Paper 2015/064
Optimally Efficient Multi-Party Fair Exchange and Fair Secure Multi-Party Computation
Handan Kılınç and Alptekin Küpçü
Abstract
Multi-party fair exchange (MFE) and fair secure multi-party computation (fair SMPC) are is under-studied field of research, with practical importance. In particular, we consider MFE scenarios where at the end of the protocol, either every participant receives every other participant’s item, or no participant receives anything. We analyze the case where a trusted third party (TTP) is optimistically available, although we emphasize that the trust put on the TTP is only regarding the fairness, and our protocols preserve the privacy of the exchanged items against the TTP. In the fair SMPC case, we prove that a malicious TTP can only harm fairness, but not security. We construct two asymptotically optimal multi-party fair exchange protocols that require a constant number of rounds (in comparison to linear) and O(n^2) messages (in comparison to cubic), where n is the number of participating parties. In one protocol, we enable the parties to efficiently exchange any item that can be efficiently put into a verifiable encryption (e.g., signatures on a contract). We show how to apply this protocol on top of any SMPC protocol to achieve fairness with very little overhead (independent of the circuit size), especially if the SMPC protocol works with arithmetic circuits. In our other protocol, we let the parties exchange any verifiable item, without the constraint that it must be efficiently put into a verifiable encryption (e.g., a file cannot be efficiently verifiably encrypted, but if its hash is known, once obtained, the file can be verified). We achieve this via the use of electronic payments, where if an item is not obtained, the payment of its owner will be obtained in return of the item that is sent. We then generalize our protocols to efficiently handle any exchange topology (participants exchange items with arbitrary other participants). Our protocols guarantee fairness in its strongest sense: even if all n-1 other participants are malicious and colluding with each other, the fairness is still guaranteed.
Metadata
- Available format(s)
- Category
- Cryptographic protocols
- Publication info
- Published elsewhere. Major revision. CT-RSA 2015
- Keywords
- multi-party fair exchangefair computationoptimistic modelsecure multi-party computationelectronic payments
- Contact author(s)
- handan kilinc @ epfl ch
- History
- 2019-03-07: last of 5 revisions
- 2015-01-29: received
- See all versions
- Short URL
- https://ia.cr/2015/064
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2015/064, author = {Handan Kılınç and Alptekin Küpçü}, title = {Optimally Efficient Multi-Party Fair Exchange and Fair Secure Multi-Party Computation}, howpublished = {Cryptology {ePrint} Archive, Paper 2015/064}, year = {2015}, url = {https://eprint.iacr.org/2015/064} }