TY - GEN
T1 - Optimistic fair exchange in a multi-user setting
AU - Dodis, Yevgeniy
AU - Lee, Pil Joong
AU - Yum, Dae Hyun
PY - 2007
Y1 - 2007
N2 - This paper addresses the security of optimistic fair exchange in a multi-user setting. While the security of public key encryption and public key signature schemes in a single-user setting guarantees the security in a multi-user setting, we show that the situation is different in the optimistic fair exchange. First, we show how to break, in the multi-user setting, an optimistic fair exchange scheme provably secure in the single-user setting. This example separates the security of optimistic fair exchange between the single-user setting and the multi-user setting. We then define the formal security model of optimistic fair exchange in the multi-user setting, which is the first complete security model of optimistic fair exchange in the multi-user setting. We prove the existence of a generic construction meeting our multi-user security based on one-way functions in the random oracle model and trapdoor one-way permutations in the standard model. Finally, we revisit two well-known methodologies of optimistic fair exchange, which are based on the verifiably encrypted signature and the sequential two-party multisignature, respectively. Our result shows that these paradigms remain valid in the multi-user setting.
AB - This paper addresses the security of optimistic fair exchange in a multi-user setting. While the security of public key encryption and public key signature schemes in a single-user setting guarantees the security in a multi-user setting, we show that the situation is different in the optimistic fair exchange. First, we show how to break, in the multi-user setting, an optimistic fair exchange scheme provably secure in the single-user setting. This example separates the security of optimistic fair exchange between the single-user setting and the multi-user setting. We then define the formal security model of optimistic fair exchange in the multi-user setting, which is the first complete security model of optimistic fair exchange in the multi-user setting. We prove the existence of a generic construction meeting our multi-user security based on one-way functions in the random oracle model and trapdoor one-way permutations in the standard model. Finally, we revisit two well-known methodologies of optimistic fair exchange, which are based on the verifiably encrypted signature and the sequential two-party multisignature, respectively. Our result shows that these paradigms remain valid in the multi-user setting.
UR - http://www.scopus.com/inward/record.url?scp=38049080574&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=38049080574&partnerID=8YFLogxK
U2 - 10.1007/978-3-540-71677-8_9
DO - 10.1007/978-3-540-71677-8_9
M3 - Conference contribution
AN - SCOPUS:38049080574
SN - 9783540716761
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 118
EP - 133
BT - Public Key Cryptography - PKC 2007 - 10th International Conference on Practice and Theory in Public-Key Cryptography, Proceedings
PB - Springer Verlag
T2 - 10th International Conference on Theory and Practice in Public-Key Cryptography, PKC 2007
Y2 - 16 April 2007 through 20 April 2007
ER -