Analysis of a Multi-party Fair Exchange Protocol and Formal Proof of Correctness in the Strand Space Model

A multi-party fair exchange protocol is a cryptographic protocol allowing several parties to exchange commodities in such a way that everyone gives an item away if and only if it receives an item in return. In this paper we discuss a multi-party fair exchange protocol originally proposed by Franklin and Tsudik, and subsequently shown to have flaws and fixed by Gonzalez and Markowitch. We identify flaws in the fixed version of the protocol, propose a corrected version, and give a formal proof of correctness in the strand space model.

[1]  Matthew K. Franklin,et al.  Secure Group Barter: Multi-party Fair Exchange with Semi-Trusted Neutral Parties , 1998, Financial Cryptography.

[2]  Javier López,et al.  A Multi-Party Non-Repudiation Protocol for Exchange of Different Messages , 2003, SEC.

[3]  Steve A. Schneider,et al.  Formal analysis of a non-repudiation protocol , 1998, Proceedings. 11th IEEE Computer Security Foundations Workshop (Cat. No.98TB100238).

[4]  Matthias Schunter,et al.  Optimistic Protocols for Multi-Party Fair Exchange , 1996 .

[5]  Robin Milner,et al.  On Observing Nondeterminism and Concurrency , 1980, ICALP.

[6]  Jean-François Raskin,et al.  A Game-based Verification of Non-repudiation and Fair Exchange Protocols , 2001, J. Comput. Secur..

[7]  Birgit Baum-Waidner,et al.  Optimistic Asynchronous Multi-party Contract Signing with Reduced Number of Rounds , 2001, ICALP.

[8]  Rohit Chadha,et al.  Inductive methods and contract-signing protocols , 2001, CCS '01.

[9]  Vitaly Shmatikov,et al.  Finite-state analysis of two contract signing protocols , 2002, Theor. Comput. Sci..

[10]  Juan A. Garay,et al.  Abuse-Free Multi-party Contract Signing , 1999, DISC.

[11]  F. Javier Thayer Fábrega,et al.  Strand spaces: proving security protocols correct , 1999 .

[12]  Rohit Chadha,et al.  Formal analysis of multi-party contract signing , 2004, Proceedings. 17th IEEE Computer Security Foundations Workshop, 2004..

[13]  Andreas Pfitzmann,et al.  Value exchange systems enabling security and unobservability , 1990, Comput. Secur..

[14]  Joshua D. Guttman,et al.  Strand Spaces: Proving Security Protocols Correct , 1999, J. Comput. Secur..

[15]  Nicolás González-Deleito,et al.  Exclusion-Freeness in Multi-party Exchange Protocols , 2002, ISC.

[16]  N. Asokan,et al.  Optimistic protocols for fair exchange , 1997, CCS '97.

[17]  Michael Waidner,et al.  Optimistic Synchronous Multi-Party Contract Signing , 1998 .

[18]  Michael Waidner,et al.  Round-Optimal and Abuse Free Optimistic Multi-party Contract Signing , 2000, ICALP.

[19]  Robert H. Deng,et al.  Multi-party fair exchange with an off-line trusted neutral party , 1999, Proceedings. Tenth International Workshop on Database and Expert Systems Applications. DEXA 99.

[20]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[21]  R. Milner,et al.  Bigraphical Reactive Systems , 2001, CONCUR.

[22]  Jean-Jacques Quisquater,et al.  Generic insecurity of cliques-type authenticated group key agreement protocols , 2004, Proceedings. 17th IEEE Computer Security Foundations Workshop, 2004..

[23]  Olivier Markowitch,et al.  Fair multi-party non-repudiation protocols , 2003, International Journal of Information Security.

[24]  du Triomphe Exclusion-Freeness in Multi-party Exchange Protocols , .