When using cryptographic protocols for security critical applications premature abort is a serious threat. We define two important properties called quit fairness and quit correctness for protocols to resist attacks by premature abort. The main result of the paper is that quit fairness and quit correctness can be achieved for two-party secure function evaluation whereas for multi-party protocols the two properties of quit fairness and quit correctness are mutually exclusive.
This negative result implies that countermeasures to premature abort, e.g. optimistic protocols, are vital for secure electronic applications.