On Correctness and Privacy in Distributed Mechanisms

Mechanisms that aggregate the possibly conflicting preferences of individual agents are studied extensively in economics, operations research, and lately computer science. Perhaps surprisingly, the classic literature assumes participating agents to act selfishly, possibly untruthfully, if it is to their advantage, whereas the mechanism center is usually assumed to be honest and trustworthy. We argue that cryptography offers various concepts and building blocks to ensure the secure, i.e., correct and private, execution of mechanisms. We propose models with and without a center that guarantee correctness and preserve the privacy of preferences relying on diverse assumptions such as the trustworthiness of the center or the hardness of computation. The decentralized model in which agents jointly “emulate ” a virtual mechanism center is particularly interesting for two reasons. For one, it provides privacy without relying on a trusted third-party. Second, it enables the provably correct execution of randomized mechanisms (which is not the case in the centralized model). We furthermore point out how untruthful and multi-step mechanisms can improve privacy. In particular, we show that the fully private emulation of a preference elicitor can result in unconditional privacy of a (non-empty) subset of preferences

(Im)Possibility of Unconditionally Privacy-Preserving Auctions

We investigate how to obtain bid privacy in sealed-bid auctions. In particular, this paper focuses on unconditional full privacy, i.e., privacy that relies neither on trusted third parties (like auctioneers) or trusted fractions of bidders, nor on computational intractability assumptions (like the hardness of factoring). These constraints imply a scenario in which bidders exchange messages according to some predefined protocol in order to jointly determine the auction outcome without revealing any additional information. It turns out that the first-price sealed-bid auction can be emulated by an unconditionally fully private protocol. However, the protocol's round complexity is exponential in the number of bits that represent a bid, and we show there is no more efficient protocol. On the other hand, we prove the impossibility of fully privately emulating the second-price sealed-bid (Vickrey) auction for more than two bidders. This impossibility holds even when relaxing various privacy constraints such as protecting just a single losing bid (while maintaining anonymity) or tolerating the revelation of complete information to a coalition of at least half of the bidders

Decentralized voting with unconditional privacy

The aggregation of conflicting preferences is a key issue in multiagent systems. Due to its universality, voting has a central role among preference aggregation mechanisms. Voting among a set of alternatives can be used for such diverse tasks as choosing a joint plan in a multiagent system, determining a leader in a group of humans or agents, or voting among different resource or task allocations. Maintaining privacy of individuals ’ votes is crucial in order to guarantee freedom of choice (e.g., lack of vote coercing and reputation effects), and not facilitate strategic voting. We investigate whether unconditional full privacy can be achieved in voting, that is, privacy that relies neither on trusted third parties (or on a certain fraction of the voters being trusted), nor on computational intractability assumptions (such as the hardness of factoring). In particular, we study the existence of distributed protocols that allow voters to jointly determine the outcome of an election without revealing any information but the election outcome. We show the impossibility of reaching unconditional full privacy for a variety of the most common voting schemes ranging from simple veto voting to the single transferable vote scheme. On the positive side, we propose several distributed protocols that privately compute the outcome of common voting schemes while only revealing a limited amount of information

Unconditional Privacy in Social Choice

... systems. Due to its universality, voting among a set of alternatives has a central role among preference aggregation mechanisms. We consider the most general case of voting in which the voters' rankings of alternatives are mapped to a collective ranking of alternatives by a so-called social welfare functional (SWF). Maintaining privacy of individuals' preferences is crucial in order to guarantee freedom of choice (e.g., lack of vote coercing and reputation effects), and to not facilitate strategic voting. We investigate whether unconditional full privacy can be achieved in preference aggregation, that is, privacy that relies neither on trusted third parties (or on a certain fraction of the voters being trusted), nor on computational intractability assumptions. More precisely, we study the existence of distributed protocols that allow voters to jointly determine the collective preference ranking without revealing further information. We prov

Efficient Privacy-Preserving Protocols for Multi-unit Auctions

The purpose of multi-unit auctions is to allocate identical units of a single type of good to multiple agents. Besides well-known applications like the selling of treasury bills, electrical power, or spectrum licenses, multi-unit auctions are also well-suited for allocating CPU time slots or network bandwidth in computational multiagent systems. A crucial problem in sealed-bid auctions is the lack of trust bidders might have in the auctioneer. For one, bidders might doubt the correctness of the auction outcome. Secondly, they are reluctant to reveal their private valuations to the auctioneer since these valuations are often based on sensitive information. We propose privacy-preserving protocols that allow bidders to jointly compute the auction outcome without the help of third parties. All three common types of multi-unit auctions (uniform-price, discriminatory, and generalized Vickrey auctions) are considered for the case of marginal decreasing valuation functions. Our protocols are based on distributed homomorphic encryption and can be executed in a constant number of rounds in the random oracle model. Security merely relies on computational intractability (the decisional Diffie-Hellman assumption). In particular, no subset of (computationally bounded) colluding participants is capable of uncovering private information.

Preliminary Draft Spiteful Bidding in Sealed-Bid Auctions

We study the bidding behavior of spiteful agents who, contrary to the common assumption of selfinterest, maximize the weighted difference of their own profit and their competitors ’ profit. This assumption is motivated by inherent spitefulness, or, for example, by competitive scenarios such as in closed markets where the loss of a competitor will likely result in future gains for oneself. We derive symmetric Bayes Nash equilibria for spiteful agents in 1st-price and 2nd-price sealed-bid auctions. In 1st-price auctions, bidders become “more truthful ” the more spiteful they are. Surprisingly, the equilibrium strategy in 2nd-price auctions does not depend on the number of bidders. Based on these equilibria, we compare revenue in both auction types. It turns out that expected revenue in 2nd-price auctions is higher than expected revenue in 1st-price auctions whenever agents have the slightest interest in reducing others ’ profit as long as they still care for their own profit. In other words, revenue equivalence only holds for auctions in which all agents are either self-interested or completely malicious. We furthermore investigate the impact of common knowledge on spiteful bidding. Making bidders ’ valuations publicly available results in less revenue in 2nd-price auctions whereas it increases revenue in 1st-price auctions.