracts that makes use of the weakest possible form of a trusted third party (judge). If both A and B are honest, the judge will never be called upon. Otherwise, the judge rules by performing a simple computation, without referring to previous verdicts. Thus, no bookkeeping is required from the judge. Our protocol is fair even if A and B have very different computing powers. Its fairness is proved under the very general cryptographic assumption that functions that are one-way in a weak sense exist. Our protocol is also optimal with respect to the number of messages exchanged.
Work done when visiting MIT's Lab. for Comp. Sc. Supported by a Weizmann Postdoctoral Fellowship.
Currently in the Lab. for Comp. Sc., MIT. Supported by a Weizmann Postdoctoral Fellowship.
Supported by NSF Grant DCR-8413577 and an IBM Faculty Development Award.
Supported by NSF Grant MCS80-06938.
This is a preview of subscription content, log in via an institution to check access.
Preview
Unable to display preview. Download preview PDF.
References
Blum, M., “How to Exchange (Secret) Keys”, ACM Trans. on Comp. Sys., Vol. 1, No. 2, 1983, pp. 175–193. Also in the Proc. of the 15th ACM Symp. on Theory of Computation, 1983, pp. 440–447.
M. Blum and S. Micali, “How to Generate Cryptographically Strong Sequences of Pseudo-Random Bits”, SIAM Jour. on Computing, Vol. 13, Nov. 1984, pp 850–864 (Preliminary version: Proc. 23rd IEEE Symp. on Foundations of Computer Science, 1982, pp 112–117.)
Blum, M., and Rabin, M.O., “Mail Certification by Randomization”, in preparation.
Diffie, W., and Hellman, M.E., “New Directions in Cryptography”, IEEE Trans. on Inform. Theory, Vol. IT-22, No. 6, November 1976, pp. 644–654.
Even, S., “A Protocol for Signing Contracts”, TR No. 231, Computer Science Dept., Technion, Haifa, Israel, 1982. Presented in Crypto81.
Even, S., Goldreich, O., and Lempel, A., “A Randomized Protocol for Signing Contracts”, Advances in Cryptology: Proceedings of Crypto82, (Chaum D. et al. eds.), Plenum Press, 1983, pp. 205–210. A better version will apear in the Comm. of the ACM.
Even, S., and Yacobi, Y., “Relations Among Public Key Signature Systems”, TR No. 175, Computer Science Dept., Technion, Haifa, Israel, 1980.
Goldreich, O., “A Simple Protocol for Signing Contracts”, in Advances in Cryptology: Proceedings of Crypto83, (Chaum D., ed.), Plenum Press, pp. 133–136, 1984.
Goldreich, O., Goldwasser, S., and Micali, S., “How to Construct Random Functions”, Proc. of the 25th IEEE Symp. on Foundation of Computer Science, 1984, pp. 464–479. To appear, Journal of ACM
Goldwasser, S., Micali, S., and Rivest, R.L., “A Paradoxical Solution to the Signature Problem”, Proc. of the 25th IEEE Symp. on Foundation of Computer Science, 1984, pp. 441–448.
Hastad, J., and Shamir, A., “The Cryptographic Security of Truncated Linearly Related Variables”, to appear in the proceedings of the 17th STOC, 1985.
Levin, L.A., “One-way Functions and Oseudorandom Generators”, to appear in the proceedings of the 17th STOC, 1985.
Rabin, M.O., “Transaction Protection by Beacons”, TR-29-81, Aiken Computation Laboratory, Harvard University, 1981.
Rivest, R.L., Shamir, A., and Adleman, L., “A Method for Obtaining Digital Signatures and Public-Key Cryptosystems”, Comm. of the ACM, Feb. 1978, pp. 120–126.
Yao, A.C., “Theory and Application of Trapdoor Functions”, Proc. of the 23rd IEEE Symp. on Foundation of Computer Science, 1982, pp. 80–91.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1985 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Ben-Or, M., Goldreich, O., Micali, S., Rivest, R.L. (1985). A fair protocol for signing contracts. In: Brauer, W. (eds) Automata, Languages and Programming. ICALP 1985. Lecture Notes in Computer Science, vol 194. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0015729
Download citation
DOI: https://doi.org/10.1007/BFb0015729
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-15650-5
Online ISBN: 978-3-540-39557-7
eBook Packages: Springer Book Archive