Collusion-free protocols

Abhi Shelat
{"title":"Collusion-free protocols","authors":"Abhi Shelat","doi":"10.1145/1807406.1807497","DOIUrl":null,"url":null,"abstract":"Consider the clever cheating that occurred during an FCC spectrum auction in 1995 (see Cramton and J. Schwartz '02 for a history). Auction rules forbade companies from openly colluding to divide the spectrum cheaply; nonetheless, the major players circumvented the rules by using the least significant digits of their public messages to coordinate their overall bidding strategies. In other words, these parties used the auction protocol itself to cheat.\n Standard notions of security for cryptographic protocols do not prevent this type of cheating. In this talk, we propose the idea of collusion-free protocols. Such protocols do not create any new opportunities---such as using the protocol messages and headers themselves---for malicious participants to coordinate their cheating during the execution of the protocol. We discuss both positive and negative results regarding this notion by showing that it is possible to construct such protocols but special communication assumptions are provably necessary. The conceptual barrier to achieving this novel security property is captured in the following paradox: it is widely acknowledged that players must use randomness to pick their messages in any secure protocol, but the presence of randomized messages also enables perfect steganography and thus perfect collusion.\n We give an overview of two conceptually different approaches to overcome this paradox. The first method is based on the concept of verifiable determinism. This is a way to organize communication so that a player's next message is unpredictable, but once the message has been sent, everyone can verify that it was the one-and-only such message that an honest player could have sent. As a result, steganography becomes impossible. The second method takes an opposite approach: players generate arbitrary messages but send them to each other via a mediator who \"re-randomizes\"' the messages to eliminate steganographic channels. The goal is to design protocols where collusion-freeness is guaranteed as long as the mediator is honest, while standard security guarantees hold if the mediator is dishonest. This new approach enables us to use a less exotic communication channel to construct protocols that achieve a strong collusion-free property.\n This talk is based on 4 papers with the following set of coauthors: Matt Lepinski and Silvio Micali, Joel Alwen and Ivan Visconti, and Alwen, Jonathan Katz, Yehuda Lindell, Giuseppe Persiano, and Visconti.","PeriodicalId":142982,"journal":{"name":"Behavioral and Quantitative Game Theory","volume":"112 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2010-05-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"10","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Behavioral and Quantitative Game Theory","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/1807406.1807497","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 10

Abstract

Consider the clever cheating that occurred during an FCC spectrum auction in 1995 (see Cramton and J. Schwartz '02 for a history). Auction rules forbade companies from openly colluding to divide the spectrum cheaply; nonetheless, the major players circumvented the rules by using the least significant digits of their public messages to coordinate their overall bidding strategies. In other words, these parties used the auction protocol itself to cheat. Standard notions of security for cryptographic protocols do not prevent this type of cheating. In this talk, we propose the idea of collusion-free protocols. Such protocols do not create any new opportunities---such as using the protocol messages and headers themselves---for malicious participants to coordinate their cheating during the execution of the protocol. We discuss both positive and negative results regarding this notion by showing that it is possible to construct such protocols but special communication assumptions are provably necessary. The conceptual barrier to achieving this novel security property is captured in the following paradox: it is widely acknowledged that players must use randomness to pick their messages in any secure protocol, but the presence of randomized messages also enables perfect steganography and thus perfect collusion. We give an overview of two conceptually different approaches to overcome this paradox. The first method is based on the concept of verifiable determinism. This is a way to organize communication so that a player's next message is unpredictable, but once the message has been sent, everyone can verify that it was the one-and-only such message that an honest player could have sent. As a result, steganography becomes impossible. The second method takes an opposite approach: players generate arbitrary messages but send them to each other via a mediator who "re-randomizes"' the messages to eliminate steganographic channels. The goal is to design protocols where collusion-freeness is guaranteed as long as the mediator is honest, while standard security guarantees hold if the mediator is dishonest. This new approach enables us to use a less exotic communication channel to construct protocols that achieve a strong collusion-free property. This talk is based on 4 papers with the following set of coauthors: Matt Lepinski and Silvio Micali, Joel Alwen and Ivan Visconti, and Alwen, Jonathan Katz, Yehuda Lindell, Giuseppe Persiano, and Visconti.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
Collusion-free协议
想想1995年美国联邦通信委员会频谱拍卖期间发生的聪明的作弊行为(参见克拉姆顿和J.施瓦茨2002年的历史)。拍卖规则禁止公司公开串通低价分割频谱;然而,主要参与者通过使用公开信息中的最低有效数字来协调他们的整体竞标策略,从而规避了规则。换句话说,这些各方利用拍卖协议本身来作弊。加密协议的标准安全概念并不能防止这种类型的欺骗。在这次演讲中,我们提出了无合谋协议的想法。这样的协议不会创造任何新的机会——比如使用协议消息和报头本身——让恶意的参与者在协议执行期间协调他们的作弊行为。我们讨论了关于这一概念的积极和消极结果,表明有可能构建这样的协议,但可以证明特殊的通信假设是必要的。实现这种新型安全属性的概念障碍体现在以下悖论中:人们普遍认为,在任何安全协议中,玩家必须使用随机性来选择他们的消息,但随机消息的存在也会实现完美的隐写,从而实现完美的共谋。我们概述了克服这一悖论的两种概念上不同的方法。第一种方法是基于可验证决定论的概念。这是一种组织交流的方式,这样玩家的下一条信息是不可预测的,但一旦消息被发送,每个人都可以验证这是一个诚实的玩家可以发送的唯一的信息。因此,隐写术变得不可能。第二种方法则采取相反的方法:玩家生成任意信息,但通过中介将其发送给彼此,中介将“重新随机化”信息以消除隐写通道。我们的目标是设计这样的协议:只要中介者是诚实的,就可以保证无合谋,而如果中介者是不诚实的,就可以保证标准的安全保证。这种新方法使我们能够使用较少的外部通信通道来构建实现强无合谋特性的协议。本次演讲基于以下四篇论文:Matt Lepinski和Silvio Micali, Joel Alwen和Ivan Visconti, Alwen, Jonathan Katz, Yehuda Lindell, Giuseppe Persiano和Visconti。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
自引率
0.00%
发文量
0
期刊最新文献
Game theory and operations management Cost sharing in distribution problems for franchise operations Subgame-perfection in positive recursive games Rationalizability, adaptive dynamics, and the correspondence principle in games with strategic substitutes Structural estimation of discrete-choice games of incomplete information with multiple equilibria
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1