Rational Protocol Design: Cryptography against Incentive-Driven Adversaries

Garay, Juan A.; Katz, Jonathan; Maurer, Ueli; Tackmann, Björn; Zikas, Vassilis

doi:10.1109/focs.2013.75

Cited by 71 publications

(66 citation statements)

References 40 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Recently Garay et al (2013) considered the incentives of rational parties and discussed how to design rational protocols. They point out that threaten of protocols are modeled into an external individuals-Adversary.…”

Section: Rational Multiple Function Calculation Under the Uc Modelmentioning

confidence: 99%

A brief survey on secure multi-party computing in the presence of rational parties

Wang

Qin

et al. 2015

J Ambient Intell Human Comput

View full text Add to dashboard Cite

Intelligent agents (IA) are autonomous entities which observe through sensors and act upon an environment using actuators to adjust their activities towards achieving certain goals. The architectures of agents have enormous potentials when they are applied into critical systems, where agents choose actions between working with their own and cooperating with others. Rational utility-based agents choose actions to maximize their expected utilities. Rational secure multi-party computing (RSMPC) means secure multi-party computing (SMPC) in the presence of rational utility-based agents. Here, we call them rational parties. In this paper certain goals of rational parties are maximizing their utilities. The introduction of rational parties considers the incentives in executing protocols. The security definitions under rational framework can better demonstrate the executing environment of real protocols. Furthermore, rational two-party computing removes some impossibility in traditional two-party computing, such as fairness. This paper represents the research status of RSMPC and some typical protocols. The advantages and disadvantages of previous rational SMPC protocols are discussed here. As an emerging field, there are still lots of open problems in RSMPC, such as communication channels, utility assumptions and equilibrium notions etc.

show abstract

Section: Rational Multiple Function Calculation Under the Uc Modelmentioning

confidence: 99%

A brief survey on secure multi-party computing in the presence of rational parties

Wang

Qin

et al. 2015

J Ambient Intell Human Comput

View full text Add to dashboard Cite

show abstract

“…However, their work has not considered the effects of costs on the corruption. Garay et al introduced an external attacker and transferred a protocol to a two-party game (Garay et al 2013). They also discussed the relationship between the corruption cost and the utilities when the attacker successfully broke privacy.…”

Section: Introductionmentioning

confidence: 99%

Incentive-driven attacker for corrupting two-party protocols

et al. 2018

View full text Add to dashboard Cite

Adversaries in two-party computation may sabotage a protocol, leading to possible collapse of the information security management. In practice, attackers often breach security protocols with specific incentives. For example, attackers manage to reap additional rewards by sabotaging computing tasks between two clouds. Unfortunately, most of the existing research works neglect this aspect when discussing the security of protocols. Furthermore, the construction of corrupting two parties is also missing in two-party computation. In this paper, we propose an incentive-driven attacking model where the attacker leverages corruption costs, benefits and possible consequences. We here formalize the utilities used for two-party protocols and the attacker(s), taking into account both corruption costs and attack benefits. Our proposed model can be considered as the extension of the seminal work presented by Groce and Katz (Annual international conference on the theory and applications of cryptographic techniques, Springer, Berlin, pp [81][82][83][84][85][86][87][88][89][90][91][92][93][94][95][96][97][98] 2012), while making significant contribution in addressing the corruption of two parties in two-party protocols. To the best of our knowledge, this is the first time to model the corruption of both parties in two-party protocols.

show abstract

“…In recent years, game theory has been used in cryptographic research [23,33] to develop a new adversarial model -a rational adversary who is no longer treated as arbitrarily malicious, but who is motivated by some utility function with the sole purpose of maximizing its utility. It is known that under this model protocols can be designed with better efficiency than that of traditional counterparts [25]. As our problem deals with verifiable computation, we are interested in rational proof systems that have been recently studied in [6,7,32].…”

Section: Related Workmentioning

confidence: 99%

Efficient Secure and Verifiable Outsourcing of Matrix Multiplications

Zhang

Blanton

2014

Lecture Notes in Computer Science

View full text Add to dashboard Cite

With the emergence of cloud computing services, a resource-constrained client can outsource its computationally-heavy tasks to cloud providers. Because such service providers might not be fully trusted by the client, the need to verify integrity of the returned computation result arises. The ability to do so is called verifiable delegation or verifiable outsourcing. Furthermore, the data used in the computation may be sensitive and it is often desired to protect it from the cloud throughout the computation. In this work, we put forward solutions for verifiable outsourcing of matrix multiplications that favorably compare with the state of the art. Our goal is to minimize the cost of verifying the result without increasing overhead associated with other aspects of the scheme. In our scheme, the cost of verifying the result of computation uses only a single modulo exponentiation and the number of modulo multiplications linear in the size of the output matrix. This cost can be further reduced to avoid all cryptographic operations if the cloud is rational. A rational cloud is neither honest nor arbitrarily malicious, but rather economically motivated with the sole purpose of maximizing its monetary reward. We extend our core constructions with several desired features such as data protection, public verifiability, and computation chaining.

show abstract

Rational Protocol Design: Cryptography against Incentive-Driven Adversaries

Cited by 71 publications

References 40 publications

A brief survey on secure multi-party computing in the presence of rational parties

A brief survey on secure multi-party computing in the presence of rational parties

Incentive-driven attacker for corrupting two-party protocols

Efficient Secure and Verifiable Outsourcing of Matrix Multiplications

Contact Info

Product

Resources

About