Privacy-preserving FairSwap: Fairness and privacy interplay
Fair exchange protocols are among the most important cryptographic primitives in electronic commerce. A basic fair exchange protocol requires that two parties who want to exchange their digital items either receive what they have been promised, or lose nothing. Privacy of fair exchange requires that...
Guardado en:
| Autores principales: | , , |
|---|---|
| Formato: | article |
| Lenguaje: | EN |
| Publicado: |
Sciendo
2022
|
| Materias: | |
| Acceso en línea: | https://doaj.org/article/d27e3eaee91a407a8ac7ed75c532f18a |
| Etiquetas: |
Agregar Etiqueta
Sin Etiquetas, Sea el primero en etiquetar este registro!
|
| Sumario: | Fair exchange protocols are among the most important cryptographic primitives in electronic commerce. A basic fair exchange protocol requires that two parties who want to exchange their digital items either receive what they have been promised, or lose nothing. Privacy of fair exchange requires that no one else (other than the two parties) learns anything about the items. Fairness and privacy have been considered as two distinct properties of an exchange protocol. In this paper, we show that subtle ways of leaking the exchange item to the third parties affect fairness in fair exchange protocols when the item is confidential. Our focus is on Fair-Swap, a recently proposed fair exchange protocol that uses a smart contract for dispute resolution, has proven security in UC (Universal Composability) framework, and provides privacy when both parties are honest. We demonstrate, however, that FairSwap’s dispute resolution protocol leaks information to the public and this leakage provides opportunities for the dishonest parties to influence the protocol’s fairness guarantee. We then propose an efficient privacy-enhanced version of Fair-Swap, prove its security and give an implementation and performance evaluation of our proposed system. Our privacy enhancement uses circuit randomization, and we prove its security and privacy in an extension of universal composability model for non-monolithic adversaries that would be of independent interest. |
|---|