Advances in Cryptology - CRYPTO 2009

Volume 5677 of the series Lecture Notes in Computer Science pp 541-558

Privacy-Enhancing Auctions Using Rational Cryptography

  • Peter Bro MiltersenAffiliated withDept. of Computer Science, Aarhus University
  • , Jesper Buus NielsenAffiliated withDept. of Computer Science, Aarhus University
  • , Nikos TriandopoulosAffiliated withDept. of Computer Science, Boston University


We consider enhancing with privacy concerns a large class of auctions, which include sealed-bid single-item auctions but also general multi-item multi-winner auctions, our assumption being that bidders primarily care about monetary payoff and secondarily worry about exposing information about their type to other players and learning information about other players’ types, that is, bidders are greedy then paranoid. To treat privacy explicitly within the game theoretic context, we put forward a novel hybrid utility model that considers both monetary and privacy components in players’ payoffs.

We show how to use rational cryptography to approximately implement any given ex interim individually strictly rational equilibrium of such an auction without a trusted mediator through a cryptographic protocol that uses only point-to-point authenticated channels between the players. By “ex interim individually strictly rational” we mean that, given its type and before making its move, each player has a strictly positive expected utility. By “approximately implement” we mean that, under cryptographic assumptions, running the protocol is a computational Nash equilibrium with a payoff profile negligibly close to the original equilibrium.