Paper 2008/431

Usable Optimistic Fair Exchange

Alptekin Kupcu and Anna Lysyanskaya


Fairly exchanging digital content is an everyday problem. It has been shown that fair exchange cannot be done without a trusted third party (called the Arbiter). Yet, even with a trusted party, it is still non-trivial to come up with an efficient solution, especially one that can be used in a p2p file sharing system with a high volume of data exchanged. We provide an efficient optimistic fair exchange mechanism for bartering digital files, where receiving a payment in return to a file (buying) is also considered fair. The exchange is optimistic, removing the need for the Arbiter's involvement unless a dispute occurs. While the previous solutions employ costly cryptographic primitives for every file or block exchanged, our protocol employs them only once per peer, therefore achieving O(n) efficiency improvement when n blocks are exchanged between two peers. The rest of our protocol uses very efficient cryptography, making it perfectly suitable for a p2p file sharing system where tens of peers exchange thousands of blocks and they do not know beforehand which ones they will end up exchanging. Therefore, our system yields to one-two orders of magnitude improvement in terms of both computation and communication (40 seconds vs. 42 minutes, 1.6MB vs. 200MB). Thus, for the first time, a provably secure (and privacy respecting when payments are made using e-cash) fair exchange protocol is being used in real bartering applications (e.g., BitTorrent) without sacrificing performance.

Note: updated performance numbers

Available format(s)
Cryptographic protocols
Publication info
Published elsewhere. full version of the CT-RSA 2010 paper with the same title
fair exchangebarterpeer-to-peer file sharingBitTorrent.
Contact author(s)
kupcu @ cs brown edu
2010-01-26: last of 4 revisions
2008-10-08: received
See all versions
Short URL
Creative Commons Attribution


      author = {Alptekin Kupcu and Anna Lysyanskaya},
      title = {Usable Optimistic Fair Exchange},
      howpublished = {Cryptology ePrint Archive, Paper 2008/431},
      year = {2008},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.