Efficient and Private Divisible Double Auction in Trusted Execution Environment

Abstract

Auction mechanisms for exchanging divisible resources (e.g., electricity, cloud resources, and network bandwidth) among distributed agents have been extensively studied. In particular, divisible double auction allows both buyers and sellers to dynamically submit their prices until convergence. However, severe privacy concerns may arise in the double auctions since all the agents may have to disclose their sensitive data such as the bid profiles (i.e., bid amounts and prices in different iterations) to other agents for resource allocation. To address such concerns, we propose an efficient and private auction system ETA by co-designing the divisible double auction mechanism with the Intel SGX, which executes the computation for auction while ensuring confidentiality and integrity for the buyers/sellers’ sensitive data. Furthermore, ETA seals the bid profiles to achieve a Progressive Second Price (PSP) auction for optimally allocating divisible resources while ensuring truthfulness with a Nash Equilibrium. Finally, we conduct experiments to validate the performance of private auction system ETA.

Appendix

Proof of Theorem 1

Proof

(1) Per the payment rule of ETA (extended from the VCG auction) in Eq. 1, buyer \(m\in \mathcal {B}\) will change its own strategies based on other buyers’ strategies (so does seller \(n\in \mathcal {S}\)). As defined in Sect. 2.1, \(\rho _{m}\) is the payment made by buyer m while \(\rho _{n}\) is the payment received by seller n. Also, \(\rho (r_{i},r_{-i})\) is defined as the difference between all the buyers’ aggregated valuation if any other buyer i is not in the auction and the aggregated valuation if buyer i is in the auction. Then, \(\rho (r_{i},r_{-i})\) can be transformed into the difference between two payoff functions:

$$\begin{aligned} \rho (r_{i},r_{-i}) = \sum _{m \ne i} \alpha _{m} [A_{m}(0;r_{-i}) - A_{m}(r_{i};r_{-i})] \end{aligned}$$

$$\begin{aligned} = \underbrace{(\max \sum _{m \ne i} f_{m}(r))}_{\text {without m}} - \underbrace{\sum _{m \ne i} f_{m}(r^{*})}_{\text {with m}} \end{aligned}$$

(8)

In addition, as defined in Sect. 2.1, the payoff function for buyer m is \(\widehat{V}_{m}(A_{m}^{*}({r})) - \rho (r_{i},r_{-i})\). The payoff function is supposed to be maximized if there exists the optimal bid profile \(r^{*}\), including the optimal allocation profiles for buyers and sellers: \(A_{m}^{*}({r})\) and \(A_{n}^{*}({r})\). After integrating Eq. 8, we have the payoff function w.r.t. the buyer m as below:

(9)

In Eq. 9, the \(\left[ (\max \sum _{m \ne i} f_{m}(r))\right] \) is the same for all the buyers (\(\forall m\in \mathcal {B}\)). Then, the problem of maximizing buyer m’s payoff is reduced to the problem of maximizing \(\left[ \widehat{V}_{m}(A_{m}^{*}({r}^{*})) + \sum _{m \ne i} f_{m}(r^{*}) \right] \). Intuitively, buyer m would choose the strategy to maximize \(\left[ \widehat{V}_{m}(A_{m}^{*}({r}^{*})) + \sum _{m \ne i} f_{m}(r^{*}) \right] \). Per Definition 4 and incentive compatibility proven in (4), if each agent responds untruthfully, it would not obtain a higher payoff than truthful response. If buyer m bids truthfully and the objective (to maximize) for double auction mechanism becomes identical to the \(\left[ \widehat{V}_{m}(A_{m}^{*}({r}^{*})) + \sum _{m \ne i} f_{m}(r^{*}) \right] \). The payoff will be maximized if buyer m bids truthfully. Therefore, the truthful responses in the double auction mechanism are the best strategies for all the buyer \(\forall m\in \mathcal {B}\).

Similarly, for any seller \(n\in \mathcal {S}\), its payoff function \(f_{n}({r}) = \rho (r_{j},r_{-j}) - \widehat{C}_{n}(A_{n}^{*})\) as defined in Sect. 2.1 can also be proven in the same way. Thus, the divisible double auction mechanism in ETA ensures weakly dominant strategy.

(2) If buyer \(m\in \mathcal {B}\) provides truthful bid profile, then it has a non-negative payoff function \(f_{m}({r}) = \widehat{V}_{m}(A_{m}^{*}) - \rho (r_{i},r_{-i}), \forall m \in \mathcal {B}\). Similarly, seller \(n\in \mathcal {S}\) can also obtain a non-negative payoff function: \(f_{n}({r}) = \rho (r_{j},r_{-j}) - \widehat{C}_{n}(A_{n}^{*}), \forall n \in \mathcal {S}\) with truthful bid profile. Thus, the double auction satisfies individual rationality, which indicates that all the agents have non-negative payoffs by participating in the double auction of ETA.

(3) Allocation \((A_{m}, \rho _{m})\) satisfies Pareto efficiency within the budget \(\varphi _{m}\) (\(\rho _{m} < \varphi _{m}\)) in the divisible double auction ETA if there does not exist a better allocation \((A_{m}^{'}, \rho _{m}^{'}) \): \(f_{m}(A_{m}, \rho _{m}) > f_{m}(A_{m}^{'}, p_{m}^{'})\). Suppose that buyer \(m\in \mathcal {B}\) is allocated with amount \(A_{m}\) in bid profile r (satisfying individual rationality as above and incentive compatibility as proven in (4)). We now prove the Pareto efficiency (optimality). Given \(f_{m}^{*}\) = \(\max _{A_{m}} f_{m}(A_{m},\rho (A_{m}, (r_{-m}))\), buyer m’s payoff is upper bounded by \(f_{m}^{*}\). If m would like to gain more payoff, then it needs to pay \( \rho (A_{m}, (r_{m},r_{-m}))\). Thus, the payoff is supposed to be lowered bounded by \(f_{m}^{*}\). Thus, buyer m’s payoff is exactly \(f_{m}^{*}\) for the optimality. Similarly, \(f_{n}^{*}\) = \(\max _{A_{n}} f_{n}(A_{n},\rho (A_{n}, (r_{-n}))\) can be proven for sellers. Therefore, the Pareto efficiency is verified in ETA.

(4) Denote the allocation of buyer \(m\in \mathcal {B}\) as the \(A_{m}\), and also denote the allocation in the k-th iteration as \(A_{m}^{k}\). To show the incentive compatibility for any buyer \(m \in \mathcal {B}\), we verify that for any bid profile \(b=(b_{m}, m \in \mathcal {B})\). Given \(r_{-m}\), there exists a truthful bid profile \(b_{m}= (\alpha _{m}, d_{m}^{k})\) where \(\alpha _{m} = \widehat{V}_{m}^{'}(d_{m}^{k})\), such that \(f_{m}(b_{m}^{k}, r_{-m}) \ge f_{m}(b_{m}, r_{-m}), \forall m \in \mathcal {B}\):

• Case 1: if \(\alpha _{m} < \widehat{V}_{m}^{'}(d_{m})\). Consider a bid \(b_{m}^{k}\), such that \(d_{m}^{k} = A_{m} \le d_{m}\). Based on the diminishing marginal utility of the valuation function for buyers, we have \(\alpha _{m}^{k} \ge \widehat{V}_{m}^{'}(d_{m}) > \alpha _{m}\). Since we get the maximum social welfare, we have \(A_{m}^{k} \ge A_{m}\). Thus, we have \(f_{m}(b_{m}^{k}, r_{-m}) \ge f_{m}(b_{m}, r_{-m}), \forall m \in \mathcal {B}\).

• Case 2: if \(\alpha _{m} > \widehat{V}_{m}^{'}(d_{m})\). Considering bid \(b_{m}^{k}\), such that \(d_{m}^{k} = d_{m}\), we have \(\alpha _{m} > \widehat{V}_{m}^{'}(d_{m}) = \widehat{V}_{m}^{'} (d_{m}^{k}) = \alpha _{m}^{k}\). Also, \(A_{m}^{k} \le A_{m}\) holds for the maximum social welfare. When \(A_{m}^{k} = A_{m}\), we have \(f_{m}(b_{m}^{k}, r_{-m}) = f_{m}(b_{m}, r_{-m}), \forall m \in \mathcal {B}\). When \(A_{m}^{k} < A_{m}\), we have:

  

  (10)

Given Case 1 and 2, we have \(f_{m}(b_{m}^{k}, r_{-m}) \ge f_{m}(b_{m}, r_{-m}), \forall m \in \mathcal {B}\). Similarly, incentive compatibility can also be proven for all the sellers \(\forall n \in \mathcal {S}\).

(5) Assuming that \(\sum _{m \in \mathcal {B}} d_{m} \ge \sum _{n \in \mathcal {S}} h_{n}\) holds for the initialization, then the potential amount for all divisible resources \(C = \min \{ \sum _{m \in \mathcal {B}} d_{m}, \sum _{n \in \mathcal {S}} h_{n}\}\) holds for the iterative computation in the ETA. Thus, we have \(\sum _{m \in \mathcal {B}} d_{m} = \sum _{n \in \mathcal {S}} h_{n}\). Furthermore, compared with the other case: \(\sum d_{m} \le h_{n}\), the divisible double auction mechanism in ETA satisfies the feasibility. In summary, these complete the proof.    \(\square \)