[Cryptography] Proposal of a fair contract signing protocol

mok-kong shen mok-kong.shen at t-online.de
Sun Jun 26 17:49:46 EDT 2016

Am 25.06.2016 um 23:32 schrieb Dennis E. Hamilton:
>> -----Original Message-----
>> From: cryptography [mailto:cryptography-
>> bounces+dennis.hamilton=acm.org at metzdowd.com] On Behalf Of mok-kong shen
>> Sent: Friday, June 24, 2016 23:23
>> To: cryptography at metzdowd.com
>> Subject: Re: [Cryptography] Proposal of a fair contract signing protocol
> [ ... ]
>> Sorry that I don't yet fully understand your point. Let me sketch
>> my scheme in a way that IMHO would be easier for you to exactly
>> pinpoint in order to provide your corresponding critiques, if any:
>> In step 1 Alice proposes a contract C (in terms of X and Y of visual
>> cryptography) but she signs "only" X which (alone) has no significance
>> in the sense of a commitment. (Note that X could be combined with a
>> different Y' to result in a C' that is different from C.) She promises
>> that "if" in future Bob fully commits in step 2 via signing X and Y
>> "then" she would (and is responsible to) sign Y in step 3, thus
>> completing the formality of the proposed contract C.
> [orcmid]
> Wait, there is a promise by Alice conditional on Bob signing X and Y
> And, of course, successfully returning that to her?   That is a weak
> sense of "promise."  How is that witnessed or enforced?
> What there really seems to be is the next step: She signs Y in step 3.
> That is the only demonstration that she has concluded the contract is
> in force as the result of receiving Bob's agreement.
> Now the question is, who does she communicate having done that to --
> how is it witnessed or verifiable -- and until she has, and it is not
> repudiatable (by anyone), how did this Protocol become "fair?"
> There have been enough descriptions of how contracts work in reality
> under common law and also under conditions where there is something
> significant at risk.  Where the temptation of fraud is quite
> high, brokers and escrow companies and other arrangements come into
> the picture.  Simply notaries are sufficient in some cases.  Attempting
> to do this in a digital, distributed arrangement is where the whole
> business of non-repudiatable/-falsifiable time-stamping crops up.
> It almost doesn't matter what the C = X || Y piecewise multi-stage
> protocol is until the context and the above questions are addressed.
> A different definition of fairness is simply a misdirection against
> the general concern of how to verify that a contract has been
> entered into and that the agreement is neither refutable nor
> falsifiable.

Are you questioning the validity of digital signature? This is
however orthogonal to the present issue. In Germany, for example,
a digital signature can have a value equivalent to a hand-written
signature, if certain specifications stated in the law are satisfied.

M. K. Shen

More information about the cryptography mailing list