2,365 research outputs found
How to Incentivize Data-Driven Collaboration Among Competing Parties
The availability of vast amounts of data is changing how we can make medical
discoveries, predict global market trends, save energy, and develop educational
strategies. In some settings such as Genome Wide Association Studies or deep
learning, sheer size of data seems critical. When data is held distributedly by
many parties, they must share it to reap its full benefits.
One obstacle to this revolution is the lack of willingness of different
parties to share data, due to reasons such as loss of privacy or competitive
edge. Cryptographic works address privacy aspects, but shed no light on
individual parties' losses/gains when access to data carries tangible rewards.
Even if it is clear that better overall conclusions can be drawn from
collaboration, are individual collaborators better off by collaborating?
Addressing this question is the topic of this paper.
* We formalize a model of n-party collaboration for computing functions over
private inputs in which participants receive their outputs in sequence, and the
order depends on their private inputs. Each output "improves" on preceding
outputs according to a score function.
* We say a mechanism for collaboration achieves collaborative equilibrium if
it ensures higher reward for all participants when collaborating (rather than
working alone). We show that in general, computing a collaborative equilibrium
is NP-complete, yet we design efficient algorithms to compute it in a range of
natural model settings.
Our collaboration mechanisms are in the standard model, and thus require a
central trusted party; however, we show this assumption is unnecessary under
standard cryptographic assumptions. We show how to implement the mechanisms in
a decentralized way with new extensions of secure multiparty computation that
impose order/timing constraints on output delivery to different players, as
well as privacy and correctness
Secure Multiparty Computation with Partial Fairness
A protocol for computing a functionality is secure if an adversary in this
protocol cannot cause more harm than in an ideal computation where parties give
their inputs to a trusted party which returns the output of the functionality
to all parties. In particular, in the ideal model such computation is fair --
all parties get the output. Cleve (STOC 1986) proved that, in general, fairness
is not possible without an honest majority. To overcome this impossibility,
Gordon and Katz (Eurocrypt 2010) suggested a relaxed definition -- 1/p-secure
computation -- which guarantees partial fairness. For two parties, they
construct 1/p-secure protocols for functionalities for which the size of either
their domain or their range is polynomial (in the security parameter). Gordon
and Katz ask whether their results can be extended to multiparty protocols.
We study 1/p-secure protocols in the multiparty setting for general
functionalities. Our main result is constructions of 1/p-secure protocols when
the number of parties is constant provided that less than 2/3 of the parties
are corrupt. Our protocols require that either (1) the functionality is
deterministic and the size of the domain is polynomial (in the security
parameter), or (2) the functionality can be randomized and the size of the
range is polynomial. If the size of the domain is constant and the
functionality is deterministic, then our protocol is efficient even when the
number of parties is O(log log n) (where n is the security parameter). On the
negative side, we show that when the number of parties is super-constant,
1/p-secure protocols are not possible when the size of the domain is
polynomial
Efficient Secure Computation with Garbled Circuits
Abstract. Secure two-party computation enables applications in which partic-ipants compute the output of a function that depends on their private inputs, without revealing those inputs or relying on any trusted third party. In this pa-per, we show the potential of building privacy-preserving applications using gar-bled circuits, a generic technique that until recently was believed to be too ineffi-cient to scale to realistic problems. We present a Java-based framework that uses pipelining and circuit-level optimizations to build efficient and scalable privacy-preserving applications. Although the standard garbled circuit protocol assumes a very week, honest-but-curious adversary, techniques are available for convert-ing such protocols to resist stronger adversaries, including fully malicious adver-saries. We summarize approaches to producing malicious-resistant secure com-putations that reduce the costs of transforming a protocol to be secure against stronger adversaries. In addition, we summarize results on ensuring fairness, the property that either both parties receive the result or neither party does. Several open problems remain, but as theory and pragmatism advance, secure computa-tion is approaching the point where it offers practical solutions for a wide variety of important problems.
BBB-Voting: 1-out-of-k Blockchain-Based Boardroom Voting
Voting is a means to agree on a collective decision based on available
choices (e.g., candidates), where participants (voters) agree to abide by their
outcome. To improve some features of e-voting, decentralized solutions based on
a blockchain can be employed, where the blockchain represents a public bulletin
board that in contrast to a centralized bulletin board provides
availability and censorship resistance. A blockchain ensures that all entities
in the voting system have the same view of the actions made by others due to
its immutable and append-only log. The existing blockchain-based boardroom
voting solution called Open Voting Network (OVN) provides the privacy of votes
and perfect ballot secrecy, but it supports only two candidates. We present
BBB-Voting, an equivalent blockchain-based approach for decentralized voting
than OVN, but in contrast to it, BBB-Voting supports 1-out-of- choices and
provides a fault tolerance mechanism that enables recovery from stalling
participants. We provide a cost-optimized implementation using Ethereum, which
we compare with OVN and show that our work decreases the costs for voters by
in terms of gas consumption. Next, we outline the extension of our
implementation scaling to magnitudes higher number of participants than in a
boardroom voting, while preserving the costs paid by the authority and
participants -- we made proof-of-concept experiments with up to 1000
participants
Some Efficient Solutions to Yao's Millionaire Problem
We present three simple and efficient protocol constructions to solve Yao's
Millionaire Problem when the parties involved are non-colluding and
semi-honest. The first construction uses a partially homomorphic Encryption
Scheme and is a 4-round scheme using 2 encryptions, 2 homomorphic circuit
evaluations (subtraction and XOR) and a single decryption. The second
construction uses an untrusted third party and achieves a communication
overhead linear in input bit-size with the help of an order preserving
function.Moreover, the second construction does not require an apriori input
bound and can work on inputs of different bit-sizes. The third construction
does not use a third party and, even though, it has a quadratic communication
overhead, it is a fairly simple construction.Comment: 17 page
- …