Skip to main content
SpringerLink
Log in

Analysis of Abuse-Free Contract Signing

  • Conference paper
  • First Online:
Book cover Financial Cryptography (FC 2000)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 1962))

Included in the following conference series:

Abstract

Optimistic contract signing protocols may involve subproto- cols that allow a contract to be signed normally or aborted or resolved by a third party. Since there are many ways these subprotocols might interact, protocol analysis involves consideration of a number of complicated cases. With the help of Murϕ, a finite-state verification tool, we analyze the abuse-free optimistic contract signing protocol of Garay, Jakobsson, and MacKenzie. In addition to verifying a number of subtle properties, we discover an attack in which negligence or corruption of the trusted third party may allow abuse or unfairness. Contrary to the intent of the protocol, the cheated party is not able to hold the third party accountable. In addition to analyzing a modification to the protocol that avoids these problems, we discuss issues involved in the application of finite- state analysis to fair exchange protocols, in particular models of fairness guarantees, abuse, and corrupt protocol participants.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. N. Asokan, V. Shoup, and M. Waidner. Asynchronous protocols for optimistic fair exchange. In Proc. IEEE Symposium on Research in Security and Privacy, pages 86–99, 1998.

    Google Scholar 

  2. N. Asokan, V. Shoup, and M. Waidner. Fair exchange of digital signatures. Technical Report RZ2973, IBM Research Report. Extended abstract in Eurocrypt’ 98, 1998.

    Google Scholar 

  3. E. F. Brickell, D. Chaum, I. B. Damgard, and J. van de Graaf. Gradual and verifiable release of a secret. In Proc. Advances in Cryptology-Crypto’ 87, pages 156–166, 1987.

    Google Scholar 

  4. Feng Bao, R. H. Deng, and Wenbo Mao. Efficient and practical fair exchange protocols with off-line TTP. In Proc. IEEE Symposium on Research in Security and Privacy, pages 77–85, 1998.

    Google Scholar 

  5. M. Ben-Or, O. Goldreich, S. Micali, and R. L. Rivest. A fair protocol for signing contracts. IEEE Transactions on Information Theory, 36(1):40–46, 1990.

    Article  MathSciNet  Google Scholar 

  6. D. Bolignano. Towards a mechanization of cryptographic protocol verifi-cation. In Proc. 9th International Conference on Computer Aided Verification, pages 131–142, 1997.

    Google Scholar 

  7. A. Bahreman and J. D. Tygar. Certified electronic mail. In Proc. Internet Society Symposium on Network and Distributed Systems Security, pages 3–19, 1994.

    Google Scholar 

  8. D. Chaum, A. Fiat, and M. Naor. Untraceable electronic cash. In Proc. Advances in Cryptology-Crypto’ 88, pages 319–327, 1988.

    Google Scholar 

  9. B. Cox, J. D. Tygar, and M. Sirbu. NetBill security and transactio protocol. In Proc. 1st USENIX Workshop on Electronic Commerce, pages 77–88, 1995.

    Google Scholar 

  10. R. H. Deng, Li Gong, A. A. Lazar, and Weiguo Wang. Practical protocols for certified electronic mail. J. Network and Systems Management, 4(3):279–297, 1996.

    Article  Google Scholar 

  11. D. Dill. The Murφ verification system. In Proc. 8th International Conference on Computer Aided Verification, pages 390–393, 1996.

    Google Scholar 

  12. M. Franklin and M. Reiter. Fair exchange with a semi-trusted third party. In Proc. Jjih ACM Conference on Computer and Communications Security, pages 1–6. ACM Press, 1997.

    Google Scholar 

  13. J. A. Garay, M. Jakobsson, and P. MacKenzie. Abuse-free optimistic contract signing. In Proc. Advances in Cryptology-Crypto’ 99, pages 449–466, 1999.

    Google Scholar 

  14. N. Heintze, J. D. Tygar, J. M. Wing, and H.-C. Wong. Model checking electronic commerce protocols. In Proc. USENIX 1996 Workshop on Electronic Commerce, pages 147–164, 1996.

    Google Scholar 

  15. R. Kemmerer, C. Meadows, and J. Millen. Three systems for cryptographic protocol analysis. J. Cryptology, 7(2):79–130, 1994.

    Article  Google Scholar 

  16. G. Lowe. Breaking and fixing the Needham-Schroeder public-key protocol using CSP and FDR. In Proc. 2nd International Workshop on Tools and Algorithms for the Construction and Analysis of Systems, pages 147–166. Springer-Verlag, 1996.

    Google Scholar 

  17. P. MacKenzie. Email communication, September 23, 1999.

    Google Scholar 

  18. W. Marrero, E. M. Clarke, and S. Jha. Model checking for security protocols. Technical ReportCMU-SCS-97-139, Carnegie Mellon University, May 1997.

    Google Scholar 

  19. C. Meadows. Analyzing the Needham-Schroeder public-key protocol: A comparison of two approaches. In Proc. European Symposium On Research In Computer Security, pages 365–384. Springer-Verlag, 1996.

    Google Scholar 

  20. C. Meadows. The NRL Protocol Analyzer: An overview. J. Logic Programming, 26(2):113–131, 1996.

    Article  Google Scholar 

  21. J. C. Mitchell, M. Mitchell, and U. Stern. Automated analysis of cryptographic protocols using Murφ. In Proc. IEEE Symposium on Research in Security and Privacy, pages 141–151. IEEE Computer Society Press, 1997.

    Google Scholar 

  22. J. C. Mitchell, V. Shmatikov, and U. Stern. Finite-state analysis of SSL 3.0. In Proc. 7th USENIX Security Symposium, pages 201–215, 1998.

    Google Scholar 

  23. L. Paulson. The inductive approach to verifying cryptographic protocols. J. Computer Security, 6:85–128, 1998.

    Article  Google Scholar 

  24. A. W. Roscoe. Modelling and verifying key-exchange protocols using CSP and FDR. In Proc. 8th IEEE Computer Security Foundations Workshop, pages 98–107. IEEE Computer Society Press, 1995.

    Google Scholar 

  25. V. Shmatikov and J. C. Mitchell. Analysis of a fair exchange protocol. In Proc. Internet Society Symposium on Network and Distributed Systems Security, 2000. to appear.

    Google Scholar 

  26. V. Shmatikov and U. Stern. Efficient finite-state analysis for large security protocols. In Proc. 11th IEEE Computer Security Foundations Workshop, pages 106–115, 1998.

    Google Scholar 

  27. J. Zhou and D. Gollmann. A fair non-repudiation protocol. In Proc. IEEE Symposium on Research in Security and Privacy, pages 55–61. IEEE Computer Society Press, 1996.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Computer Science Department, Stanford University, CA 94305-9045, Stanford, USA

    Vitaly Shmatikov & John C. Mitchell

Authors
  1. Vitaly Shmatikov
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. John C. Mitchell
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. 122 Harrison Ave, Westfield, 07090, NJ, USA

    Yair Frankel

Rights and permissions

Reprints and permissions

Copyright information

© 2001 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Shmatikov, V., Mitchell, J.C. (2001). Analysis of Abuse-Free Contract Signing. In: Frankel, Y. (eds) Financial Cryptography. FC 2000. Lecture Notes in Computer Science, vol 1962. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45472-1_13

Download citation

  • DOI: https://doi.org/10.1007/3-540-45472-1_13

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-42700-1

  • Online ISBN: 978-3-540-45472-4

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation