Abstract
This paper addresses the security of optimistic fair exchange in a multi-user setting. While the security of public key encryption and public key signature schemes in a single-user setting guarantees the security in a multi-user setting, we show that the situation is different in the optimistic fair exchange. First, we show how to break, in the multi-user setting, an optimistic fair exchange scheme provably secure in the single-user setting. This example separates the security of optimistic fair exchange between the single-user setting and the multi-user setting. We then define the formal security model of optimistic fair exchange in the multi-user setting, which is the first complete security model of optimistic fair exchange in the multi-user setting. We prove the existence of a generic construction meeting our multi-user security based on oneway functions in the random oracle model and trapdoor one-way permutations in the standard model. Finally, we revisit two well-known methodologies of optimistic fair exchange, which are based on the verifiably encrypted signature and the sequential two-party multisignature, respectively. Our result shows that these paradigms remain valid in the multi-user setting.
Original language | English (US) |
---|---|
Pages (from-to) | 318-346 |
Number of pages | 29 |
Journal | Journal of Universal Computer Science |
Volume | 14 |
Issue number | 3 |
State | Published - 2008 |
Keywords
- Fair exchange
- Public key cryptography
- Security protocol
ASJC Scopus subject areas
- Theoretical Computer Science
- General Computer Science