[Cryptography] Proposal of a fair contract signing protocol

Donald Eastlake d3e3e3 at gmail.com
Fri Jun 24 22:28:02 EDT 2016

On Fri, Jun 24, 2016 at 6:56 PM, mok-kong shen <mok-kong.shen at t-online.de>

> Am 25.06.2016 um 00:39 schrieb Allen:
>> On Sun, Jun 19, 2016 at 12:51 PM, mok-kong shen
>> <mok-kong.shen at t-online.de <mailto:mok-kong.shen at t-online.de>> wrote:
>>     Step 1: Alice formulates a contract document C, generates with visual
>>     cryptography a pair (X, Y), sends a message containing signed(Alice,X)
>>     and Y to Bob and asks him to accept C before a certain day T in the
>>     future and promises to complete the contract formality within a
>> certain
>>     time period TP in case Bob commits to C in step 2.
>>     Step 2: Bob obtains C from (X, Y). If he can't accept C, he informs
>>     Alice and the protocol begins again at step 1. Otherwise he sends a
>>     message containing signed(Bob,X) and signed(Bob,Y) to Alice and asks
>>     her to release C. (If Bob does nothing before T is reached, the
>>     protocol begins again at step 1.)
>>     Step 3: Alice examines whether Bob has signed the correct stuff, i.e.
>>     whether he hadn't e.g. by mistake sent signed(Bob,Z) in place of
>>     signed(Bob,X) with Z != X. If Bob had signed the wrong stuff, she
>>     informs Bob and the protocol begins again at step 1. Otherwise she
>>     releases C, signed(Alice,X), signed(Alice,Y), signed(Bob,X) and
>>     signed(Bob,Y) to the public. (Alice is responsible to complete step 3
>>     within TP.)
So Bob signs and returns believing/saying he has done so within T but Alice
believes/says that he sent it late and she isn't bound. Could be due to a
slow channel or Alice is lying or Bob is lying or speed of light delay or...

You just can't do it without third party. In this case, looks like a
trusted time stamping service would do.

(This seems very reminiscent of the impossibility of physically realizing a
bounded synchronizer or arbiter.)

 Donald E. Eastlake 3rd   +1-508-333-2270 (cell)
 155 Beaver Street, Milford, MA 01757 USA
 d3e3e3 at gmail.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20160624/ebc2c351/attachment.html>

More information about the cryptography mailing list