Blockchain-based two-party fair contract signing scheme

doi:10.1016/j.ins.2020.05.054

Information Sciences

Volume 535, October 2020, Pages 142-155

https://doi.org/10.1016/j.ins.2020.05.054 Get rights and content

Highlights

•
We design the fair contract signing scheme based on the modified VES scheme.
•
We leverage the Ethereum smart contract technology to ensure fairness.
•
The theoretical analysis and experimental results show that our scheme is secure and feasible.

Abstract

A fair contract signing scheme ensures that contract signing participants can fairly exchange the digital signatures of the contract, which has a wide range of applications on the Internet. Verifiable Encrypted Signature (VES) can be used as a fair exchange mechanism for digital signatures, in which it requires a centralized Trusted Third Party (TTP) as an adjudicator. However, there are many security challenges with the centralized TTP. For example, it may disclose the contents of the contract, collude with others, or even occurs a service interruption. To address those problems, in this paper, we propose a two-party fair contract signing scheme based on Ethereum smart contract, which allows participants to fairly perform the contract signing procedures on the blockchain. Specifically, we propose a modified VES scheme in which no centralized adjudicator is needed. Then we design the fair contract signing scheme based on the modified VES scheme. We leverage the Ethereum smart contract technology to ensure fairness, which has the characteristics of decentralization, verifiability, autonomy, efficiency, and tampering resistant. The theoretical analysis and experimental results show that our scheme is secure and feasible.

Introduction

Nowadays, the Internet is developing rapidly, signing an electronic contract online has become a common commercial activity. One crucial security requirement of signing contract online is that the contract signing participants can exchange their digital signatures fairly [17]. The fairness means that both participants could get a valid signature of the other party or neither of them can get it. However, the process of contract signing is asynchronous, which inevitably brings a certain degree of unfairness [31]. That is, after one participant received the signature of the other participant, he/she may not submit their signatures to the other party intentionally or refuse to admit that he/she has received the signature. The unfairness will hurt the rights of participants and impede the healthy development of the online commercial activities, such as payment services for secure outsourcing mechanism [24], [35], [34]. Hence, a fair contract signing scheme is very essential to guarantee fairness in the electronic contract signing process.

The VES [4] is a cryptographic algorithm that can be used to achieve fair exchange of digital signatures. The VES enables the verifier to check the validity of an encrypted signature for a particular message. However, the VES often requires a centralized TTP as an adjudicator to ensure the fairness of signatures exchange, which causes some security problems [26]. First, most third parties are highly centralized. They can obtain some sensitive information on the contract, including the details of the contract, the digital signatures of the contract, etc. More worse, they might disclose these confidential data for financial incentives. Second, the third party might be dishonest and collude with one participant, which would cause financial losses for the other participant. Third, the third party service can be terminated due to software and hardware fails, which would cause serious losses for both contract signing participants. These problems will become bottlenecks of fair signatures exchange. How to fairly exchange signatures without a third party is a critical and unsolved problem.

In recent years, the development of blockchain technology provides the possibility to solve the above problem. Intuitively, blockchain can be seen as a decentralized TTP, which can eliminate the security problems of a centralized TTP. The smart contract technology based on Ethereum [8] has aroused widespread attention from researchers. Ethereum is a global decentralized TTP, the dynamic joining of nodes can ensure that single-node failure has little effect on the whole network. Meanwhile, Ethereum-based smart contract technology has the characteristics of public verifiability, autonomy, high efficiency, and tampering resistant, which can be used to achieve decentralized fairness. Therefore, designing a fair mechanism based on the Ethereum smart contract technology can effectively ensure the fairness of signatures exchange in the process of signing an electronic contract.

In this paper, we propose a modified VES scheme in which no centralized TTP is required. Based on this VES scheme, we propose a two-party fair contract signing scheme which satisfies the following properties:

(1) Fairness: Our scheme can guarantee that either both contract signing participants will get the ordinary signature of the other party or both of them will not get the ordinary signature of the other party. The fairness is mainly based on the over-time penalty mechanism and the credit mechanism which are implemented based on the Ethereum smart contract.
(2) Privacy: In our proposed scheme, sensitive information in the contract will be kept so secret that it does not expose to blockchain nodes. Thus important contract content is only known to both contract signing participants. Besides, our scheme will ensure that only contract signing participants can extract the ordinary digital signature of the other party.
(3) Security: Our scheme is secure against existential forgery and extraction. Moreover, Ethereum blockchain can resist single-node failures. That will not terminate the signature service due to partial node failures. Therefore, our scheme has high security and reliability.

The remainder of this paper are organized as follows. Section 2 briefly introduces some preliminary knowledge; Section 3 describes the system model of our scheme and illustrates our proposed scheme in detail; We analyze the correctness and security of our scheme in Section 4; Then, we introduce the system implementation and performance evaluation in Section 5 and Section 6 respectively; We review related work in Section 7; Finally, Section 8 concludes this paper.

Section snippets

Preliminaries

In this section, we briefly introduce the background knowledge, including the blockchain technology, the Ethereum smart contract, and the related cryptography knowledge.

Proposed scheme

In this section, we first give system model of our proposed scheme. Then we describe framework and introduce our design rationale about our scheme. Finally we describe our scheme in detail.

Correctness and security analysis

In this section, we analyze the correctness and security of our scheme. Then, we also discuss the security of the proposed scheme from the perspective of blockchain technology security.

System implementation

In this section, we first describe our simulated development environment of smart contracts. We then introduce some key functions in the smart contracts.

We develop the smart contracts with the Remix IDE running in Google Chrome. Remix [2] is an integrated development environment for solidity that integrates a debugger and test environment. It can deploy and test smart contracts in a web browser and no server component is required. Remix provides five test accounts with 100 Ether, we use account

Performance evaluation

In this section, we first show off-blockchain experiments of our VES scheme and subsequently evaluate the performance of our scheme by analysing the cost of gas when our scheme is executed by smart contract on the Ethereum blockchain.

We first present off-blockchain experiments as performance evaluation of the VES algorithm in our scheme. We built the testbed for the VES shceme on Ubuntu 16.04 system; The machine is with an ${Inter}^{R}$ ${Core}^{TM} i 5 - 3230 M$ CPU at 2.60 GHz, 4 GB in memory. The programming

Related work

In this section, we introduce some related work about this paper from the two aspects: the VES schemes and fair blockchain-based protocols.

Conclusion

This paper proposes a two-party fair contract signing scheme based on Ethereum smart contract technology. The scheme uses automated smart contracts instead of the original TTP in the process of contract signing. In our scheme, the contract signing parties can exchange the signature fairly. Also, sensitive information in the contract will be kept so secret that it would not be exposed over the blockchain. Theoretical analysis and performance evaluation also show that our scheme is valid, secure

Declaration of Competing Interest

The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.

Acknowledgments

This research is supported by National Natural Science Foundation of China (61572267), National Development Foundation of Cryptography (MMJJ20170118), Key Research and Development Project of Shandong Province (2019GGX101051), the Open Project of the State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences (2019-MS-03).

References (35)

Jinxi Wu et al.
Efficient multi party fair contract signing protocol based on blockchains
J. Cryptol. Res.
(2018)
Pbc library. https://crypto.stanford.edu/pbc/,...
Remix, ethereum-ide. https://remix.readthedocs.io/en/latest/,...
Solidity-solidity 0.5.7 documentation. https://solidity.readthedocs.io/en/v0.5.7/,...
Nadarajah Asokan et al.
Optimistic protocols for fair exchange
Citeseer
(1996)
Iddo Bentov, Ranjit Kumaresan, How to use bitcoin to design fair protocols, in: Proceedings of Annual Cryptology...
Dan Boneh, Xavier Boyen, Short signatures without random oracles, in: Proceedings of International Conference on the...
Dan Boneh, Craig Gentry, Ben Lynn, Hovav Shacham, Aggregate and verifiably encrypted signatures from bilinear maps, in:...
Vitalik Buterin
A next-generation smart contract and decentralized application platform
White Paper
(2014)
Christopher D. Clack, Vikram A. Bakshi, Lee Braine, Smart contract templates: foundations, design landscape and...

M. Choudary Gorantla, Ashutosh Saxena, Verifiably encrypted signature scheme without random oracles, in: Proceedings of...

Haiwu He et al.

Survey of smart contract technology and application based on blockchain

J. Comput. Res. Dev.

(2018)

Yoichi Hirai, Defining the ethereum virtual machine for interactive theorem provers, in: Proceedings of International...

Hui Huang, Kuan-Ching Li, Xiaofeng Chen, A fair three-party contract singing protocol based on blockchain, in:...

Ranjit Kumaresan, Iddo Bentov, How to use bitcoin to incentivize correct computations, in: Proceedings of the 2014 ACM...

Lu. Steve et al.

Sequential aggregate signatures, multisignatures, and verifiably encrypted signatures without random oracles

J. Cryptol.

(2013)

Vadim Lyubashevsky, Gregory Neven, One-shot verifiable encryption from lattices, in: Proceedings of Annual...

Cited by (30)

A blockchain-based signature exchange protocol for metaverse
2023, Future Generation Computer Systems
Electronic Commodity Trading has a pivotal role in our economic activities. In the literature, there is a classic problem called “Fair Exchange” which is fundamental to electronic commodity trading. It means the participants can receive the exchange item of the counterparty as they have agreed on before. Since the ownership of items online is often authorized by digital signatures, we focus on the problem of the fair exchange of digital signatures in this paper. As the concept of the Metaverse becomes popular recently, what we are concerned about is how the fair exchange will evolve in a metaverse. It is said that the metaverse is a vision of how the next generation of the internet will operate and the research for the fair exchange problem in it is essential for a wide range of applications like trading a (Non-fungible-token) NFT. Many cryptographic fair exchange protocols are proposed to deal with such a problem. However, most of them should rely on a Trusted Third Party (TTP) and the security is restricted by the TTP. The way the metaverse will work is still being defined. But it will probably provide users with a decentralized environment and a fair exchange protocol relying on a TTP seems unsuitable for it. Recently, researchers present some blockchain-based fair exchange protocols to get rid of or reduce the power of a TTP. But these blockchain-based protocols face new challenges. Firstly, cryptography pairing operations are often contained in such a TTP-free protocol and cost too much for the blockchain. Secondly, the player may hang for an unacceptably long time of the latency of the blockchain network. Thirdly, it is difficult to protect the privacy of the signatures while making the whole protocol verifiable at the same time. To bridge these research gaps, this paper presents a novel signature exchange protocol called DFSE which is decentralized, verifiable, efficient and autonomous. To give a real-world evaluation, we perform the experiment on the live test network of Ethereum and the results show that our protocol is feasible.
Applying blockchain-based method to smart contract classification for CPS applications
2022, Digital Communications and Networks
Citation Excerpt :
Additionally, various operations and applications on blockchain can be performed by smart contracts [12–15]. This leads to a widely utilization of blockchain technologies in diverse fields, such as Vehicular Fog Computing (VFC) [3], Unmanned Aerial Vehicle (UAV) [16], Virtual Wireless Networks (VWNs) [17], Verifiable Encrypted Signature (VES) [18] and Vehicular Ad Hoc Networks (VANETs) [19]. Ethereum, which is a well-known public blockchain platform, is one representative of Blockchain 2.0.
Smart contract has been the core of blockchain systems and other blockchain-based systems since Blockchain 2.0. Various operations on blockchain are performed through the invocation and execution of smart contracts. This leads to extensive combinations between blockchain, smart contract, Internet of Things (IoT) and Cyber-Physical System (CPS) applications, and then many blockchain-based IoT or CPS applications emerge to provide multiple benefits to the economy and society. In this case, obtaining a better understanding of smart contracts will contribute to the easier operation, higher efficiency and stronger security of those blockchain-based systems and applications. Many existing studies on smart contract analysis are based on similarity calculation and smart contract classification. However, smart contract is a piece of code with special characteristics and most of smart contracts are stored without any category labels, which leads to difficulties of smart contract classification. As the back end of a blockchain-based Decentralized Application (DApp) is one or several smart contracts, DApps with labeled categories and open source codes are applied to achieve a supervised smart contract classification. A three-phase approach is proposed to categorize DApps based on various data features. In this approach, 5,659 DApps with smart contract source codes and pre-tagged categories are first obtained based on massive collected DApps and smart contracts from Ethereum, State of the DApps and DappRadar. Then feature extraction and construction methods are designed to form multi-feature vectors that could present the major characteristics of DApps. Finally, a fused classification model consisting of KNN, XGBoost and random forests is applied to the multi-feature vectors of all DApps for performing DApp classification. The experimental results show that the method is effective. In addition, some positive correlations between feature variables and categories, as well as several user behavior patterns of DApp calls, are found in this paper.
A user-centric privacy-preserving authentication protocol for IoT-AmI environments
2022, Computer Communications
Ambient Intelligence (AmI) in Internet of Things (IoT) has empowered healthcare professionals to monitor, diagnose, and treat patients remotely. Besides, the AmI-IoT has improved patient engagement and gratification as doctors’ interactions have become more comfortable and efficient. However, the benefits of the AmI-IoT-based healthcare applications are not availed entirely due to the adversarial threats. IoT networks are prone to cyber attacks due to vulnerable wireless mediums and the absentia of lightweight and robust security protocols. This paper introduces computationally-inexpensive privacy-assuring authentication protocol for AmI-IoT healthcare applications. The use of blockchain & fog computing in the protocol guarantees unforgeability, non-repudiation, transparency, low latency, and efficient bandwidth utilization. The protocol uses physically unclonable functions (PUF), biometrics, and Ethereum powered smart contracts to prevent replay, impersonation, and cloning attacks. Results prove the resource efficiency of the protocol as the smart contract incurs very minimal gas and transaction fees. The Scyther results validate the robustness of the proposed protocol against cyber-attacks. The protocol applies lightweight cryptography primitives (Hash, PUF) instead of conventional public-key cryptography and scalar multiplications. Consequently, the proposed protocol is better than centralized infrastructure-based authentication approaches.
Privacy-preserving blockchain-based contract signing with multi-party supervision
2024, Transactions on Emerging Telecommunications Technologies
Research trends in industry 5.0 and its application in the construction industry
2024, Technological Sustainability
Abuse-freeness in contract signing: a blockchain-based proposal
2024, International Journal of Information Security

View all citing articles on Scopus

¹: Liang Zhang and Hanlin Zhang contributed equally to this work.

View full text