Abstract
Based on the decentralized Bitcoin network, this paper proposes a novel TTP-free fair exchange scheme with monetary penalization for exchange of digital signatures, and presents its corresponding construction with ECDSA-based signature scheme deployed in the Bitcoin. The scheme has following features: (1) Fairness, meaning that the honest party will be compensated with predefined deposit if the other party misbehaves in the execution phase of exchange; (2) TTP-freeness, meaning that the scheme does notengage any TTP throughout the execution of the scheme; (3) Asynchronism, meaning that digital signatures of two parties do not need to be released simultaneously; (4) Pseudonymity, meaning that there is no intuitive difference between transactions designed in the scheme and ordinary ones, and Bitcoin users may own pseudonyms through one-time address. Of independent interest, we propose a new primitive called committed key generation that converts committed message into public/private key paring, specifically, an ECDSA key pair used in the Bitcoin in our construction, with non-interactive zero-knowledge proof. This tool allows us to bind a committed file with a transaction in Bitcoin. With this approach, the proposed TTP-free scheme can be applied to a wide range of scenarios, as long as the signatures represent some items of value such as contract and electronic check.
Keywords
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
The security parameter \(\lambda \) equals a 128-bit number viewed as discrete logarithm security level.
- 2.
Due to the fact that the player is aware of the private key \(sk^m\) corresponding to the public key, it obtains the ownership of the deposit again.
- 3.
Viewed as discrete logarithm security level, modulus N of 3072 bits equals to security parameter \(\lambda \) = 128 bits.
References
Andrychowicz, M., Dziembowski, S., Malinowski, D., Mazurek, Ł.: Fair two-party computations via bitcoin deposits. In: Böhme, R., Brenner, M., Moore, T., Smith, M. (eds.) FC 2014. LNCS, vol. 8438, pp. 105–121. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-44774-1_8
Andrychowicz, M., Dziembowski, S., Malinowski, D., Mazurek, L.: Secure multiparty computations on bitcoin. In: 2014 IEEE Symposium on Security and Privacy, pp. 443–458. IEEE Computer Society (2014)
Asokan, N., Shoup, V., Waidner, M.: Asynchronous protocols for optimistic fair exchange. In: 1998 IEEE Symposium on Security and Privacy, pp. 86–99 (1998)
Asokan, N., Shoup, V., Waidner, M.: Optimistic fair exchange of digital signatures. IEEE J. Sel. Areas Commun. 18(4), 593–610 (2000)
Bao, F., Deng, R.H., Mao, W.: Efficient and practical fair exchange protocols with off-line TTP. In: 1998 IEEE Symposium on Security and Privacy, pp. 77–85. IEEE Computer Society (1998)
Barber, S., Boyen, X., Shi, E., Uzun, E.: Bitter to better — how to make bitcoin a better currency. In: Keromytis, A.D. (ed.) FC 2012. LNCS, vol. 7397, pp. 399–414. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-32946-3_29
Ben-Sasson, E., Chiesa, A., Garman, C., Green, M., Miers, I., Tromer, E., Virza, M.: Zerocash: decentralized anonymous payments from bitcoin. In: 2014 IEEE Symposium on Security and Privacy, pp. 459–474 (2014)
Bentov, I., Kumaresan, R.: How to use bitcoin to design fair protocols. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014. LNCS, vol. 8617, pp. 421–439. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-44381-1_24
Bitansky, N., Chiesa, A., Ishai, Y., Paneth, O., Ostrovsky, R.: Succinct non-interactive arguments via linear interactive proofs. In: Sahai, A. (ed.) TCC 2013. LNCS, vol. 7785, pp. 315–333. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-36594-2_18
Blum, M., Feldman, P., Micali, S.: Non-interactive zero-knowledge and its applications (extended abstract). In: Proceedings of the 20th Annual ACM Symposium on Theory of Computing, pp. 103–112. ACM (1988)
Castiglione, A., Santis, A.D., Castiglione, A., Palmieri, F., Fiore, U.: An energy-aware framework for reliable and secure end-to-end ubiquitous data communications. In: 2013 5th International Conference on Intelligent Networking and Collaborative Systems, Xi’an City, Shaanxi Province, China, 9–11 September 2013, pp. 157–165 (2013)
Chen, L., Kudla, C., Paterson, K.G.: Concurrent signatures. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 287–305. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-24676-3_18
Cox, B.: Netbill security and transaction protocol. In: First USENIX Workshop on Electronic Commerce, New York, USA, 11–12 July 1995. USENIX Association (1995)
Cramer, R., Damgård, I., Schoenmakers, B.: Proofs of partial knowledge and simplified design of witness hiding protocols. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 174–187. Springer, Heidelberg (1994). https://doi.org/10.1007/3-540-48658-5_19
Cramer, R., Shoup, V.: Signature schemes based on the strong RSA assumption. ACM Trans. Inf. Syst. Secur. 3(3), 161–185 (2000)
Dang, Q.H.: Secure hash standard. National Institute of Standards and Technology, Gaithersburg, MD, Technical report, August 2015
Even, S., Goldreich, O., Lempel, A.: A randomized protocol for signing contracts. Commun. ACM 28(6), 637–647 (1985)
Jayasinghe, D., Markantonakis, K., Mayes, K.: Optimistic fair-exchange with anonymity for bitcoin users. In: ICEBE 2014, pp. 44–51. IEEE Computer Society (2014)
Johnson, D., Menezes, A., Vanstone, S.A.: The elliptic curve digital signature algorithm (ECDSA). Int. J. Inf. Sec. 1(1), 36–63 (2001)
Lombrozo, E., Wuille, J.L.P.: Segregated witness (consensus layer). https://github.com/bitcoin/bips/blob/master/bip-0141.mediawiki
Miers, I., Garman, C., Green, M., Rubin, A.D.: Zerocoin: anonymous distributed e-cash from bitcoin. In: 2013 IEEE Symposium on Security and Privacy, pp. 397–411 (2013)
Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system (2008). https://bitcoin.org/bitcoin.pdf
Okamoto, T., Ohta, K.: How to simultaneously exchange secrets by general assumptions. In: CCS 1994, pp. 184–192. ACM (1994)
Poon, J., Dryja, T.: The bitcoin lightning network: scalable off-chain instant payments (2015)
Qin, B., Chen, L.C.H., Wu, Q.H., Zhang, Y.F., Zhong, L., Zheng, H.B.: Bitcoin and digital fiat currency. J. Crypt. Res. 4(2), 176–186 (2017)
Rackoff, C., Simon, D.R.: Non-interactive zero-knowledge proof of knowledge and chosen ciphertext attack. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 433–444. Springer, Heidelberg (1992). https://doi.org/10.1007/3-540-46766-1_35
Sun, Y., Wu, Q., Qin, B., Wang, Y., Liu, J.: Batch blind signatures on elliptic curves. In: Lopez, J., Wu, Y. (eds.) ISPEC 2015. LNCS, vol. 9065, pp. 192–206. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-17533-1_14
Zhou, J., Gollmann, D.: A fair non-repudiation protocol. In: 1996 IEEE Symposium on Security and Privacy, pp. 55–61. IEEE Computer Society (1996)
Acknowledgment
Qianhong Wu is the corresponding author. This paper is supported by the National Key Research and Development Program of China through project 2017YFB0802505, the Natural Science Foundation of China through projects 61772538, 61672083, 61370190, 61572382, 61532021, 61472429 and 61402029, and by the National Cryptography Development Fund through project MMJJ20170106.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Zhang, W. et al. (2017). TTP-free Fair Exchange of Digital Signatures with Bitcoin. In: Liu, J., Samarati, P. (eds) Information Security Practice and Experience. ISPEC 2017. Lecture Notes in Computer Science(), vol 10701. Springer, Cham. https://doi.org/10.1007/978-3-319-72359-4_4
Download citation
DOI: https://doi.org/10.1007/978-3-319-72359-4_4
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-72358-7
Online ISBN: 978-3-319-72359-4
eBook Packages: Computer ScienceComputer Science (R0)