Paper 2022/719
Contingent payments from two-party signing and verification for abelian groups
, University of Luxembourg, University of LuxembourgAbstract
The fair exchange problem has faced for a long time the bottleneck of a required trusted third party. The recent development of blockchains introduces a new type of party to this problem, whose trustworthiness relies on a public ledger and distributed computation. The challenge in this setting is to reconcile the minimalistic and public nature of blockchains with elaborate fair exchange requirements, from functionality to privacy. Zero-knowledge contingent payments (ZKCP) are a class of protocols that are promising in this direction, allowing the fair exchange of data for payment. We propose a new ZKCP protocol that, when compared to others, requires less computation from the blockchain and less interaction between parties. The protocol is based on two-party (weak) adaptor signatures, which we show how to instantiate from state of the art multiparty signing protocols. We improve the symbolic definition of ZKCP security and, for automated verification with Tamarin, we propose a general security reduction from the theory of abelian groups to the theory of exclusive or.
Metadata
- Available format(s)
-
PDF
- Category
- Cryptographic protocols
- Publication info
- Published elsewhere. Computer Security Foundations Symposium (CSF 2022)
- Keywords
- blockchain fair-exchange formal verification
- Contact author(s)
-
sergiu bursuc @ uni lu
sjouke mauw @ uni lu - History
- 2022-08-21: last of 3 revisions
- 2022-06-06: received
- See all versions
- Short URL
- https://ia.cr/2022/719
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2022/719,
author = {Sergiu Bursuc and Sjouke Mauw},
title = {Contingent payments from two-party signing and verification for abelian groups},
howpublished = {Cryptology {ePrint} Archive, Paper 2022/719},
year = {2022},
url = {https://eprint.iacr.org/2022/719}
}
