Verifiable Agreement: Limits of Non-Repudiation in Mobile Peer-to-Peer Ad Hoc Networks Zinaida Benenson 1 , Felix C. Freiling 2 , Birgit Pfitzmann 3 , Christian Rohner 1 , and Michael Waidner 3 1 Uppsala University, Department of Information Technology {zina,chrohner}@it.uu.se 2 University of Mannheim, Computer Science Department freiling@informatik.uni-mannheim.de 3 IBM Research, Zurich Research Lab {bpf,wmi}@zurich.ibm.com Abstract. We introduce verifiable agreement as a fundamental service for securing mobile peer-to-peer ad hoc networks, and investigate its solvability. Verifiability of a protocol result means that the participants can prove that the protocol reached a particular result to any third party (the verifier) which was not present in the network at the time of the protocol execution. 1 Introduction 1.1 Motivation The envisioned applications of ad hoc networks often follow the scenario where a group of nodes meets for a short time, conducts some transaction, such as a collaborative document editing session, a decision to take some coordinated action, or dissemination of information to all group members, and then breaks apart, perhaps forever. We call this type of the network mobile peer-to-peer ad hoc network. In this scenario, there is no centralized logging of the transaction, no transaction witnesses, apart from the participants themselves. Thus, to make the result of the transaction binding, it should be made verifiable. That is, after the transaction is finished, each participant should be able to prove to some third party which was not present in the network at the time of the transaction that this particular transaction (1) happened, (2) was conducted by the certain group of participants, and (3) reached a particular outcome. We call this problem Verifiable Agreement on the transaction result. Requiring that each participant be able to carry out the proof without the help of any other participant seems to be the most safe decision, as there is no guarantee that any other participant would be reachable at the time when the proof is conducted. Verifiable Agreement is a crucial problem for securing mobile peer-to-peer ad hoc networks. Indeed, especially if such networks are set up in emergency situ- ations, with participants from different organizations or different countries, the participants may distrust each other. Unfortunately, as we show below, the non- repudiation of the decisions made in this situation can only be reached if the ma- jority of participants can be trusted. This puts a strict restriction on the usage of this network type for trust-critical applications.