Exclusions and related trust relationships in multi-party fair exchange protocols Nicol´asGonz´alez-Deleito Olivier Markowitch D´ epartement d’Informatique, Universit´ e Libre de Bruxelles Bd. du Triomphe – CP212, 1050 Bruxelles, Belgium Abstract Some electronic commerce transactions are inherently performed between more than two parties. In this context, it is thus important to deter- mine whether the underlying fair exchange protocols allowing the secure implementation of such transactions enable participants to exclude other entities from a protocol execution. This is an important point that has not been sufficiently addressed when analysing such kind of protocols, and that may be crucial for the successful accomplishment of multi-party electronic transactions. In this paper we define the properties related to exchange protocols and exclusions, study exclusion scenarios on two well- known multi-party fair exchange protocols and point out the implications that exclusions may have on the trust relationships between participants, and, more generally, on electronic commerce. Two new protocols more robust than existing multi-party fair exchange protocols are therefore pro- posed. 1 Introduction The important growth of open networks such as the Internet has led to the study of related security problems. Achieving the exchange of electronic information (as in contract signing, certified email, etc.) is one of these security challenges. An exchange protocol allows therefore two or more parties to exchange elec- tronic information. Informally, if the exchange is realised in such a way that, at the end of the protocol, either any honest participant has received all the expected items corresponding to the items he has provided or no participant has received anything, then the exchange protocol is said to be fair. A trusted third party (TTP) is often used in order to help the participants to successfully realise the exchange. Depending on its level of involvement in a protocol, a TTP can be said to be online or offline. Online trusted third parties are involved in each instance of a protocol. On the contrary, an offline TTP is used when the participants in a protocol are assumed to be honest enough not to need external help in order to achieve fairness. In this case, the TTP will 1