Abstract
Based on the study of existing fair exchange protocols, this paper sets up an accurate formal model by stepwise refinement. In the process of refinement an unreliable channel is employed to simulate an attack behavior. The model provides a novel formal definition of exchanged items, and presents the formal goals for fairness, accountability, etc., reflecting the inherent requirements for fair exchange protocols across-the-board. In order to check, prove, and design fair exchange protocols effectively and efficiently, the model puts forward a novel property of abuse-freeness which applies to all fair exchange protocols, gives a formal definition for trust strand of the third party, and presents general criteria of designing a secure and effective fair exchange protocol. Taking a typical fair exchange protocol as an example, this paper presents the analysis steps of fair exchange protocols appealing to our model. An unknown attack is uncovered. The analysis reveals the process of a complete attack, discovering deeper reasons for causing an attack. Finally, we modify the flawed protocol and the revised protocol ensures the desirable properties.
Similar content being viewed by others
References
Woodcock, J., Davies, J., Using Z: Specification, Refinement and Proof, Upper Saddle River, NJ: Prentice Hall International Series in Computer Science, 1996.
Qing, S. H., TTP roles in electronic commerce protocols, Journal of Software (in Chinese with English abstract), 2003, 14(11): 1936–1943.
Asokan, N., Fairness in electronic commerce, PhD Thesis, University of Waterloo, 1998.
Kremer, S., Formal analysis of optimistic fair exchange protocols, PhD Thesis, Universit’e Libre de Bruxelles Facult’e des Sciences, 2003–2004.
Qing, S. H., 20 years development of security protocols research, Journal of Software (in Chinese with English abstract), 2003, 14(10): 1740–1752.
Qing, S. H., Design and logical analysis of security protocols, Journal of Software (in Chinese with English abstract), 2003, 14(7): 1300–1309.
Steve, A., Schneider. Formal analysis of a non-repudiation protocol, in 11th IEEE Computer Security Foundations Workshop, Washington-Brussels-Tokyo: IEEE, 1998, 54–65.
Bella, G., Paulson, L. C., Mechanical proofs about a nonrepudiation protocol, in Theorem Proving in Higher Order Logics (eds. Boulton, R. J., Jackson, P. B.), volume 2152 of Lecture Notes in Computer Science, Berlin: Springer-Verlag, 2001, 91–104.
Boyd, C., Kearney, P., Exploring fair exchange protocols using specification animation, in Information Security—International Workshop on Information Security (eds. Pieprzyk, J., Okamoto, E., Seberry, J.), volume 1975 of Lecture Notes in Computer Science, Wollogong, Australia, December 2000, Berlin: Springer-Verlag, 209–223.
Chadha, R., Kanovich, M., Scedrov, A., Inductive methods and contract signing protocols, in 8th ACM Conference on Computer and Communications Security (ed. Samarati, P.), Philadelphia, PA: ACM Press, 2001, 176–185.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Qing, S., Li, G. A formal model of fair exchange protocols. Sci China Ser F 48, 499–512 (2005). https://doi.org/10.1360/122004-30
Received:
Issue Date:
DOI: https://doi.org/10.1360/122004-30