Optimal Fair Computation

A computation scheme among n parties is fair if no party obtains the computation result unless all other \(n-1\) parties obtain the same result. A fair computation scheme is optimistic if n honest parties can obtain the computation result without resorting to a trusted third party. We prove, for the first time, a tight lower-bound on the message complexity of optimistic fair computation for n parties among which \(n-1\) can be malicious in an asynchronous network. We do so by relating the optimal message complexity of optimistic fair computation to the length of the shortest permutation sequence in combinatorics.

[1]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[2]  Richard Cleve,et al.  Limits on the security of coin flips when half the processors are faulty , 1986, STOC '86.

[3]  Eugen Zalinescu Shorter strings containing all k-element permutations , 2011, Inf. Process. Lett..

[4]  Jianying Zhou,et al.  On the Efficiency of Multi-party Contract Signing Protocols , 2015, ISC.

[5]  Leonard M. Adleman Short permutation strings , 1974, Discret. Math..

[6]  Matthias Schunter,et al.  Optimistic fair exchange , 2000 .

[7]  Birgit Pfitzmann,et al.  Optimal efficiency of optimistic contract signing , 1998, PODC '98.

[8]  Sjouke Mauw,et al.  Generalizing Multi-party Contract Signing , 2015, POST.

[9]  Sufyan Salim Mahmood Al Dabbagh,et al.  Digital signature algorithm , 2011 .

[10]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[11]  Claus-Peter Schnorr,et al.  Fast Signature Generation With a Fiat Shamir-Like Scheme , 1991, EUROCRYPT.

[12]  Muhammad Torabi Dashti Efficiency of optimistic fair exchange using trusted devices , 2012, TAAS.

[13]  Shreedhara Prasada Mohanty Shortest string containing all permutations , 1980, Discret. Math..

[14]  Rachid Guerraoui,et al.  Introduction to reliable distributed programming , 2006 .

[15]  Ran Canetti,et al.  Security and Composition of Multiparty Cryptographic Protocols , 2000, Journal of Cryptology.

[16]  Ivan Damgård,et al.  Verifiable Encryption, Group Encryption, and Their Applications to Separable Group Signatures and Signature Sharing Schemes , 2000, ASIACRYPT.

[17]  M. Newey Notes on a problem involving permutations as subsequences. , 1973 .

[18]  Silvio Micali,et al.  Probabilistic Encryption , 1984, J. Comput. Syst. Sci..

[19]  Jan Camenisch,et al.  Optimistic Fair Secure Computation , 2000, CRYPTO.

[20]  Muhammad Torabi Dashti,et al.  Minimal Message Complexity of Asynchronous Multi-party Contract Signing , 2009, 2009 22nd IEEE Computer Security Foundations Symposium.

[21]  Giuseppe Ateniese,et al.  Efficient verifiable encryption (and fair exchange) of digital signatures , 1999, CCS '99.

[22]  N. Asokan,et al.  Optimistic fair exchange of digital signatures , 1998, IEEE Journal on Selected Areas in Communications.

[23]  Andrew Chi-Chih Yao,et al.  Theory and application of trapdoor functions , 1982, 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982).

[24]  Silvio Micali,et al.  Simple and fast optimistic protocols for fair electronic exchange , 2003, PODC '03.

[25]  Eric Rescorla,et al.  The Transport Layer Security (TLS) Protocol Version 1.1 , 2006, RFC.

[26]  Alptekin Küpçü,et al.  Usable optimistic fair exchange , 2010, Comput. Networks.

[27]  Oded Goldreich,et al.  The Foundations of Cryptography - Volume 2: Basic Applications , 2001 .

[28]  Barbara Kordy,et al.  Constructing Optimistic Multi-party Contract Signing Protocols , 2012, 2012 IEEE 25th Computer Security Foundations Symposium.

[29]  Jonathan Katz,et al.  Complete Fairness in Multi-Party Computation Without an Honest Majority , 2009, IACR Cryptol. ePrint Arch..

[30]  Abdullah Mohammed Alaraj,et al.  Simple and Efficient Contract Signing Protocol , 2012, ArXiv.

[31]  Jean-Jacques Quisquater,et al.  A "Paradoxical" Indentity-Based Signature Scheme Resulting from Zero-Knowledge , 1988, CRYPTO.

[32]  Daniel J. Kleitman,et al.  A Lower Bound on the Length of a Sequence Containing All Permutations as Subsequences , 1976, J. Comb. Theory, Ser. A.

[33]  Claus-Peter Schnorr,et al.  Efficient signature generation by smart cards , 2004, Journal of Cryptology.

[34]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[35]  Tim Dierks,et al.  The Transport Layer Security (TLS) Protocol Version 1.2 , 2008 .

[36]  Yehuda Lindell,et al.  Complete Fairness in Secure Two-Party Computation , 2011, JACM.

[37]  Sasa Radomirovic A Construction of Short Sequences Containing All Permutations of a Set as Subsequences , 2012, Electron. J. Comb..