[Cryptography] Proposal of a fair contract signing protocol
Donald Eastlake
d3e3e3 at gmail.com
Fri Jun 24 22:28:02 EDT 2016
On Fri, Jun 24, 2016 at 6:56 PM, mok-kong shen <mok-kong.shen at t-online.de>
wrote:
> Am 25.06.2016 um 00:39 schrieb Allen:
>
>> On Sun, Jun 19, 2016 at 12:51 PM, mok-kong shen
>> <mok-kong.shen at t-online.de <mailto:mok-kong.shen at t-online.de>> wrote:
>>
>> Step 1: Alice formulates a contract document C, generates with visual
>> cryptography a pair (X, Y), sends a message containing signed(Alice,X)
>> and Y to Bob and asks him to accept C before a certain day T in the
>> future and promises to complete the contract formality within a
>> certain
>> time period TP in case Bob commits to C in step 2.
>>
>> Step 2: Bob obtains C from (X, Y). If he can't accept C, he informs
>> Alice and the protocol begins again at step 1. Otherwise he sends a
>> message containing signed(Bob,X) and signed(Bob,Y) to Alice and asks
>> her to release C. (If Bob does nothing before T is reached, the
>> protocol begins again at step 1.)
>>
>> Step 3: Alice examines whether Bob has signed the correct stuff, i.e.
>> whether he hadn't e.g. by mistake sent signed(Bob,Z) in place of
>> signed(Bob,X) with Z != X. If Bob had signed the wrong stuff, she
>> informs Bob and the protocol begins again at step 1. Otherwise she
>> releases C, signed(Alice,X), signed(Alice,Y), signed(Bob,X) and
>> signed(Bob,Y) to the public. (Alice is responsible to complete step 3
>> within TP.)
>
>
So Bob signs and returns believing/saying he has done so within T but Alice
believes/says that he sent it late and she isn't bound. Could be due to a
slow channel or Alice is lying or Bob is lying or speed of light delay or...
You just can't do it without third party. In this case, looks like a
trusted time stamping service would do.
(This seems very reminiscent of the impossibility of physically realizing a
bounded synchronizer or arbiter.)
Thanks,
Donald
===============================
Donald E. Eastlake 3rd +1-508-333-2270 (cell)
155 Beaver Street, Milford, MA 01757 USA
d3e3e3 at gmail.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20160624/ebc2c351/attachment.html>
More information about the cryptography
mailing list