ArticlePDF Available

Relations among public key signature schemes

Authors:
S. Even
S. Even
S. Even
  • This person is not on ResearchGate, or hasn't claimed this research yet.
Yacov Yacobi
Yacov Yacobi
Download full-text PDF
Read full-text
Download citation
Content uploaded by Yacov Yacobi
Author content
All content in this area was uploaded by Yacov Yacobi on Apr 14, 2014
Content may be subject to copyright.
Technion - Computer Science Department - Tehnical Report CS0175 - 1980
Technion - Computer Science Department - Tehnical Report CS0175 - 1980
Technion - Computer Science Department - Tehnical Report CS0175 - 1980
Technion - Computer Science Department - Tehnical Report CS0175 - 1980
Technion - Computer Science Department - Tehnical Report CS0175 - 1980
Technion - Computer Science Department - Tehnical Report CS0175 - 1980
Technion - Computer Science Department - Tehnical Report CS0175 - 1980
Technion - Computer Science Department - Tehnical Report CS0175 - 1980
Technion - Computer Science Department - Tehnical Report CS0175 - 1980
Technion - Computer Science Department - Tehnical Report CS0175 - 1980
Technion - Computer Science Department - Tehnical Report CS0175 - 1980
Technion - Computer Science Department - Tehnical Report CS0175 - 1980
... However, it is not as simple when the same exchange has to be done over a network. As a matter of fact, [11] proved that achieving fairness in a deterministic two-party signing protocol is impossible because information exchange over the computer network is nonsimultaneous. ...
... According to [1], any electronic health record generating system should keep eight criteria out of which non-repudiation is one. Though a significant amount of work has been done on maintaining non-repudiation, i.e., fair-exchange policy for electronic exchange in some areas like contract-signing protocols [5,8,11], certified email systems [16,18,32], and e-payment schemes in electronic commerce [6,13,24,25], the PHR exchanges have not received sufficient attention. Electronically exchanging personal health records while maintaining fair-exchange policy is trickier and cannot be achieved with the existing schemes of contract-signing protocols, certified email systems, or e-payment schemes in electronic commerce. ...
A P2P Optimistic Fair-Exchange (OFE) Scheme for Personal Health Records Using Blockchain Technology
Chapter
Full-text available
  • Jun 2020
In today’s digital world, it is common to exchange sensitive data between different parties. There are many examples of sensitive data or documents that require a digital exchange, such as banking information, insurance data, health records. In many cases, the exchange exists between unknown and untrusted parties. Therefore, it is essential to execute the data exchange over a fair non-repudiation protocol. In this paper, we propose a P2P fair non-repudiation data exchange scheme by leveraging Blockchain and distributed ledger technology. The proposed scheme combines on-chain and off-chain communication patterns to enable the exchange of personal health records between patients and health care providers. We provide an informal security analysis for the proposed scheme. Moreover, we propose a design and implementation agnostic to existing Blockchain platforms to enable unbiased evaluation of the proposed scheme.
View
... In 2004, Nenadic et al firstly introduced the conception of contract signing to solve the problem of exchanging signatures on the contract [1], which allows two or more parties exchange commitments on a contract in such a way that either no party is bound to the contract, or everyone does. However, Even and Yacobi have shown that fairness is not possible in a deterministic two-party contract signing protocol [2]. Accordingly, early contract signing protocols are mainly computational fairness, i.e., each party exchanges respective commitment in a way of "bit-by-bit", and there is no third party to be involved [3][4][5]. ...
Practical quantum contract signing without quantum storage
Article
Full-text available
  • Feb 2022
  • QUANTUM INF PROCESS
In many occasions, it is inevitable to sign a contract, which can be easily realized in a face-to-face way. However, how to sign a contract in asynchronous network while guaranteeing each party’s fairness is a difficult problem. In this work, we present a practical quantum contract signing protocol, which keeps the previous work’s advantages such as fairness, low communication complexity and independence with the current signing technology. Furthermore, it is based on single particles but not entangled states. More importantly, it removes the requirement of long-time quantum storage which is difficult to be realized with current technology. Therefore, this protocol is more easily to be realized in practice.
View
... A primary goal in this area of literature is to ensure that the parties received fully signed copies of the contract atomically, i.e., neither party has a fully signed copy until it is guaranteed that the other will also obtain a copy. Some general impossibility theorems in distributed computing imply that it is often not possible to achieve this goal without use of a trusted third party [EY80], but protocols may attempt to minimize the use of this third party in various ways, e.g., using them as a fallback in case one party attempts to cheat the other [ASW00]. ...
Signature in Counterparts, a Formal Treatment
Preprint
  • Feb 2020
"Signature in counterparts" is a legal process that permits a contract between two or more parties to be brought into force by having the parties independently (possibly, remotely) sign different copies of the contract, rather than placing their signatures on a common copy at a physical meeting. The paper develops a logical understanding of this process, developing a number of axioms that can be used to justify the validity of a contract from the assumption that separate copies have been signed. It is argued that a satisfactory account benefits from a logic with syntactic self-reference. The axioms used are supported by a formal semantics, and a number of further properties of this semantics are investigated. In particular, it is shown that the semantics implies that when a contract is valid, the parties do not just agree, but are in mutual agreement (a common-knowledge-like notion) about the validity of the contract.
View
... In order to deal with the problem of exchanging digital signatures on the contract, the conception of contract signing protocols was introduced [1], in which two or more parties exchange commitments to a contract in such a way that either all the parties are bound to the contract, or none does. Nevertheless, fairness is impossible in a deterministic two-party contract signing protocol, which has been shown by Even and Yacobi [2]. Consequently, early protocols for contract signing are mainly computational fairness: both parties exchange their commitments "bit-by-bit", and no third party is involved [3][4][5]. ...
Fair and Optimistic Contract Signing Based on Quantum Cryptography
Article
Full-text available
  • Nov 2019
  • INT J THEOR PHYS
Contract signing is an important cryptographic primitive and has many applications in e-commerce. Over last few years, quantum contract signing has attracted much attention because its security is based on the fundamental principles of quantum mechanics. In this paper, a new fair and optimistic contract signing protocol based on quantum cryptography is proposed. Compared with the prior work, this protocol no longer needs to sign the exchanged messages containing the contract, the identifier number of qubits’ sequence and so on, and therefore it does not depend on the current signing technology any longer. Furthermore, the communication complexity is reduced due to removing the exchange of the signatures between two clients.
View
... Deployed electronic systems do not provide such proofs (e.g., [2]). Furthermore, without a trusted third party, no protocol will guarantee fairness of this exchange [33,36]. Although multi-party computation and Zero Knowledge (ZK) protocols could be used to achieve some of the required properties, they would all be limited by the interface of the service (e.g., e-voting) to which the identity owner presents its credentials. ...
TEEvil: Identity Lease via Trusted Execution Environments
Preprint
  • Mar 2019
We investigate identity lease, a new type of service in which users lease their identities to third parties by providing them with full or restricted access to their online accounts or credentials. We discuss how identity lease could be abused to subvert the digital society, facilitating the spread of fake news and subverting electronic voting by enabling the sale of votes. We show that the emergence of Trusted Execution Environments and anonymous cryptocurrencies, for the first time, allows the implementation of such a lease service while guaranteeing fairness, plausible deniability and anonymity, therefore shielding its users and renters from prosecution. To show that such a service can be practically implemented, we build an example system that we call TEEvil leveraging Intel SGX and ZCash. Finally, we discuss defense mechanisms and challenges in the mitigation of identity lease services.
View
... Even in two-party fair exchange scenarios, preventing unfairness completely and efficiently without a trusted third party (TTP) is shown to be impossible [21,41]. The main reason is that one of the parties will be sending the last message of the protocol, regardless of how the protocol looks like, and may choose not to send that message, potentially causing unfairness. ...
Optimally Efficient Multi-Party Fair Exchange and Fair Secure Multi-Party Computation
Conference Paper
Full-text available
  • Apr 2015
Multi-party fair exchange (MFE) and fair secure multi-party computation (fair SMPC) are under-studied fields of research, with practical importance. We examine MFE scenarios where every participant has some item, and at the end of the protocol, either every participant receives every other participant’s item, or no participant receives anything. This is a particularly hard scenario, even though it is directly applicable to protocols such as fair SMPC or multi-party contract signing. We further generalize our protocol to work for any exchange topology. We analyze the case where a trusted third party (TTP) is optimistically available, although we emphasize that the trust put on the TTP is only regarding the fairness, and our protocols preserve the privacy of the exchanged items even against a malicious TTP. We construct an asymptotically optimal (for the complete topology) multi-party fair exchange protocol that requires a constant number of rounds, in comparison to linear, and \( O(n^2) \) messages, in comparison to cubic, where \( n \) is the number of participating parties. We enable the parties to efficiently exchange any item that can be efficiently put into a verifiable escrow (e.g., signatures on a contract). We show how to apply this protocol on top of any SMPC protocol to achieve a fairness guarantee with very little overhead, especially if the SMPC protocol works with arithmetic circuits. Our protocol guarantees fairness in its strongest sense: even if all \(n-1\) other participants are malicious and colluding, fairness will hold.
View
A Formal Treatment of Contract Signature
Article
  • Aug 2021
The article develops a logical understanding of processes for signature of legal contracts, motivated by applications to legal recognition of smart contracts on blockchain platforms. A number of axioms and rules of inference are developed that can be used to justify a “meeting of the minds” precondition for contract formation from the fact that certain content has been signed. In addition to an “offer and acceptance” process, the article considers “signature in counterparts”, a legal process that permits a contract between two or more parties to be brought into force by having the parties independently (possibly, remotely) sign different copies of the contract, rather than placing their signatures on a common copy at a physical meeting. It is argued that a satisfactory account of signature in counterparts benefits from a logic with syntactic self-reference. The axioms used are supported by a formal semantics, and a number of further properties of the logic are investigated. In particular, it is shown that the logic implies that when a contract has been signed, the parties do not just agree, but are in mutual agreement (a common-knowledge-like notion) about the terms of the contract.
View
View
High-value B2B interactions, non-repudiation and Web services
Chapter
  • Jan 2007
This chapter provides an overview of the problem of making high-value business-to-business (B2B) interactions non-repudiable, where non-repudiation is the property that no party to an interaction can subsequently deny their involvement in the interaction. Existing approaches are discussed in the context of fundamental work on fairness and non-repudiation. The existing work suffers from a lack of flexibility both in terms of the mechanisms that can be deployed to achieve non-repudiation and of the interactions to which non-repudiation can be applied. The authors contend that it is necessary to be able to render arbitrary Web service interactions non-repudiable and to optionally invoke application-level validation of business messages at run-time. The chapter presents the design and implementation of a novel Web services-based middleware that addresses these requirements. The middleware leverages existing Web service standards. It is sufficiently flexible to adapt to different regulatory regimes and to provide security guarantees that are appropriate to different business contexts.
View
Fair Two-Party Computations via Bitcoin Deposits
Conference Paper
  • Mar 2014
We show how the Bitcoin currency system (with a small modification) can be used to obtain fairness in any two-party secure computation protocol in the following sense: if one party aborts the protocol after learning the output then the other party gets a financial compensation (in bitcoins). One possible application of such protocols is the fair contract signing: each party is forced to complete the protocol, or to pay to the other one a fine. We also show how to link the output of this protocol to the Bitcoin currency. More precisely: we show a method to design secure two-party protocols for functionalities that result in a “forced” financial transfer from one party to the other. Our protocols build upon the ideas of our recent paper “Secure Multiparty Computations on Bitcoin” (Cryptology ePrint Archive, Report 2013/784). Compared to that paper, our results are more general, since our protocols allow to compute any function, while in the previous paper we concentrated only on some specific tasks (commitment schemes and lotteries). On the other hand, as opposed to “Secure Multiparty Computations on Bitcoin”, to obtain security we need to modify the Bitcoin specification so that the transactions are “non-malleable” (we discuss this concept in more detail in the paper).
View
ResearchGate has not been able to resolve any references for this publication.