Towards a Game Theoretic View of Secure Computation

Asharov, Gilad; Canetti, Ran; Hazay, Carmit

doi:10.1007/978-3-642-20465-4_24

Cited by 63 publications

(68 citation statements)

References 31 publications

(35 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Much study has been devoted to rational secret sharing [20,1,14,24,25,27,28,3]. There are studies on other cryptographic primitives such as fair two-party computation [2,16], leader election [15], byzantine agreement [17], oblivious transfer [21], and commitment schemes [22]. Our work also can be seen as a study of rational cryptography.…”

Section: Related Workmentioning

confidence: 99%

Public-Key Encryption with Lazy Parties

Yasunaga

2016

IEICE Trans. Fundamentals

View full text Add to dashboard Cite

In a public-key encryption scheme, if a sender is not concerned about the security of a message and is unwilling to generate costly randomness, the security of the encrypted message can be compromised. In this work, we characterize such lazy parties, who are regraded as honest parties, but are unwilling to perform a costly task when they are not concerned about the security. Specifically, we consider a rather simple setting in which the costly task is to generate randomness used in algorithms, and parties can choose either perfect randomness or a fixed string. We model lazy parties as rational players who behave rationally to maximize their utilities, and define a security game between the parties and an adversary. Since a standard secure encryption scheme does not work in the setting, we provide constructions of secure encryption schemes in various settings.

show abstract

Section: Related Workmentioning

confidence: 99%

Public-Key Encryption with Lazy Parties

Yasunaga

2016

IEICE Trans. Fundamentals

View full text Add to dashboard Cite

show abstract

“…Recently, Asharov and Lindell [AL11] initiated a translation of the security of rational secret sharing in terms of cryptographic properties such as correctness and fairness. Following up, Asharov, Canetti, and Hazay [ACH11] provided rational cryptography notions of fair, correct, and private two-party SFE (by defining appropriate utilities for the parties and corresponding protocols) and showed an equivalence between these notions and natural cryptographic counterparts. Their results on fairness were extended in [GK12].…”

Section: A Related Literaturementioning

confidence: 99%

“…For example, traditional notions of fairness in the rational setting [ACH11,GK12] define the utilities of the parties based on whether or not they obtain considerable information on each other's output, e.g., the first bits or the whole output. However, it would be natural to consider a protocol unfair if some party obtains noticeable, i.e., not negligible, information about the output and the other does not.…”

Section: A Related Literaturementioning

confidence: 99%

“…The goal of this line of work is to design protocols for which following the protocol is a game-theoretic equilibrium for the parties. It has been shown that by incorporating incentives one can circumvent impossibility results (e.g., for fairness in the two-party setting [ACH11,GK12]), or design protocols with better efficiency (e.g., using the notion of covert security [AL07]). …”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Rational Protocol Design: Cryptography against Incentive-Driven Adversaries

Garay

Katz

Maurer

et al. 2013

2013 IEEE 54th Annual Symposium on Foundations of Computer Science

View full text Add to dashboard Cite

Existing work on "rational cryptographic protocols" treats each party (or coalition of parties) running the protocol as a selfish agent trying to maximize its utility. In this work we propose a fundamentally different approach that is better suited to modeling a protocol under attack from an external entity. Specifically, we consider a two-party game between an protocol designer and an external attacker. The goal of the attacker is to break security properties such as correctness or privacy, possibly by corrupting protocol participants; the goal of the protocol designer is to prevent the attacker from succeeding.We lay the theoretical groundwork for a study of cryptographic protocol design in this setting by providing a methodology for defining the problem within the traditional simulation paradigm. Our framework provides ways of reasoning about important cryptographic concepts (e.g., adaptive corruptions or attacks on communication resources) not handled by previous game-theoretic treatments of cryptography. We also prove composition theorems that-for the first time-provide a sound way to design rational protocols assuming "ideal communication resources" (e.g., broadcast or authenticated channels) and then instantiate these resources using standard cryptographic tools.Finally, we investigate the problem of secure function evaluation in our framework, where the attacker has to pay for each party it corrupts. Our results demonstrate how knowledge of the attacker's incentives can be used to circumvent known impossibility results in this setting.

show abstract

“…It can be considered as a special case of secure multiparty computation [1][2][3] which has applications in electronic voting, cloud computing, online auction etc. Recently, significant effort has been given towards bridging the gap between two apparently unrelated domains, namely, cryptography and game theory [2][3][4]. Cryptography deals with the 'worst case' scenario making the protocols secure against malicious behavior of a party.…”

Section: Introductionmentioning

confidence: 99%

Proposal for quantum rational secret sharing

Maitra

Paul

et al. 2015

Phys. Rev. A

View full text Add to dashboard Cite

A rational secret sharing scheme is a game in which each party responsible for reconstructing a secret tries to maximize his utility by obtaining the secret alone. Quantum secret sharing schemes, either derived from quantum teleportation or from quantum error correcting code, do not succeed when we assume rational participants. This is because all existing quantum secret sharing schemes consider that the secret is reconstructed by a party chosen by the dealer. In this paper, for the first time, we propose a quantum secret sharing scheme which is resistant to rational parties. The proposed scheme is fair (everyone gets the secret), correct and achieves strict Nash equilibrium.

show abstract

Towards a Game Theoretic View of Secure Computation

Cited by 63 publications

References 31 publications

Public-Key Encryption with Lazy Parties

Public-Key Encryption with Lazy Parties

Rational Protocol Design: Cryptography against Incentive-Driven Adversaries

Proposal for quantum rational secret sharing

Contact Info

Product

Resources

About