Efficient TTP-free mental poker protocols

Zhao et al proposed an efficient mental poker protocol which did not require using a Trusted Third Party(TTP). The protocol is efficient and suitable for any number of players but it introduces a security flaw. In this paper, we propose two mental poker protocols based on Zhao\u27s previous work. The security flaw has been removed and the additional computing cost is small

Efficient TTP-free mental poker protocols

Zhao et al proposed an efficient mental poker protocol which did not require using a trusted third party (TTP). The protocol is efficient and suitable for any number of players but it introduces a security flaw. In this paper, we propose two mental poker protocols based on Zhao's previous work. The security flaw has been removed and the additional computing cost is small.6 page(s

Mental Card Gaming Protocols Supportive Of Gameplay Versatility, Robustness And Efficiency

Pennainan kad mental merupakan protokol kriptografi yang membolehkan pennainan yang ~ disahkan adil di kalangan parti-parti jauh yang penyangsi dan berpotensi menipu. Pennainan kad ini setidak-tidaknya patut menyokong-tanpa memperkenal~an parti ketiga yang dipercayai (TTP)--rahsia kad, pengesanan penipuan dan keselamatan bersyarat ke atas pakatan pemain. Tambahan kepada keperJuan asas ini, kami meninjau isu-isu pennainan kad mental yang berkaitan dengan fungsian permainan, keteguhan operasional dan kecekapan implementasi. Pengkajian kami diberangsang oleh potensi pennainan berasaskan komputer dan rangkaian yang melewati batas kemampuan kad fizikal, terutamanya pembongkaran maklumat terperinci kad (seperti warna, darjat, simbol atau kebangsawanan) sambil merahsiakan nilai keseluruhan kad tersebut. ~. Mental card games are cryptographic protocols which permit verifiably fair gameplay among a l< ~. priori distrustful and potentially untrustworthy remote parties and should minimally providewithout the introduction of a trusted third party (TTP)---for card confidentiality, fraud detection and conditional security against collusion. In addition to these basic requirements, we explore into gameplay functionality, operational robustness and implementation efficiency issues of mental card gaming. Our research is incited by the potential of computer-based and networkmediated gameplay beyond the capability of physical cards, particularly fine-grained information disclosure (such as colour, rank, symbol or courtliness) with preservation of card secrecy. On the other hand, being network connected renders the protocol susceptible to (accidental or intentional) disconnection attack, as well as other malicious behaviours

ROYALE: A Framework for Universally Composable Card Games with Financial Rewards and Penalties Enforcement

While many tailor made card game protocols are known, the vast majority of those suffer from three main issues: lack of mechanisms for distributing financial rewards and punishing cheaters, lack of composability guarantees and little flexibility, focusing on the specific game of poker. Even though folklore holds that poker protocols can be used to play any card game, this conjecture remains unproven and, in fact, does not hold for a number of protocols (including recent results). We both tackle the problem of constructing protocols for general card games and initiate a treatment of such protocols in the Universal Composability (UC) framework, introducing an ideal functionality that captures general card games constructed from a set of core card operations. Based on this formalism, we introduce Royale, the first UC-secure general card games which supports financial rewards/penalties enforcement. We remark that Royale also yields the first UC-secure poker protocol. Interestingly, Royale performs better than most previous works (that do not have composability guarantees), which we highlight through a detailed concrete complexity analysis and benchmarks from a prototype implementation

Kaleidoscope: An Efficient Poker Protocol with Payment Distribution and Penalty Enforcement

The research on secure poker protocols without trusted intermediaries has a long history that dates back to modern cryptography\u27s infancy. Two main challenges towards bringing it into real-life are enforcing the distribution of the rewards, and penalizing misbehaving/aborting parties. Using recent advances on cryptocurrencies and blockchain technologies, Andrychowicz et al. (IEEE S\&P 2014 and FC 2014 BITCOIN Workshop) were able to address those problems. Improving on these results, Kumaresan et al. (CCS 2015) and Bentov et al. (ASIACRYPT 2017) proposed specific purpose poker protocols that made significant progress towards meeting the real-world deployment requirements. However, their protocols still lack either efficiency or a formal security proof in a strong model. Specifically, the work of Kumaresan et al. relies on Bitcoin and simple contracts, but is not very efficient as it needs numerous interactions with the cryptocurrency network as well as a lot of collateral. Bentov et al. achieve further improvements by using stateful contracts and off-chain execution: they show a solution based on general multiparty computation that has a security proof in a strong model, but is also not very efficient. Alternatively, it proposes to use tailor-made poker protocols as a building block to improve the efficiency. However, a security proof is unfortunately still missing for the latter case: the security properties the tailor-made protocol would need to meet were not even specified, let alone proven to be met by a given protocol. Our solution closes this undesirable gap as it concurrently: (1) enforces the rewards\u27 distribution; (2) enforces penalties on misbehaving parties; (3) has efficiency comparable to the tailor-made protocols; (4) has a security proof in a simulation-based model of security. Combining techniques from the above works, from tailor-made poker protocols and from efficient zero-knowledge proofs for shuffles, and performing optimizations, we obtain a solution that satisfies all four desired criteria and does not incur a big burden on the blockchain

Formal Verification of Security Protocol Implementations: A Survey

Automated formal verification of security protocols has been mostly focused on analyzing high-level abstract models which, however, are significantly different from real protocol implementations written in programming languages. Recently, some researchers have started investigating techniques that bring automated formal proofs closer to real implementations. This paper surveys these attempts, focusing on approaches that target the application code that implements protocol logic, rather than the libraries that implement cryptography. According to these approaches, libraries are assumed to correctly implement some models. The aim is to derive formal proofs that, under this assumption, give assurance about the application code that implements the protocol logic. The two main approaches of model extraction and code generation are presented, along with the main techniques adopted for each approac

21 - Bringing Down the Complexity: Fast Composable Protocols for Card Games Without Secret State

While many cryptographic protocols for card games have been proposed, all of them focus on card games where players have some state that must be kept secret from each other, e.g. closed cards and bluffs in Poker. This scenario poses many interesting technical challenges, which are addressed with cryptographic tools that introduce significant computational and communication overheads (e.g. zero-knowledge proofs). In this paper, we consider the case of games that do not require any secret state to be maintained (e.g. Blackjack and Baccarat). Basically, in these games, cards are chosen at random and then publicly advertised, allowing for players to publicly announce their actions (before or after cards are known). We show that protocols for such games can be built from very lightweight primitives such as digital signatures and canonical random oracle commitments, yielding constructions that far outperform all known card game protocols in terms of communication, computational and round complexities. Moreover, in constructing highly efficient protocols, we introduce a new technique based on verifiable random functions for extending coin tossing, which is at the core of our constructions. Besides ensuring that the games are played correctly, our protocols support financial rewards and penalties enforcement, guaranteeing that winners receive their rewards and that cheaters get financially penalized. In order to do so, we build on blockchain-based techniques that leverage the power of stateful smart contracts to ensure fair protocol execution

Ekiden: A Platform for Confidentiality-Preserving, Trustworthy, and Performant Smart Contract Execution

Smart contracts are applications that execute on blockchains. Today they manage billions of dollars in value and motivate visionary plans for pervasive blockchain deployment. While smart contracts inherit the availability and other security assurances of blockchains, however, they are impeded by blockchains' lack of confidentiality and poor performance. We present Ekiden, a system that addresses these critical gaps by combining blockchains with Trusted Execution Environments (TEEs). Ekiden leverages a novel architecture that separates consensus from execution, enabling efficient TEE-backed confidentiality-preserving smart-contracts and high scalability. Our prototype (with Tendermint as the consensus layer) achieves example performance of 600x more throughput and 400x less latency at 1000x less cost than the Ethereum mainnet. Another contribution of this paper is that we systematically identify and treat the pitfalls arising from harmonizing TEEs and blockchains. Treated separately, both TEEs and blockchains provide powerful guarantees, but hybridized, though, they engender new attacks. For example, in naive designs, privacy in TEE-backed contracts can be jeopardized by forgery of blocks, a seemingly unrelated attack vector. We believe the insights learned from Ekiden will prove to be of broad importance in hybridized TEE-blockchain systems

Constant-Round Privacy Preserving Multiset Union

Privacy preserving multiset union (PPMU) protocol allows a set of parties, each with a multiset, to collaboratively compute a multiset union secretly, meaning that any information other than union is not revealed. We propose efficient PPMU protocols, using multiplicative homomorphic cryptosystem. The novelty of our protocol is to directly encrypt a polynomial by representing it by an element of an extension field. The resulting protocols consist of constant rounds and improve communication cost. We also prove the security of our protocol against malicious adversaries, in the random oracle model