A Formal Model for Analyzing Fair Exchange Protocols Based on Event Logic

Fair exchange protocols play a critical role in enabling two distrustful entities to conduct electronic data exchanges in a fair and secure manner.These protocols are widely used in electronic payment systems and electronic contract signing,ensuring the reliability and security of network transactions.In order to address the limitations of current research methods and enhance the analytical capabilities for fair exchange protocols,this paper proposes a formal model for analyzing such protocols.The proposed model begins with a thorough analysis of fair exchange protocols,followed by the formal definition of fairness.This definition accurately captures the inherent requirements of fair exchange protocols.Building upon event logic,the model incorporates the time factor into predicates and introduces knowledge set axioms.This enhancement empowers the improved logic to effectively describe the state and knowledge of protocol participants at different time points,facilitating reasoning about their acquired knowledge.To maximize the intruder’s capabilities,channel errors are translated into the behaviors of the intruder.The participants are further categorized into honest participants and malicious participants,enabling a comprehensive evaluation of the intruder’s potential impact.By employing a typical fair exchange protocol as an illustrative example,this paper demonstrates the detailed steps of utilizing the proposed model for protocol analysis.The entire process of protocol execution under attack scenarios is presented,shedding light on the underlying reasons for the attacks and proposing corresponding countermeasures.The developedmodel enhances the ability to reason about and evaluate the security properties of fair exchange protocols,thereby contributing to the advancement of secure network transactions.

MULTI-ITEM FAIR EXCHANGE SCHEME

As more business is conduced over the Internet, the fair exchange problem assumes increasing importance. However, the problem of multi-party fair exchange has not been studied as widely as the more fundamental problem of 2-party fair exchange. Recently, Franklin arid Tsudik proposed two protocols for n-party multi-item exchange on FC'98, SUCEX-1 and SUCES-2. This paper first gives an attack on the proposed protocol SUCEX-1, then presents two protocols for multi-item exchange, one is an improved protocol of SUCEX-1, another is the extension of protocol SUCEX-2.

An Identity-Based Scheme of Fair Exchange of Digital Signatures

Fair exchange of digital signatures is an important tool for signing digital contracts, e-payment and other electronic commerce actions. An ID-based scheme of fair exchange of digital signature is proposed in this paper. The protocol relies on a trusted third party, but is ＂optimistic＂, in that the third party is only needed in cases where one player attempts to cheat or simply crashes. The proposed scheme has properties of short signature, low computation and verification cost. It can realize exchange of digital signatures fairly and effic, iently. A key feature of our scheme is that it is identity-based, which needs no certificates and has a simple key management. To our best knowledge, this is the first identity based scheme of fair exchange of digital signatures.

Is It Fair to Award Additional Examination Points in Exchange for Donating Blood?

A policy adopted in Pujiang County, east China＇s Zhejiang Province, has triggered an online debate as it says students can get additional scores in the high school entrance examination if their parents donate blood to the local blood bank. According to the controversial regulation, students can receive additiona one to three scores if their parents donate 4,000-8,000 milliliters of blood.

Blockchain-Based Secure and Fair IoT Data Trading System with Bilateral Authorization

These days,data is regarded as a valuable asset in the era of the data economy,which demands a trading platform for buying and selling data.However,online data trading poses challenges in terms of security and fairness because the seller and the buyer may not fully trust each other.Therefore,in this paper,a blockchain-based secure and fair data trading system is proposed by taking advantage of the smart contract and matchmaking encryption.The proposed system enables bilateral authorization,where data trading between a seller and a buyer is accomplished only if their policies,required by each other,are satisfied simultaneously.This can be achieved by exploiting the security features of the matchmaking encryption.To guarantee non-repudiation and fairness between trading parties,the proposed system leverages a smart contract to ensure that the parties honestly carry out the data trading protocol.However,the smart contract in the proposed system does not include complex cryptographic operations for the efficiency of onchain processes.Instead,these operations are carried out by off-chain parties and their results are used as input for the on-chain procedure.The system also uses an arbitration protocol to resolve disputes based on the trading proof recorded on the blockchain.The performance of the protocol is evaluated in terms of off-chain computation overhead and on-chain gas consumption.The results of the experiments demonstrate that the proposed protocols can enable the implementation of a cost-effective data trading system.

A Protocol for Fair Electronic Purchase Based on Concurrent Signatures

E-commerce protocols for the electronic purchase of goods are difficult to design and implement due to their complexity and high security demands. Fairness of such protocols in literature highly depends on an additional TTP（trusted third party）. However, it is difficult to find such a TTP in some situations. In addition, fairness for customers has been neither fully considered nor well satisfied in existing electronic purchasing protocols. In this paper, a new protocol FEP （fair electronic purchase） without a special TTP but an online bank is presented based on a concurrent digital signature scheme. The FEP protocol guarantees fair electronic purchase of goods via electronic payment between consumers, merchants and their online banks. The protocol is practical and the analysis based on the game logics shows that it achieves the properties of viability, fairness, and timeliness.

Key substitution attacks on some verifiably encrypted signature schemes

As a special kind of digital signature, verifiably encrypted signatures are used as a building block to construct optimistic fair exchange. Many verifiably encrypted signature schemes have been proposed so far and most of them were proven secure under certain complexity assumptions. In this paper, however, we find that although some schemes are secure in a single-user setting, they are not secure in a multi-user setting any more. We show that Zhang, et al. ＇ s scheme, Gorantla, et al. ＇ s scheme and Ming, et al. ＇ s scheme are vulnerable to key substitution attacks, where an adversary can generate new keys satisfying legitimate verifiably encrypted signatures created by the legitimate users. We also show that this kind of attacks can breach the fairness when they are used in fair exchange in a multi-user setting.

EAR Protocol-Towards Fair Optimistic Non-Repudiation Exchange

Fairness is of crucial importance for the exchange protocols via Internet . Non-repudiation therefore becomes one of the vital premises, which are essential in the exchange of sensitive and important messages. This paper is to propose a new exchange protocol, termed ＂EAR＂ Exchange Protocol as it consists of three sub-protocols ： Exchange sub-protocol, Abort sub-protocol and Recovery sub-protocol. It is to be argued that the incorporation of these three sub-protocols may effectively enables EAR to assure non-repudiation, strong fairness, timeliness, confidentiality and the minimized involvement of the Trusted Third Party （TTP）.

Formal analysis and design of multi-party fair exchange protocols

Based on the origin of message items and channel combination between transacting parties, and events and relations among events, this paper presents a concise, precise, and hierarchical model for general fair exchange protocols, formally specifies various security requirements which are able to reflect inherent requirements for fair exchange protocols more rigorously, and partition these security requirements with fine granularity. This work helps analyze, debug, and design multi-party fair exchange protocols more effectively and elaborately,

Design and formal verification of a CEM protoco with transparent TTP

In certified email （CEM） protocols, trusted third party （TTP） transparency is an important security require- ment which helps to avoid bad publicity as well as protecting individual users＇ privacy. Cederquist et al. proposed an opti- mistic certified email protocol, which employs key chains to reduce the storage requirement of the TTE We extend their protocol to satisfy the property of TTP transparency, using existing verifiably encrypted signature schemes. An imple- mentation with the scheme based on bilinear pairing makes our extension one of the most efficient CEM protocols satis- fying strong fairness, timeliness, and TTP transparency. We formally verify the security requirements of the extended pro- tocol. The properties of fairness, timeliness and effectiveness are checked in the model checker Mocha, and TTP trans- parency is formalised and analysed using the toolsets/~CRL and CADE

A privacy-preserving statistics marketplace using local differential privacy and blockchain: An application to smart-grid measurements sharing

Service providers usually require detailed statistics in order to improve their services.On the other hand,privacy concerns are intensifying and sensitive data is protected by legislation,such as GDPR(General Data Protection Regulation).In this paper,we present the design,implementation,and evaluation of a marketplace that allows“data consumers”to buy information from“data providers”,which can then be used for generating meaningful statistics.Additionally,our system enables“system operators”that can select which data providers are allowed to provide data,based on filtering criteria specified by the data consumer.We leverage local differential privacy to protect the data provider's privacy against data consumers,as well as against system operators,and we build a blockchain-based solution for ensuring fair exchange,and immutable data logs.Our design targets use cases that involve hundreds or even thousands of data providers.We prove the feasibility of our approach through a proof-of concept implementation of a measurement sharing application for smart-grid systems.

Generalization of perfect concurrent signatures

Recently, Susilo et al.＇s perfect concurrent signature scheme （PCS1） and Wang et al.＇s improved perfect concurrent signature scheme （iPCS1） are proposed, which are considered as good improvements on concurrent signatures, and they adopt the same algorithms. In this paper, we develop generic perfect concurrent signature algorithms of which Susilo et al. and Wang et al.＇s algorithms turn out to be a special instance. We also obtain numerous new, efficient variants from the generic algorithms which have not been proposed before. To display the advantage of these variants, a modified privacy-preserving PCS protocol is given. It shows that the new variants adapt to the protocol well and can form concrete privacy-preserving PCS schemes, while the original algorithms do not. Security proofs and efficiency analysis are also given.