Fair exchange protocol aims to allow two parties to exchange digital items in a fair manner. It is well-known that fairness can only be achieved with the help of a trusted third party, usually referred to as arbitrator. A fair exchange protocol is optimistic if the arbitrator is not involved in the normal execution of the fair exchange process. That is, its presence is necessary only when one of the exchanging parties is dishonest. Traditionally, the items being exchanged are digital signatures. In this paper, we consider the items to be threshold signatures. Specifically, the signatures are created by a subset of legitimate signers instead of a single signer. We define a security model for this new notion, and provide an concrete instantiation. Our instantiation can be proven secure in the random oracle model. Our definition covers the case when the item being exchanged is a secret key of an identity-based encryption where the master secret key is split amongst a set of authorities.
|Name||Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)|
|Conference||7th International Conference on Network and System Security, NSS 2013|
|Period||3/06/13 → 4/06/13|
- Theoretical Computer Science
- Computer Science(all)