An Extended Model of Rational Exchange Based on Dynamic Games of Imperfect Information
The notion of rational exchange introduced by Syverson in 1998 is a particularly interesting alternative when an efficient scheme for fair exchange is required but the use of a trusted third party is not allowed. A rational exchange protocol cannot provide fairness, but it ensures that rational (i.e. self-interested) parties would have no reason to deviate from the protocol. Buttyán et al (2003) have recently pointed out how rationality in exchange protocols can be formalized and studied within the framework provided by Game Theory. In this paper, we identify some vulnerabilities in Syverson’s protocol which were not detected by Buttyán et al’s analysis. These motivate us to extend the model to consider new aspects, never formalized before when analyzing security protocols. These aspects are related to participants’ reputation, protocol’s robustness, and the impact that scenarios where the protocol is executed repeatedly have on the outcome of the protocol execution.
KeywordsNash Equilibrium Security Protocol Rational Exchange Imperfect Information Trusted Third Party
Unable to display preview. Download preview PDF.
- 2.Buttyán, L., Hubaux, J.P.: A formal Analysis of Syverson’s Rational Exchange protocol. In: Proceedings of the 15th IEEE Computer Security Foundations Workshop, pp. 181–193 (June 2002)Google Scholar
- 5.Denning, D.E.: The limits of Formal Security Models. National Computer System Security Award Acceptance Speech (1999)Google Scholar
- 6.Gibbons, R.: Game Theory for Applied Economists. Princeton University Press, Princeton (1992)Google Scholar
- 7.[ISO/IEC 13888-3] Information Security. Security Techniques. Non Repudiation (1997)Google Scholar
- 9.Kremer, S., Raskin, J.F.: A game Approach to the Verification of Exchange Protocols. In: Proceedings of the 1st Workshop on Issues in the Theory of Security (July 2000)Google Scholar
- 11.Kremer, S.: Formal Analysis of Optimistic Fair Exchange Protocol. PhD Thesis. Universit Libre de Bruxelles. Facult de Sciences (2003-04)Google Scholar
- 13.Nurmi, P.: A framework for online reputation systems. Department of Computer Science, University of Helsinki (March 2005)Google Scholar
- 14.Pagnia, H., Gärtner, F.C.: On the impossibility of fair exchange without a trusted third party. Darmstadt University of Technology, Department of Computer Science. Technical Report TUD-BS-1999-02 (March 1999)Google Scholar
- 15.Syverson, P.: Weakly secret bit commitment: Applications to lotteries and fair exchange. In: Proceedings of the 11th IEEE Computer Security Foundations Workshop, pp. 2–13 (1998)Google Scholar