• Corpus ID: 11671049

On the Impossibility of Fair Exchange without a Trusted Third Party

@inproceedings{Pagnia1999OnTI,
  title={On the Impossibility of Fair Exchange without a Trusted Third Party},
  author={Henning Pagnia and Felix C. Gartner Darmstadt},
  year={1999}
}
We attempt to formally deene the strong fair exchange problem and present a proof that it is impossible to solve strong fair exchange without a trusted third party. The proof is established by relating strong fair exchange to the problem of consensus and adapting the impossibility result of Fischer, Lynch and Paterson. We show that strong fair exchange is at least as hard as consensus and explore a few requirements for trusted third parties in order to be of use in fair exchange. Impossibility… 
No Paper Link Available
194 Citations
Highly Influential Citations
18
Background Citations
134
Methods Citations
7
Results Citations
6

194 Citations

Collusion-Resistance in Optimistic Fair Exchange

To reduce the trust level of the arbitrator and increase the security of OFE, an enhanced security model is proposed that captures the case where the potentially dishonest third party may collude with a signer in the sense of sharing its secret key with the signer.

Impossibility Results on Fair Exchange

This work proposes a novel specification of the fair exchange problem that clearly separates safety and liveness, and derives an enriched model where processes are divided into trusted and untrusted processes, and proves a first impossibility related to the notion of trust.

Brief announcement: impossibility results for optimistic fair exchange with multiple autonomous arbiters

A general class of optimistic fair exchange protocols with multiple arbiters, called "distributed arbiter fair exchange" (DAFE) protocols are defined, and it is proved that no DAFE protocol can meaningfully exist.

Optimistic Fair Exchange with Multiple Arbiters

It is proved that no DAFE protocol can meaningfully exist, and a general class of optimistic fair exchange protocols with multiple arbiters, called "distributed arbiter fair exchange" (DAFE) protocols are defined.

ExchangeGuard: a distributed protocol for electronic fair-exchange

Detailed security analysis is performed and it is shown that the protocol guarantees effectiveness and fairness with Byzantine failures of up to one third of the untrusted servers and the probability of a fair exchange otherwise is given.

Optimally Efficient Multi-Party Fair Exchange and Fair Secure Multi-Party Computation

An asymptotically optimal multi-party fair exchange protocol that requires a constant number of rounds and generalizes to efficiently handle any exchange topology (participants exchange items with arbitrary other participants), which guarantees fairness in its strongest sense.

Usable optimistic fair exchange

An Extended Model of Rational Exchange Based on Dynamic Games of Imperfect Information

This paper identifies some vulnerabilities in Syverson's protocol which were not detected by Buttyan et al's analysis and extends the model to consider new aspects, never formalized before when analyzing security protocols, related to participants' reputation, protocol's robustness, and the impact that scenarios where the protocol is executed repeatedly have on the outcome of the protocol execution.

Approaching a formal definition of fairness in electronic commerce

This work makes a first attempt to approach a formal definition of fairness in electronic commerce by reviewing the established terminology regarding the notion of fair in concurrency theory and adapting the formal apparatus to derive three precisely separable definitions of fairness, which are called strong, eventually strong and weak fairness.

Privacy-enhanced OptiSwap

Security of the new protocol is proved in an extension of the universal composability for non-monolithic adversaries, and its efficiency is evaluated against the original OptiSwap to discuss the results and suggest directions for future research.
...

References

SHOWING 1-10 OF 27 REFERENCES

Optimistic fair exchange

A fair exchange guarantees that a participant only reveals its items (such as signatures, payments, or data) if it receives the expected items in exchange. Efficient fair exchange requires a

Optimistic fair exchange of digital signatures

We present a new protocol that allows two players to exchange digital signatures over the Internet in a fair way, so that either each player gets the other's signature, or neither player does. The

Fairness in electronic commerce

  • N. Asokan
  • Computer Science
    Research report / RZ / IBM / IBM Research Division / Zürich Research Laboratory
  • 1998
An analysis of the protocols leads to the conclusion that the exchange of generatable items can be guaranteed to be strongly fair, and the need for a coherent framework for handling disputes in electronic payment systems is motivated.

Asynchronous protocols for optimistic fair exchange

A set of optimistic fair exchange protocols which tolerate temporary failures in the communication channels to the third party, and a central feature of the protocols is that either player can asynchronously and unilaterally bring a protocol run to completion.

Value exchange systems enabling security and unobservability

Optimistic protocols for fair exchange

A generic protocol for fair exchange of electronic goods with non-repudiation that does not involve a third party in the exchange in the fault-less case but only for recovery.

On the minimal synchronism needed for distributed consensus

The proofs expose general heuristic principles that explain why consensus is possible in certain models but not possible in others, and several critical system parameters, including various synchronicity conditions, are identified.

Anonymous Atomic Transactions

We show here an example of a protocol that satisfies anonymity properties while providing strong ACID (atomic, consistent, isolated, durable) transactional properties, resolving an open question.

Specifications for Fault Tolerance: A Comedy of Failures

This paper presents a uniied and formal approach to specify faulty behavior based on the observation that faulty behavior can be regarded as a special form of (programmable) system behavior and applies it to the problem of reliable broadcast.

Atomicity in electronic commerce

The role of atomicity in electronic commerce is discussed, and some major types of electronic commerce pointing out flaws in atomicity are surveyed, with special attention to the atomicity problems of proposals for digital cash.