skip to main content
research-article

Optimally Efficient Multi-party Fair Exchange and Fair Secure Multi-party Computation

Published:23 November 2021Publication History
Skip Abstract Section

Abstract

Multi-party fair exchange (MFE) and fair secure multi-party computation (fair SMPC) are under-studied fields of research, with practical importance. In particular, we consider MFE scenarios where at the end of the protocol, either every participant receives every other participant’s item, or no participant receives anything. We analyze the case where a trusted third party (TTP) is optimistically available, although we emphasize that the trust put on the TTP is only regarding the fairness, and our protocols preserve the privacy of the exchanged items against the TTP. In the fair SMPC case, we prove that a malicious TTP can only harm fairness, but not security.

We construct an asymptotically optimal multi-party fair exchange protocol that requires a constant number of rounds (in comparison to linear) and O(n2) messages (in comparison to cubic), where n is the number of participating parties. In our protocol, we enable the parties to efficiently exchange any item that can be efficiently put into a verifiable encryption (e.g., signatures on a contract). We show how to apply this protocol on top of any SMPC protocol to achieve fairness with very little overhead (independent of the circuit size). We then generalize our protocol to efficiently handle any exchange topology (participants exchange items with arbitrary other participants). Our protocol guarantees fairness in its strongest sense: even if all n-1 other participants are malicious and colluding with each other, the fairness is still guaranteed.

REFERENCES

  1. [1] Akinyele Joseph A., Garman Christina, Miers Ian, Pagano Matthew W., Rushanan Michael, Green Matthew, and Rubin Aviel D.. 2013. Charm: A framework for rapidly prototyping cryptosystems. J. Cryptogr. Eng. 3, 2 (2013), 111128.Google ScholarGoogle ScholarCross RefCross Ref
  2. [2] Andrychowicz Marcin, Dziembowski Stefan, Malinowski Daniel, and Mazurek Lukasz. 2014. Secure multiparty computations on bitcoin. In Proceedings of the IEEE Symposium on Security and Privacy. IEEE, 443458. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. [3] Asharov Gilad. 2014. Towards characterizing complete fairness in secure two-party computation. In Proceedings of the TCC. Springer, 291316.Google ScholarGoogle ScholarCross RefCross Ref
  4. [4] Asharov Gilad, Beimel Amos, Makriyannis Nikolaos, and Omri Eran. 2015. Complete characterization of fairness in secure two-party computation of Boolean functions. In Proceedings of the TCC. 199228.Google ScholarGoogle ScholarCross RefCross Ref
  5. [5] Asharov Gilad, Canetti Ran, and Hazay Carmit. 2011. Towards a game theoretic view of secure computation. In Proceedings of the EUROCRYPT, Vol. 6632. Springer, 426445. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. [6] Asharov Gilad, Lindell Yehuda, and Zarosim Hila. 2013. Fair and efficient secure multiparty computation with reputation systems. In Proceedings of the ASIACRYPT. Springer, 201220.Google ScholarGoogle ScholarCross RefCross Ref
  7. [7] Asokan N., Schunter Matthias, and Waidner Michael. 1996. Optimistic Protocols for Multi-party Fair Exchange. Technical Report RZ2892, IBM Research.Google ScholarGoogle Scholar
  8. [8] Asokan N., Shoup Victor, and Waidner Michael. 2000. Optimistic fair exchange of digital signatures. IEEE J. Select. Areas Commun. (2000), 591610.Google ScholarGoogle Scholar
  9. [9] Ateniese Giuseppe. 1999. Efficient verifiable encryption (and fair exchange) of digital signatures. In Proceedings of the ACM CCS. ACM, 138146. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. [10] Ateniese Giuseppe and Nita-Rotaru Cristina. 2002. Stateless-recipient certified e-mail system based on verifiable encryption. In Proceedings of the CT-RSA, Vol. 2. Springer, 182199. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. [11] Avoine Gildas and Vaudenay Serge. 2004. Optimistic fair exchange based on publicly verifiable secret sharing. In Proceedings of the ACISP, Vol. 3108. Springer, 7485.Google ScholarGoogle ScholarCross RefCross Ref
  12. [12] Bao Feng, Deng Robert, Nguyen Khanh Quoc, and Varadharajan Vijay. 1999. Multi-party fair exchange with an off-line trusted neutral party. In Proceedings of the DEXA. IEEE, 858862. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. [13] Bao Feng, Deng Robert H., and Mao Wenbo. 1998. Efficient and practical fair exchange protocols with off-line TTP. In Proceedings of the IEEE SP Symposium. 7785.Google ScholarGoogle Scholar
  14. [14] Baum Carsten, Damgård Ivan, and Orlandi Claudio. 2014. Publicly auditable secure multi-party computation. In Proceedings of the SCN. Springer, 175196.Google ScholarGoogle ScholarCross RefCross Ref
  15. [15] Baum Carsten, David Bernardo, and Dowsley Rafael. 2020. Insured MPC: Efficient secure computation with financial penalties. In Proceedings of the FC.Google ScholarGoogle Scholar
  16. [16] Baum Carsten, David Bernardo, Dowsley Rafael, Nielsen Jesper Buus, and Oechsner Sabine. 2020. CRAFT: Composable randomness beacons and output-independent abort MPC from time. IACR Cryptology ePrint Archive, Report 2020/784.Google ScholarGoogle Scholar
  17. [17] Baum Carsten, David Bernardo, Dowsley Rafael, Nielsen Jesper Buus, and Oechsner Sabine. 2021. TARDIS: A foundation of time-lock puzzles in UC. In EUROCRYPT. Springer.Google ScholarGoogle Scholar
  18. [18] Baum-Waidner Birgit and Waidner Michael. 2000. Round-optimal and abuse-free optimistic multi-party contract signing. In Proceedings of the ICALP. Springer, 524535. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. [19] Belenkiy Mira, Chase Melissa, Erway C. Chris, Jannotti John, Küpçü Alptekin, Lysyanskaya Anna, and Rachlin Eric. 2007. Making P2P accountable without losing privacy. In Proceedings of the WPES. ACM, 3140. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. [20] Ben-Or Michael, Goldwasser Shafi, and Wigderson Avi. 1988. Completeness theorems for non-cryptographic fault-tolerant distributed computation. In Proceedings of the STOC. ACM, 110. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. [21] Bentov Iddo and Kumaresan Ranjit. 2014. How to use bitcoin to design fair protocols. In Proceedings of the CRYPTO. Springer, 421439.Google ScholarGoogle ScholarCross RefCross Ref
  22. [22] Bentov Iddo, Kumaresan Ranjit, and Miller Andrew. 2017. Instantaneous decentralized poker. In Proceedings of the AsiaCrypt. Springer, 410440.Google ScholarGoogle ScholarCross RefCross Ref
  23. [23] Blum Manuel, Feldman Paul, and Micali Silvio. 1988. Non-interactive zero-knowledge and its applications. In Proceedings of the STOC. ACM, 103112. Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. [24] Brownie Points Project [n.d.]. Brownie Cashlib Cryptographic Library. Retrieved from http://github.com/brownie/cashlib.Google ScholarGoogle Scholar
  25. [25] Cachin Christian and Camenisch Jan. 2000. Optimistic fair secure computation. In Proceedings of the CRYPTO. Springer, 93111. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. [26] Camenisch Jan and Damgård Ivan. 2000. Verifiable encryption, group encryption, and their applications to separable group signatures and signature sharing schemes. In Proceedings of the ASIACRYPT. Springer, 331345. Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. [27] Camenisch Jan and Damgård Ivan B.. 1998. Verifiable encryption and applications to group signatures and signature sharing. BRICS Report Ser. 5, 32 (1998).Google ScholarGoogle Scholar
  28. [28] Camenisch Jan and Shoup Victor. 2003. Practical verifiable encryption and decryption of discrete logarithms. In Proceedings of the CRYPTO. Springer, 126144.Google ScholarGoogle ScholarCross RefCross Ref
  29. [29] Canetti Ran. 2000. Security and composition of multiparty cryptographic protocols. J. Cryptol. 13 (2000), 143202. Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. [30] Choudhuri Arka Rai, Green Matthew, Jain Abhishek, Kaptchuk Gabriel, and Miers Ian. 2017. Fairness in an unfair world: Fair multiparty computation from public bulletin boards. In Proceedings of the ACM SIGSAC Conference. 719728. Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. [31] Cohen Ran and Lindell Yehuda. 2017. Fairness versus guaranteed output delivery in secure multiparty computation. J. Cryptol. 30, 4 (2017), 11571186. Google ScholarGoogle ScholarDigital LibraryDigital Library
  32. [32] Cramer Ronald, Damgård Ivan, and Nielsen Jesper. 2001. Multiparty computation from threshold homomorphic encryption. In Proceedings of the EUROCRYPT. Springer, 280300. Google ScholarGoogle ScholarDigital LibraryDigital Library
  33. [33] Cramer Ronald and Shoup Victor. 2002. Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public-key encryption. In Proceedings of the CRYPTO. Springer, 4564. Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. [34] Damgård Ivan. 2002. On \(\Sigma\)-protocols. Lecture Notes, University of Aarhus, Department for Computer Science (2002).Google ScholarGoogle Scholar
  35. [35] Dodis Yevgeniy, Lee Pil, and Yum Dae. 2007. Optimistic fair exchange in a multi-user setting. In Proceedings of the PKC. Springer, 118133. Google ScholarGoogle ScholarDigital LibraryDigital Library
  36. [36] Draper-Gil Gerard, Ferrer-Gomila Josep-Lluís, Hinarejos M. Francisca, and Zhou Jianying. 2015. On the efficiency of multi-party contract signing protocols. In Proceedings of the ISC. Springer, 227243. Google ScholarGoogle ScholarDigital LibraryDigital Library
  37. [37] Dziembowski Stefan, Eckey Lisa, and Faust Sebastian. 2018. Fairswap: How to fairly exchange digital goods. In Proceedings of the ACM SIGSAC. 967984. Google ScholarGoogle ScholarDigital LibraryDigital Library
  38. [38] ElGamal Taher. 1985. A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Trans. Info. Theory 31, 4 (1985), 469472. Google ScholarGoogle ScholarDigital LibraryDigital Library
  39. [39] Even Shimon and Yacobi Yacov. 1980. Relations Among Public Key Signature Systems. Technical Report 175, Technion, Haifa, Israel.Google ScholarGoogle Scholar
  40. [40] Fiat Amos and Shamir Adi. 1986. How to prove yourself: Practical solutions to identification and signature problems. In Proceedings of the CRYPTO. Springer, 186194. Google ScholarGoogle ScholarDigital LibraryDigital Library
  41. [41] Franklin Matt and Tsudik Gene. 1998. Secure group barter: Multi-party fair exchange with semi-trusted neutral parties. In Proceedings of the FC. Springer, 90102. Google ScholarGoogle ScholarDigital LibraryDigital Library
  42. [42] Garay Juan, Katz Jonathan, Tackmann Björn, and Zikas Vassilis. 2015. How fair is your protocol? A utility-based approach to protocol optimality. In Proceedings of the PODC. ACM, 281290. Google ScholarGoogle ScholarDigital LibraryDigital Library
  43. [43] Garay Juan, MacKenzie Philip, Prabhakaran Manoj, and Yang Ke. 2011. Resource fairness and composability of cryptographic protocols. J. Cryptol. 24, 4 (Oct. 2011), 615658. Google ScholarGoogle ScholarDigital LibraryDigital Library
  44. [44] Garay Juan A., Jakobsson Markus, and MacKenzie Philip. 1999. Abuse-free optimistic contract signing. In Proceedings of the CRYPTO, Vol. 99. Springer, 449466. Google ScholarGoogle ScholarDigital LibraryDigital Library
  45. [45] Garay Juan A. and MacKenzie Philip D.. 1999. Abuse-free multi-party contract signing. In Proceedings of the DISC, Vol. 99. Springer, 151165. Google ScholarGoogle ScholarDigital LibraryDigital Library
  46. [46] Goldreich Oded. 2009. Foundations of Cryptography: Volume 2, Basic Applications. Cambridge University Press. Google ScholarGoogle ScholarDigital LibraryDigital Library
  47. [47] Goldreich Oded, Micali Silvio, and Wigderson Avi. 1987. How to play any mental game. In Proceedings of the STOC. ACM, 218229. Google ScholarGoogle ScholarDigital LibraryDigital Library
  48. [48] Goldwasser Shafi and Lindell Yehuda. 2005. Secure multi-party computation without agreement. J. Cryptol. 18, 3 (2005), 247287. Google ScholarGoogle ScholarDigital LibraryDigital Library
  49. [49] González-Deleito Nicolás and Markowitch Olivier. 2001. An optimistic multi-party fair exchange protocol with reduced trust requirements. In Proceedings of the ICISC. Springer, 258267. Google ScholarGoogle ScholarDigital LibraryDigital Library
  50. [50] Gordon S. Dov, Hazay Carmit, Katz Jonathan, and Lindell Yehuda. 2011. Complete fairness in secure two-party computation. J. ACM 58 (2011). Google ScholarGoogle ScholarDigital LibraryDigital Library
  51. [51] Gordon S. Dov, Ishai Yuval, Moran Tal, Ostrovsky Rafail, and Sahai Amit. 2010. On complete primitives for fairness. In Proceedings of the TCC. Springer, 91108. Google ScholarGoogle ScholarDigital LibraryDigital Library
  52. [52] Gordon Samuel Dov and Katz Jonathan. 2009. Complete fairness in multi-party computation without an honest majority. In Proceedings of the TCC. Google ScholarGoogle ScholarDigital LibraryDigital Library
  53. [53] Gordon S. Dov and Katz Jonathan. 2010. Partial fairness in secure two-party computation. In Proceedings of the EUROCRYPT, Vol. 6110. Springer, 157176. Google ScholarGoogle ScholarDigital LibraryDigital Library
  54. [54] Gordon S. Dov and Katz Jonathan. 2012. Partial fairness in secure two-party computation. J. Cryptol. 25, 1 (2012), 1440. Google ScholarGoogle ScholarDigital LibraryDigital Library
  55. [55] Groce Adam and Katz Jonathan. 2012. Fair computation with rational players. In Proceedings of the EUROCRYPT. Springer, 8198. Google ScholarGoogle ScholarDigital LibraryDigital Library
  56. [56] Guerraoui Rachid and Wang Jingjing. 2016. Optimal fair computation. In Proceedings of the DISC. Springer, 143157.Google ScholarGoogle ScholarCross RefCross Ref
  57. [57] Katz Jonathan, Maurer Ueli, Tackmann Björn, and Zikas Vassilis. 2013. Universally composable synchronous computation. In Proceedings of the TCC. Springer, 477498. Google ScholarGoogle ScholarDigital LibraryDigital Library
  58. [58] Kiayias Aggelos, Zhou Hong-Sheng, and Zikas Vassilis. 2016. Fair and robust multi-party computation using a global transaction ledger. In Proceedings of the EUROCRYPT. Springer, 705734. Google ScholarGoogle ScholarDigital LibraryDigital Library
  59. [59] Kılınç Handan and Küpçü Alptekin. 2016. Efficiently making secure two-party computation fair. In Proceedings of the FC. Springer, 188207.Google ScholarGoogle Scholar
  60. [60] Kılınç Handan and Küpçü Alptekin. 2015. Optimally efficient multi-party fair exchange and fair secure multi-party computation. In Proceedings of the CT-RSA. 330349.Google ScholarGoogle Scholar
  61. [61] Alper Handan Kılınç and Küpçü Alptekin. 2021. Coin-based multi-party fair exchange. In Proceedings of the ACNS.Google ScholarGoogle Scholar
  62. [62] Kiraz Mehmet S. and Schoenmakers Berry. 2008. An efficient protocol for fair secure two-party computation. In Proceedings of the CT-RSA, Vol. 8. Springer, 88105. Google ScholarGoogle ScholarDigital LibraryDigital Library
  63. [63] Kumaresan Ranjit and Bentov Iddo. 2016. Amortizing secure computation with penalties. In Proceedings of the ACM SIGSAC. 418429. Google ScholarGoogle ScholarDigital LibraryDigital Library
  64. [64] Kumaresan Ranjit, Vaikuntanathan Vinod, and Vasudevan Prashant Nalini. 2016. Improvements to secure computation with penalties. In Proceedings of the ACM SIGSAC. 406417. Google ScholarGoogle ScholarDigital LibraryDigital Library
  65. [65] Küpçü Alptekin and Lysyanskaya Anna. 2012. Usable optimistic fair exchange. Comput. Netw. 56, 1 (2012), 50–63. Google ScholarGoogle ScholarDigital LibraryDigital Library
  66. [66] Küpçü Alptekin. 2013. Distributing trusted third parties. ACM SIGACT News Distrib. Comput. Column 44 (2013), 92112. Google ScholarGoogle ScholarDigital LibraryDigital Library
  67. [67] Küpçü Alptekin and Lysyanskaya Anna. 2010. Optimistic fair exchange with multiple arbiters. In Proceedings of the ESORICS. Springer, 488507. Google ScholarGoogle ScholarDigital LibraryDigital Library
  68. [68] Küpçü Alptekin and Mohassel Payman. 2016. Fast optimistically fair cut-and-choose 2PC. In Proceedings of the FC. Springer, 208228.Google ScholarGoogle Scholar
  69. [69] Lindell Yehuda and Pinkas Benny. 2007. An efficient protocol for secure two-party computation in the presence of malicious adversaries. In Proceedings of the EUROCRYPT. Springer, 5278. Google ScholarGoogle ScholarDigital LibraryDigital Library
  70. [70] Liu Yi and Hu Hongli. 2011. An improved protocol for optimistic multi-party fair exchange. In Proceedings of the EMEIT, Vol. 9. IEEE, 48644867.Google ScholarGoogle ScholarCross RefCross Ref
  71. [71] Lohr Matthias, Schlosser Benjamin, Jürjens Jan, and Staab Steffen. 2020. Cost fairness for blockchain-based two-party exchange protocols. In 2020 IEEE International Conference on Blockchain (Blockchain). DOI: 10.1109/Blockchain50366.2020.00062Google ScholarGoogle Scholar
  72. [72] Markowitch Olivier and Kremer Steve. 2000. A multi-party optimistic non-repudiation protocol. In Proceedings of the ICISC. Springer, 109122. Google ScholarGoogle ScholarDigital LibraryDigital Library
  73. [73] Mauw Sjouke and Radomirović Saša. 2015. Generalizing multi-party contract signing. In Proceedings of the POST. Springer, 156175. Google ScholarGoogle ScholarDigital LibraryDigital Library
  74. [74] Mauw Sjouke, Radomirovic Sasa, and Dashti Mohammad Torabi. 2009. Minimal message complexity of asynchronous multi-party contract signing. In Proceedings of the CSF. IEEE, 1325. Google ScholarGoogle ScholarDigital LibraryDigital Library
  75. [75] Meiklejohn Sarah, Erway C. Christopher, Küpçü Alptekin, Hinkle Theodora, and Lysyanskaya Anna. 2010. ZKPDL: A language-based system for efficient zero-knowledge proofs and electronic cash. In Proceedings of the USENIX Security Symposium. Google ScholarGoogle ScholarDigital LibraryDigital Library
  76. [76] Micali Silvio. 2003. Simple and fast optimistic protocols for fair electronic exchange. In Proceedings of the PODC. ACM, 1219. Google ScholarGoogle ScholarDigital LibraryDigital Library
  77. [77] Mukhamedov Aybek and Ryan Mark D.. 2008. Fair multi-party contract signing using private contract signatures. Elsevier Info. Comput. 206 (2008), 272290. Google ScholarGoogle ScholarDigital LibraryDigital Library
  78. [78] Pagnia Henning and Gärtner Felix C.. 1999. On the Impossibility of Fair Exchange Without a Trusted Third Party. Technical Report TUD-BS-1999-02, Darmstadt University of Technology.Google ScholarGoogle Scholar
  79. [79] Pedersen Torben. 1991. A threshold cryptosystem without a trusted party. In Proceedings of the EUROCRYPT. Springer, 522526. Google ScholarGoogle ScholarDigital LibraryDigital Library
  80. [80] Pinkas Benny. 2003. Fair secure two-party computation. In Proceedings of the EUROCRYPT, Vol. 2656. Springer, 87105. Google ScholarGoogle ScholarDigital LibraryDigital Library
  81. [81] Radomirovic Sasa. 2012. A construction of short sequences containing All permutations of a set as subsequences. Electron. J. Combinat. 19, 4 (2012), 31.Google ScholarGoogle ScholarCross RefCross Ref
  82. [82] Ruan Ou, Chen Jing, Zhou Jing, Cui Yongquan, and Zhang Mingwu. 2014. An efficient fair UC-secure protocol for two-party computation. Secur. Commun. Netw. 7, 8 (2014), 12531263. Google ScholarGoogle ScholarDigital LibraryDigital Library
  83. [83] Shoup Victor and Gennaro Rosario. 2002. Securing threshold cryptosystems against chosen ciphertext attack. J. Cryptol. (2002), 7596. Google ScholarGoogle ScholarDigital LibraryDigital Library
  84. [84] Zamani Mahdi, Movahedi Mahnush, and Saia Jared. 2014. Millions of millionaires: Multiparty computation in large networks. IACR Cryptol. ePrint Arch. 2014 (2014), 149.Google ScholarGoogle Scholar

Index Terms

  1. Optimally Efficient Multi-party Fair Exchange and Fair Secure Multi-party Computation

      Recommendations

      Comments

      Login options

      Check if you have access through your login credentials or your institution to get full access on this article.

      Sign in

      Full Access

      • Published in

        cover image ACM Transactions on Privacy and Security
        ACM Transactions on Privacy and Security  Volume 25, Issue 1
        February 2022
        219 pages
        ISSN:2471-2566
        EISSN:2471-2574
        DOI:10.1145/3485162
        Issue’s Table of Contents

        Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

        Publisher

        Association for Computing Machinery

        New York, NY, United States

        Publication History

        • Published: 23 November 2021
        • Accepted: 1 July 2021
        • Revised: 1 May 2021
        • Received: 1 February 2021
        Published in tops Volume 25, Issue 1

        Permissions

        Request permissions about this article.

        Request Permissions

        Check for updates

        Qualifiers

        • research-article
        • Refereed

      PDF Format

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader

      Full Text

      View this article in Full Text.

      View Full Text

      HTML Format

      View this article in HTML Format .

      View HTML Format
      About Cookies On This Site

      We use cookies to ensure that we give you the best experience on our website.

      Learn more

      Got it!