Gracefully Degrading Fair Exchange with Security Modules

The fair exchange problem is key to trading electronic items in systems of mutually untrusted parties. In modern variants of such systems, each party is equipped with a security module. The security modules trust each other but can only communicate by exchanging messages through their untrusted host parties, that could drop those messages. We describe a synchronous algorithm that ensures deterministic fair exchange if a majority of parties are honest, which is optimal in terms of resilience. If there is no honest majority, our algorithm degrades gracefully: it ensures that the probability of unfairness can be made arbitrarily low. Our algorithm uses, as an underlying building block, an early-stopping subprotocol that solves, in a general omission failure model, a specific variant of consensus we call biased consensus. Interestingly, this modular approach combines concepts from both cryptography and distributed computing, to derive new results on the classical fair exchange problem.

[1]  Birgit Pfitzmann,et al.  Polynomial fairness and liveness , 2002, Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15.

[2]  Andreas Pfitzmann,et al.  Value exchange systems enabling security and unobservability , 1990, Comput. Secur..

[3]  Michel Raynal,et al.  Optimal early stopping uniform consensus in synchronous systems with process omission failures , 2004, SPAA '04.

[4]  Michael Waidner,et al.  Round-optimal and abuse-free multi-party contract signing , 2000 .

[5]  Felix C. Freiling,et al.  Supporting Fair Exchange in Mobile Environments , 2003, Mob. Networks Appl..

[6]  Sean W. Smith,et al.  Building the IBM 4758 Secure Coprocessor , 2001, Computer.

[7]  Matthias Fitzi,et al.  Detectable byzantine agreement secure against faulty majorities , 2002, PODC '02.

[8]  Moni Naor,et al.  Timed Commitments , 2000, CRYPTO.

[9]  Nancy A. Lynch,et al.  Impossibility of distributed consensus with one faulty process , 1983, PODS '83.

[10]  Information Security and Privacy , 1996, Lecture Notes in Computer Science.

[11]  Mihir Bellare Advances in Cryptology — CRYPTO 2000 , 2000, Lecture Notes in Computer Science.

[12]  Serge Vaudenay,et al.  Optimistic Fair Exchange Based on Publicly Verifiable Secret Sharing , 2004, ACISP.

[13]  Kazuo Ohta,et al.  Advances in Cryptology — ASIACRYPT’98 , 2002, Lecture Notes in Computer Science.

[14]  Olivier Markowitch,et al.  Probabilistic Non-Repudiation without Trusted Third Party , 1999 .

[15]  Michael Waidner,et al.  Round-Optimal and Abuse Free Optimistic Multi-party Contract Signing , 2000, ICALP.

[16]  Robert H. Deng,et al.  Multi-party fair exchange with an off-line trusted neutral party , 1999, Proceedings. Tenth International Workshop on Database and Expert Systems Applications. DEXA 99.

[17]  N. Asokan,et al.  Optimistic protocols for fair exchange , 1997, CCS '97.

[18]  Colin Boyd,et al.  Off-Line Fair Payment Protocols Using Convertible Signatures , 1998, ASIACRYPT.

[19]  Liqun Chen,et al.  Efficient Fair Exchange with Verifiable Confirmation of Signatures , 1998, ASIACRYPT.

[20]  Robert H. Deng,et al.  Efficient and practical fair exchange protocols with off-line TTP , 1998, Proceedings. 1998 IEEE Symposium on Security and Privacy (Cat. No.98CB36186).

[21]  Matthias Fitzi,et al.  Unconditional Byzantine Agreement and Multi-party Computation Secure against Dishonest Minorities from Scratch , 2002, EUROCRYPT.

[22]  Silvio Micali,et al.  How to play ANY mental game , 1987, STOC.

[23]  Seif Haridi,et al.  Distributed Algorithms , 1992, Lecture Notes in Computer Science.

[24]  Nancy A. Lynch,et al.  A Tradeoff Between Safety and Liveness for Randomized Coordinated Attack , 1996, Inf. Comput..

[25]  Yehuda Lindell,et al.  Secure Computation without Agreement , 2002, DISC.

[26]  Dale Skeen,et al.  Nonblocking commit protocols , 1981, SIGMOD '81.

[27]  Matthew K. Franklin,et al.  Secure Group Barter: Multi-party Fair Exchange with Semi-Trusted Neutral Parties , 1998, Financial Cryptography.

[28]  Sam Toueg,et al.  Distributed agreement in the presence of processor and communication faults , 1986, IEEE Transactions on Software Engineering.

[29]  Tom Tedrick,et al.  Fair Exchange of Secrets , 1984, CRYPTO.

[30]  Colin Boyd,et al.  Exploring Fair Exchange Protocols Using Specification Animation , 2000, ISW.

[31]  John McLean,et al.  A General Theory of Composition for a Class of "Possibilistic'' Properties , 1996, IEEE Trans. Software Eng..

[32]  Michel Raynal Consensus in synchronous systems: a concise guided tour , 2002, 2002 Pacific Rim International Symposium on Dependable Computing, 2002. Proceedings..

[33]  Robin Milner,et al.  On Observing Nondeterminism and Concurrency , 1980, ICALP.

[34]  Dahlia Malkhi Proceedings of the 16th International Conference on Distributed Computing , 2002 .

[35]  Juan A. Garay,et al.  Abuse-Free Multi-party Contract Signing , 1999, DISC.