Fair multi-party contract signing using private contract signatures
Information and Computation
Improved multi-party contract signing
FC'07/USEC'07 Proceedings of the 11th International Conference on Financial cryptography and 1st International conference on Usable Security
Hi-index | 0.00 |
A multi-party contract signing protocol allows a set of participants to exchange messages with each other with a view to arriving in a state in which each of them has a preagreed contract text signed by all the others. Such a protocol was introduced by Garay and MacKenzie in 1999; it consists of a main protocol and a sub-protocol involving a trusted party. Their protocol was shown to have a flaw by Chadha, Kremer and Scedrov in CSFW 2004. Those authors also presented a fix -a revised sub-protocol for the trusted party. In our work, we show an attack on the revised protocol for any number n gt 4 of signers. Furthermore, we generalise our attack to show that the message exchange structure of Garay and MacKenzie's main protocol is flawed: whatever the trusted party does will result in unfairness for some signer. This means that it is impossible to define a trusted party protocol for Garay and MacKenzie's main protocol; we call this "resolve-impossibility".