International Association for Cryptologic Research (IACR)
Abstract
Contract signing protocols have been proposed and analyzed for more than three decades
now. One of the main problems that appeared while studying such schemes is the impossibility of
achieving both fairness and guaranteed output delivery. As workarounds, cryptographers have put forth
three main categories of contract signing schemes: gradual release, optimistic and concurrent or legally
fair schemes. Concurrent signature schemes or legally fair protocols do not rely on trusted arbitrators
and, thus, may seem more attractive for users. Boosting user trust in such manner, an attacker may
cleverly come up with specific applications. Thus, our work focuses on embedding trapdoors into contract
signing protocols. In particular, we describe and analyze various SETUP (Secretly Embedded Trapdoor
with Universal Protection) mechanisms which can be injected in concurrent signature schemes and
legally fair protocols without keystones