JUCS - Journal of Universal Computer Science 14(3): 318-346, doi: 10.3217/jucs-014-03-0318
Optimistic Fair Exchange in a Multi-user Setting
Yeveniy Dodis‡, Pil Joong Lee§, Dae Hyun Yum§‡ New York University, New York, United States of America§ Pohang University of Science and Technology, Pohang, Republic of Korea
Corresponding author: Yeveniy Dodis ( dodis@cs.nyu.edu ) © Yeveniy Dodis, Pil Lee, Dae Yum. This article is freely available under the J.UCS Open Content License. Citation:
Dodis Y, Lee PJ, Yum DH (2008) Optimistic Fair Exchange in a Multi-user Setting. JUCS - Journal of Universal Computer Science 14(3): 318-346. https://doi.org/10.3217/jucs-014-03-0318 |  |
Abstract
This paper addresses the security of optimistic fair exchange in a multi-user setting. While the security of public key encryption and public key signature schemes in a single-user setting guarantees the security in a multi-user setting, we show that the situation is different in the optimistic fair exchange. First, we show how to break, in the multi-user setting, an optimistic fair exchange scheme provably secure in the single-user setting. This example separates the security of optimistic fair exchange between the single-user setting and the multi-user setting. We then define the formal security model of optimistic fair exchange in the multi-user setting, which is the first complete security model of optimistic fair exchange in the multi-user setting. We prove the existence of a generic construction meeting our multi-user security based on oneway functions in the random oracle model and trapdoor one-way permutations in the standard model. Finally, we revisit two well-known methodologies of optimistic fair exchange, which are based on the verifiably encrypted signature and the sequential two-party multisignature, respectively. Our result shows that these paradigms remain valid in the multi-user setting.
Keywords
security protocol, fair exchange, public key cryptography