International Journal of Information Security

, Volume 7, Issue 1, pp 85–100 | Cite as

Bayesian rational exchange

  • Juan M. Estevez-TapiadorEmail author
  • Almudena Alcaide
  • Julio C. Hernandez-Castro
  • Arturo Ribagorda
Special Issue Paper


The notion of rational exchange introduced by Syverson (Proceedings of the 11th IEEE Computer Society Foundations Workshop, pp. 2–13, 1998) is a particularly interesting alternative when an efficient scheme for fair exchange is required but the use of a trusted third party is not allowed. A rational exchange protocol cannot provide fairness, but it ensures that rational (i.e., self-interested) parties would have no reason to deviate from the protocol. Buttyán et al. (J. Comput. Security 12(3/4), 551–588, 2004) have recently pointed out how rationality in exchange protocols can be formalized and studied within the framework provided by Game Theory. In particular, Buttyan’s formal model was used to analyze Syverson’s rational exchange protocol. In this paper, we identify a series of drawbacks in Buttyan’s model which make it somewhat restrictive and unrealistic. We propose an extension to the model which enables us to consider different classes of protocol parties (e.g., honest and dishonest parties), as well as modeling attributes such as reputation or any other participant beliefs that could have an effect on the protocol outcome. The resulting new model enables us to reason rational exchange protocols from the point of view of Bayesian rationality, a notion that may be in some scenarios more appropriate than that defined in terms of Nash equilibrium.


Rational exchange Syverson’s protocol Cryptographic protocols Automated validation Game theory 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Abadi, M., Glew, N., Horne, B., Pinkas, B.: Certified email with a light on-line trusted third party: design and implementation. In: Proceedings of 2002 International World Wide Web Conference, pp. 387–395. ACM Press (2002)Google Scholar
  2. 2.
    Asokan, N., Schunter, M., Waidner, M.: Optimistic protocols for fair exchange. In: Matsumoto, T. (ed.), 4th ACM Conference on Computer and Communications Security, vol. 6, pp. 8–17. ACM Press (1997)Google Scholar
  3. 3.
    Asokan, N., Shoup, V., Waidner, M.: Asynchronous protocols for optimistic fair exchange. In: Proceedings of the IEEE Symposium on Research in Security and Privacy, pp. 86–99. IEEE Press (1998)Google Scholar
  4. 4.
    Asokan, N.: Fairness in electronic commerce. Ph.D. Thesis. University of Waterloo (1998)Google Scholar
  5. 5.
    Bahreman, A., Tygar, J.D.: Certified electronic mail. In: Proceedings of 1994 Symposium on Network and Distributed System Security, pp. 3–19. Internet Society (1994)Google Scholar
  6. 6.
    Buttyán, L., Hubaux, J.P.: Rational exchange—a formal model based on game theory. In: Proceedings of the 2nd International Workshop on Electronic Commerce (2001)Google Scholar
  7. 7.
    Buttyán, L., Hubaux, J.P.: A formal analysis of syverson’s rational exchange protocol. In: Proceedings of the 15th IEEE Computer Security Foundations Workshop, pp. 193–205. IEEE Press (2002)Google Scholar
  8. 8.
    Buttyán L., Hubaux J.P. and Čapkun S. (2004). A formal model of rational exchange and its application to the analysis of syverson’s protocol. J. Comput. Security 12(3/4): 551–588 Google Scholar
  9. 9.
    Even, S., Yacobi, Y.: Relations among public key signature system. Technical Report 175 (1980). Computer Science Department, Technion, Haifa, IsraelGoogle Scholar
  10. 10.
    Fischer M.J., Lynch N.A. and Paterson M.S. (1985). Impossibility of distributed consensus with one faulty process. J. ACM 32(2): 374–382 zbMATHCrossRefMathSciNetGoogle Scholar
  11. 11.
    Fudenberg D. and Tirole J. (1991). Perfect Bayesian equilibrium and sequential equilibrium. J. Econ. Theory 53(2): 236–260 zbMATHCrossRefMathSciNetGoogle Scholar
  12. 12.
    Gibbons R. (1992). Game Theory for Applied Economists. Princeton University Press, Princeton Google Scholar
  13. 13.
    Kremer S., Markowitch O. and Zhou J. (2002). An intensive survey of fair non-repudiation protocols. Comput. Commun. 25(17): 1606–1621 CrossRefGoogle Scholar
  14. 14.
    McKelvey, R.D., McLennan, A.M., Turocy, T.L.: Gambit: software tools for game theory, Version 0.2006.01.20 (2006). Available online at: Scholar
  15. 15.
    Pagnia, H., Gärtner, F.C.: On the impossibility of fair exchange without a trusted third party. Darmstadt University of Technology, Department of Computer Science. Technical Report TUD-BS- 1999-02 (1999)Google Scholar
  16. 16.
    Pagnia H., Vogt H. and Gärtner F.C. (2003). Fair exchange. Comput. J. 46(1): 55–75 zbMATHCrossRefGoogle Scholar
  17. 17.
    Syverson, P.: Weakly secret bit commitment: applications to lotteries and fair exchange. In: Proceedings of the 11th IEEE Computer Security Foundations Workshop, pp. 2–13. IEEE Press (1998)Google Scholar

Copyright information

© Springer-Verlag 2007

Authors and Affiliations

  • Juan M. Estevez-Tapiador
    • 1
    Email author
  • Almudena Alcaide
    • 1
  • Julio C. Hernandez-Castro
    • 1
  • Arturo Ribagorda
    • 1
  1. 1.Computer Science DepartmentCarlos III University of MadridLeganés, Madrid,Spain

Personalised recommendations