Implementação e Análise de um Protocolo de Sincronização para Troca Justa com Justiça Forte e Privacidade

Dhileane de Andrade Rodrigues; Mailson Teles Borges; Fabricia Roos-Frantz; Rafael Z.Frantz; Sandro Sawicki

doi:10.5753/isys.2026.6859

Authors

Dhileane de Andrade Rodrigues Unijuí University – UNIJUI https://orcid.org/0000-0003-2845-4015
Mailson Teles Borges Unijuí University – UNIJUI https://orcid.org/0000-0001-7674-854X
Fabricia Roos-Frantz Unijuí University – UNIJUI https://orcid.org/0000-0001-9514-6560
Rafael Z.Frantz Unijuí University – UNIJUI https://orcid.org/0000-0003-3740-7560
Sandro Sawicki Unijuí University – UNIJUI https://orcid.org/0000-0002-7960-0775

DOI:

https://doi.org/10.5753/isys.2026.6859

Keywords:

Fair Exchange, Fair Exchange Protocols, Distributed Information Systems, Protocol Validation, Model-checking, Trusted Hardware

Abstract

In distributed information systems, it is essential to ensure fairness and privacy in the exchange of digital items between parties that do not fully trust each other. In such environments, multiple entities (users, organizations, services, devices, etc.) interact by exchanging data, documents, or digital assets. In the absence of trust between the parties involved, the risk of unfairness arises, namely the possibility that one party gains unfair advantage over the other. Fair exchange protocols have been developed to ensure that no participant obtains this advantage, thereby guaranteeing that exchanges occur fairly. Privacy, another fundamental property, prevents the leakage of confidential information. However, achieving both strong fairness and privacy simultaneously remains a challenge. Protocols widely used in information systems for online payments, e-commerce, and digital signatures ensure fairness but compromise privacy because they rely on mediating centralised third parties that directly access participants’ data, including sensitive information. In this paper, we propose the implementation and analysis of a protocol that ensures strong fairness in distributed information systems, which ensures that none of the participants is left with both items and grants each party the ability to cancel the exchange. The model uses a split trusted third party, composed of two trusted execution environments (one for each participant) and a public bulletin board used solely for synchronisation. This architecture obviates the need of centralised intermediaries and preserves essential properties such as strong fairness, immediate and unilateral cancelation, and privacy. This work is an extended version of the paper presented at SBSeg 2025; it includes new experimental results, formal verification with the SPIN model-checker, and implementation improvements; therefore it contributes to the advancement of interoperable solutions that protect data privacy in distributed information systems.

Downloads

Download data is not yet available.

References

Asokan, N., Schunter, M., and Waidner, M. (1997). Optimistic protocols for fair exchange. In Proceedings of the 4th ACM Conference on Computer and Communications Security, pp. 7–17. [link].

Asokan, N., Shoup, V., and Waidner, M. (2000). Optimistic fair exchange of digital signatures. IEEE Journal on Selected Areas in Communications, 18(4), 593–610. https://doi.org/10.1109/49.839935

Avoine, G. and Vaudenay, S. (2004). Fair exchange with guardian angels. In International Workshop on Information Security Applications, pp. 188–202. Springer. https://doi.org/10.1007/978-3-540-24591-9_15

Brickell, E. F., Chaum, D., Damgård, I. B., and van de Graaf, J. (1988). Gradual and verifiable release of a secret. In Advances in Cryptology, pp. 156–166. https://doi.org/10.1007/3-540-48184-2_11

Colletti, M. (2017). Digital poetics: An open theory of design-research in architecture. Routledge. https://doi.org/10.4324/9781315257761

Costan, V. and Devadas, S. (2016). Intel SGX explained. Cryptology ePrint Archive, Paper 2016/086. [link].

Dierks, T. and Rescorla, E. (2008). RFC 5246: The Transport Layer Security (TLS) Protocol Version 1.2. [link].

Fischer, M. J., Lynch, N. A., and Paterson, M. S. (1985). Impossibility of distributed consensus with one faulty process. Journal of the ACM (JACM), 32(2), 374–382. https://doi.org/10.1145/3149.214121

Grisenthwaite, R., Barnes, G., Watson, R. N. M., Moore, S. W., Sewell, P., and Woodruff, J. (2023). The ARM Morello evaluation platform—validating CHERI-based security in a high-performance system. IEEE Micro, 43(3), 50–57. https://doi.org/10.1109/MM.2023.3264676

Horowitz and Zorat (1983). Divide-and-conquer for parallel processing. IEEE Transactions on Computers, 100(6), 582–585. https://doi.org/10.1109/TC.1983.1676280

Huang, Q., Wong, D. S., and Susilo, W. (2014). P2OFE: Privacy-preserving optimistic fair exchange of digital signatures. In Topics in Cryptology – CT-RSA 2014, pp. 367–384. Springer. https://doi.org/10.1007/978-3-319-04852-9_19

Jarke, M., Otto, B., and Ram, S. (2019). Data sovereignty and data space ecosystems. Business & Information Systems Engineering, 61(5), 549–550. https://doi.org/10.1007/s12599-019-00614-2

Kaplan, D., Powell, J., and Woller, T. (2016). AMD memory encryption. White paper. [link].

Lutsch, A., Franck, C., El-Hindi, M., István, Z., and Binnig, C. (2025). An analysis of AWS Nitro Enclaves for database workloads. Journal of the ACM, pp. 1–8. https://doi.org/10.1145/3736227.3736234

Markowitch, O., Gollmann, D., and Kremer, S. (2003). On fairness in exchange protocols. In International Conference on Information Security and Cryptology (ICISC), pp. 451–465. https://doi.org/10.1007/3-540-36552-4_31

Markus, M. L. and Silver, M. S. (2008). A foundation for the study of IT effects: A new look at DeSanctis and Poole’s concepts of structural features and spirit. Journal of the Association for Information Systems, 9(10), Article 5. https://doi.org/10.17705/1jais.00176

Molina-Jimenez, C., Toliver, D., Nakib, H. D., and Crowcroft, J. (2024). Fair exchange: Theory and practice of digital belongings. World Scientific. https://doi.org/10.1142/9781800615175_0001

Pagnia, H. and Darmstadt, F. C. G. (1999). On the impossibility of fair exchange without a trusted third party. Technical Report, Darmstadt University of Technology. [link].

Pinkas, B. (2003). Fair secure two-party computation. In International Conference on the Theory and Applications of Cryptographic Techniques, pp. 87–105. https://doi.org/10.1007/3-540-39200-9_6

Pinto, S. and Santos, N. (2019). Demystifying ARM TrustZone: A comprehensive survey. ACM Computing Surveys (CSUR), 51(6), 1–36. https://doi.org/10.1145/3291047

Quixabeira, D., Teles-Borges, M., Roos-Frantz, F., Frantz, R. Z., Sawicki, S., Molina-Jimenez, C., and Crowcroft, J. (2025). Implementation and analysis of a synchronisation protocol for fair exchange with strong fairness and privacy. In Simpósio Brasileiro de Segurança da Informação e de Sistemas Computacionais (SBSeg), pp. 498–514. SBC. https://doi.org/10.5753/sbseg.2025.11390

Zhang, L., Kan, H., Qiu, F., and Hao, F. (2024). A publicly verifiable optimistic fair exchange protocol using decentralized CP-ABE. The Computer Journal, 67(3), 1017–1029. https://doi.org/10.1093/comjnl/bxad039

Implementation and Analysis of a Synchronisation Protocol for Fair Exchange with Strong Fairness and Privacy

Authors

DOI:

Keywords:

Abstract

Downloads

References

Downloads

Published

How to Cite

Issue

Section

License

Metrics:

Make a Submission