Coin-Based Multi-Party Fair Exchange

Multi-party fair exchange (MFE) considers scenarios where fairness means that either all exchanges as agreed upon between multiple parties take place, or no item changes hands. The two-party case was widely studied starting with the seminal work of Asokan et al. in ACM CCS 1998. The state-of-the-art MFE protocol was shown by Kilinc, and Kupcu in CT-RSA 2015. Unfortunately, it only works on items that can be efficiently verifiably encrypted, which, in particular, means that it cannot efficiently handle exchange of large files in a peer-to-peer file sharing scenario. In this work, first, we extend the optimistic two-party fair computation definition of Cachin and Camenisch in CRYPTO 2000 for the MFE setting, and prove the security of our protocol with ideal-real simulation. Secondly, we extend the CT-RSA 2015 solution of Kilinc, and Kupcu in a way that our protocol enables parties to exchange any item, be it a large file. While doing so, we employ electronic payments, where if a party does not obtain the desired item at the end of the protocol, the payment of the item's owner will be obtained instead. Third, we achieve asymptotic optimality with O(1) rounds and O(n(2)) messages, where n is the number of participating parties. Finally, we also provide experimental results from our prototype code.