Adam Groce scite author profile

We consider the problem of fair multiparty computation, where fairness means (informally) that all parties should learn the correct output. A seminal result of Cleve (STOC 1986) shows that fairness is, in general, impossible to achieve if a majority of the parties is malicious. Here, we treat all parties as rational and seek to understand what can be done.Asharov et al. (Eurocrypt 2011) showed impossibility of rational fair computation in the two-party setting, for a particular function and a particular choice of utilities. We observe, however, that in their setting the parties have no strict incentive to compute the function even in an ideal world where fairness is guaranteed. Revisiting the problem, we show that rational fair computation is possible, for arbitrary functions, as long as the parties have a strict incentive to compute the function in an ideal world where fairness is guaranteed. Our results extend to more general utility functions that do not directly correspond to fairness, as well as to the multi-party setting. Our work thus shows a new setting in which game-theoretic considerations can be used to circumvent a cryptographic impossibility result.

show abstract

Coupled-Worlds Privacy: Exploiting Adversarial Uncertainty in Statistical Data Privacy

Bassily

Groce

Katz

et al. 2013

View full text Add to dashboard Cite

A new framework for efficient password-based authenticated key exchange

Groce

Katz

2010

View full text Add to dashboard Cite

Protocols for password-based authenticated key exchange (PAKE) allow two users who share only a short, low-entropy password to agree on a cryptographically strong session key. The challenge in designing such protocols is that they must be immune to off-line dictionary attacks in which an eavesdropping adversary exhaustively enumerates the dictionary of likely passwords in an attempt to match a password to the set of observed transcripts.To date, few general frameworks for constructing PAKE protocols in the standard model are known. Here, we abstract and generalize a protocol by Jiang and Gong to give a new methodology for realizing PAKE without random oracles, in the common reference string model. In addition to giving a new approach to the problem, the resulting construction offers several advantages over prior work. We also describe an extension of our protocol that is secure within the universal composability (UC) framework and, when instantiated using El Gamal encryption, is more efficient than a previous protocol of Canetti et al.

show abstract

Byzantine Agreement with a Rational Adversary

Groce

Katz

Thiruvengadam

et al. 2012

View full text Add to dashboard Cite

Abstract. Traditionally, cryptographers assume a "worst-case" adversary who can act arbitrarily. More recently, they have begun to consider rational adversaries who can be expected to act in a utility-maximizing way. Here we apply this model for the first time to the problem of Byzantine agreement (BA) and the closely related problem of broadcast, for natural classes of utilities. Surprisingly, we show that many known results (e.g., equivalence of these problems, or the impossibility of tolerating t ≥ n/2 corruptions) do not hold in the rational model. We study the feasibility of information-theoretic (both perfect and statistical) BA assuming complete or partial knowledge of the adversary's preferences. We show that perfectly secure BA is possible for t < n corruptions given complete knowledge of the adversary's preferences, and characterize when statistical security is possible with only partial knowledge. Our protocols have the added advantage of being more efficient than BA protocols secure in the traditional adversarial model.

show abstract

Differentially Private ANOVA Testing

Campbell¹,

Bray²,

Ritz³

et al. 2018

View full text Add to dashboard Cite

Modern society generates an incredible amount of data about individuals, and releasing summary statistics about this data in a manner that provably protects individual privacy would offer a valuable resource for researchers in many fields. We present the first algorithm for analysis of variance (ANOVA) that preserves differential privacy, allowing this important statistical test to be conducted (and the results released) on databases of sensitive information. In addition to our private algorithm for the F test statistic, we show a rigorous way to compute p-values that accounts for the added noise needed to preserve privacy. Finally, we present experimental results quantifying the statistical power of this differentially private version of the test, finding that a sample of several thousand observations is sufficient to detect variation between groups. The differentially private ANOVA algorithm is a promising approach for releasing a common test statistic that is valuable in fields in the sciences and social sciences.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Adam Groce

Fair Computation with Rational Players

Coupled-Worlds Privacy: Exploiting Adversarial Uncertainty in Statistical Data Privacy

A new framework for efficient password-based authenticated key exchange

Byzantine Agreement with a Rational Adversary

Differentially Private ANOVA Testing

Contact Info

Product

Resources

About