Risk Balance in Optimistic Non-repudiation Protocols

  • Mohammad Torabi Dashti
  • Jan Cederquist
  • Yanjing Wang
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7140)


We investigate how the behaviors of malicious trusted parties affect participants of optimistic non-repudiation protocols. We introduce a notion of risk balance for exchange protocols. Intuitively, risk balance refers to fairness in the amount of protection a protocol offers to the participants against malicious trustees. We explore how risk balance relates to the notions of accountable trustees and transparent trustees previously introduced by Asokan and Micali, respectively. As a case study, we investigate the consequences of malicious behaviors of trusted parties in the context of two fair non-repudiation protocols, proposed by Gürgens, Rudolph and Vogt (2005). We discover a number of security issues in these protocols and propose simple solutions for fixing them.


Optimistic fair exchange Non-repudiation Trust Risk Game theory 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Asokan, N.: Fairness in electronic commerce. PhD thesis. University of Waterloo (1998)Google Scholar
  2. 2.
    Asokan, N., Shoup, V., Waidner, M.: Asynchronous protocols for optimistic fair exchange. In: IEEE Security and Privacy 1998, pp. 86–99. IEEE CS (1998)Google Scholar
  3. 3.
    Ateniese, G., de Medeiros, B., Goodrich, M.: TRICERT: A distributed certified e-mail scheme. In: NDSS 2001. Internet Society (2001)Google Scholar
  4. 4.
    Buttyán, L., Hubaux, J., Capkun, S.: A formal model of rational exchange and its application to the analysis of Syverson’s protocol. J. Computer Security 12(3-4), 551–587 (2004)Google Scholar
  5. 5.
    Chadha, R., Mitchell, J., Scedrov, A., Shmatikov, V.: Contract Signing, Optimism, and Advantage. In: Amadio, R.M., Lugiez, D. (eds.) CONCUR 2003. LNCS, vol. 2761, pp. 366–382. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  6. 6.
    Dolev, D., Yao, A.: On the security of public key protocols. IEEE Trans. on Information Theory IT-29(2), 198–208 (1983)MathSciNetCrossRefGoogle Scholar
  7. 7.
    Franklin, M., Reiter, M.: Fair exchange with a semi-trusted third party (extended abstract). In: ACM CCS 1997, pp. 1–5. ACM Press (1997)Google Scholar
  8. 8.
    Gürgens, S., Rudolph, C., Vogt, H.: On the security of fair non-repudiation protocols. Int. J. Inf. Sec. 4(4), 253–262 (2005)CrossRefGoogle Scholar
  9. 9.
    Imamoto, K., Zhou, J., Sakurai, K.: An Evenhanded Certified Email System for Contract Signing. In: Qing, S., Mao, W., López, J., Wang, G. (eds.) ICICS 2005. LNCS, vol. 3783, pp. 1–13. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  10. 10.
    Micali, S.: Simple and fast optimistic protocols for fair electronic exchange. In: PODC 2003, pp. 12–19. ACM Press (2003)Google Scholar
  11. 11.
    Osborne, M., Rubinstein, A.: A Course in Game Theory. MIT Press (1999)Google Scholar
  12. 12.
    Pagnia, H., Vogt, H., Gärtner, F.: Fair exchange. The Computer Journal 46(1), 55–57 (2003)zbMATHCrossRefGoogle Scholar
  13. 13.
    Ray, I., Ray, I., Natarajan, N.: An anonymous and failure resilient fair-exchange e-commerce protocol. Decision Support Systems 39(3), 267–292 (2005)CrossRefGoogle Scholar
  14. 14.
    Sandholm, T., Wang, X.: (Im)possibility of safe exchange mechanism design. In: 8th International Conference on Artificial Intelligence, pp. 338–344. AAAI (2002)Google Scholar
  15. 15.
    Schunter, M.: Optimistic fair exchange. PhD thesis, Universität des Saarlandese (2000)Google Scholar
  16. 16.
    Srivatsa, M., Xiong, L., Liu, L.: ExchangeGuard: A distributed protocol for electronic fair-exchange. In: IPDPS 2005, p. 105b. IEEE CS (2005)Google Scholar
  17. 17.
    Torabi Dashti, M., Wang, Y.: Risk Balance in Exchange Protocols. In: Cervesato, I. (ed.) ASIAN 2007. LNCS, vol. 4846, pp. 70–77. Springer, Heidelberg (2007)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Mohammad Torabi Dashti
    • 1
  • Jan Cederquist
    • 2
  • Yanjing Wang
    • 3
  1. 1.ETH ZürichSwitzerland
  2. 2.Dep. Engenharia Informática, Instituto Superior TécnicoUniversidade Técnica de Lisboa, SQIG, Instituto de TelecomunicaçõesPortugal
  3. 3.Department of PhilosophyPeking UniversityBeijingChina

Personalised recommendations