Mobile Calculi based on Domains

Formal analysis of multi-party contract signing

R. Chadha and S. Kremer and A. Scedrov


We analyze the multi-party contract-signing protocols of Garay and MacKenzie (GM) and of Baum and Waidner (BW). We use a finite-state tool, Mocha, which allows specification of protocol properties in a branching-time temporal logic with game semantics. While our analysis does not reveal any errors in the BW protocol, in the GM protocol we discover serious problems with fairness for four signers and an oversight regarding abuse-freeness for three signers. We propose a complete revision of the GM subprotocols in order to restore fairness.

  author = \{R. Chadha and S. Kremer and A. Scedrov},
  title = \{Formal analysis of multi-party contract signing},
  booktitle = \{Workshop on Issues in the Theory of Security---WITS 04},
  year = \{2004}, 
  url = \{}

About this site. Last modified: Tue Jun 19 17:50:48 CEST 2018