Abstract
Auction mechanisms for exchanging divisible resources (e.g., electricity, cloud resources, and network bandwidth) among distributed agents have been extensively studied. In particular, divisible double auction allows both buyers and sellers to dynamically submit their prices until convergence. However, severe privacy concerns may arise in the double auctions since all the agents may have to disclose their sensitive data such as the bid profiles (i.e., bid amounts and prices in different iterations) to other agents for resource allocation. To address such concerns, we propose an efficient and private auction system ETA by co-designing the divisible double auction mechanism with the Intel SGX, which executes the computation for auction while ensuring confidentiality and integrity for the buyers/sellers’ sensitive data. Furthermore, ETA seals the bid profiles to achieve a Progressive Second Price (PSP) auction for optimally allocating divisible resources while ensuring truthfulness with a Nash Equilibrium. Finally, we conduct experiments to validate the performance of private auction system ETA.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Graphene [36] is a lightweight guest OS, designed for minimal host requirements. Applications can be protected in a hardware-encrypted memory region.
- 2.
References
Aliabadi, D.E., Kaya, M., Şahin, G.: An agent-based simulation of power generation company behavior in electricity markets under different market-clearing mechanisms. Energy Policy 100, 191–205 (2017)
Barker, S., Mishra, A., Irwin, D., Shenoy, P., Albrecht, J.: SmartCap: flattening peak electricity demand in smart homes. In: IEEE PerCom, pp. 67–75 (2012)
Bompard, E., Ma, Y., Napoli, R., Abrate, G.: The demand elasticity impacts on the strategic bidding behavior of the electricity producers. IEEE Trans. Power Syst. 22(1), 188–197 (2007)
Brandt, F., Sandholm, T., Shoham, Y.: Spiteful bidding in sealed-bid auctions. In: Veloso, M.M. (ed.) IJCAI, pp. 1207–1214 (2007)
Brero, G., Lahaie, S., Seuken, S.: Fast iterative combinatorial auctions via bayesian learning. In: AAAI, pp. 1820–1828 (2019)
Canetti, R.: Universally composable security: a new paradigm for cryptographic protocols. In: Annual Symposium on Foundations of Computer Science, FOCS 2001, pp. 136–145. IEEE Computer Society (2001)
Chen, Z., Huang, L., Li, L., Yang, W., Miao, H., Tian, M., Wang, F.: PS-TRUST: provably secure solution for truthful double spectrum auctions. In: 2014 IEEE Conference on Computer Communications, INFOCOM, pp. 1249–1257 (2014)
Chen, Z., Chen, L., Huang, L., Zhong, H.: On privacy-preserving cloud auction. In: 35th IEEE SRDS, pp. 279–288 (2016)
Dobzinski, S., Lavi, R., Nisan, N.: Multi-unit auctions with budget limits. Games Econ. Behav. 74(2), 486–503 (2012)
Dong, M., Sun, G., Wang, X., Zhang, Q.: Combinatorial auction with time-frequency flexibility in cognitive radio networks. In: IEEE INFOCOM (2012)
Faqiry, M.N., Das, S.: Double-sided energy auction in microgrid: equilibrium under price anticipation. IEEE Access 4, 3794–3805 (2016)
Feng, Z., Qiu, C., Feng, Z., Wei, Z., Li, W., Zhang, P.: An effective approach to 5g: wireless network virtualization. IEEE Commun. Mag. 53(12), 53–59 (2015)
Fujiwara, I., Aida, K., Ono, I.: Applying double-sided combinational auctions to resource allocation in cloud computing. In: SAINT, pp. 7–14 (2010)
Gao, W., Yu, W., Liang, F., Hatcher, W.G., Lu, C.: Privacy-preserving auction for big data trading using homomorphic encryption. IEEE Trans. Netw. Sci. Eng. (2020)
Hoefer, M., Kesselheim, T., Vöcking, B.: Approximation algorithms for secondary spectrum auctions. ACM Trans. Internet Techn. 14(2–3), 16:1–16:24 (2014)
Hoekstra, M., Lal, R., Pappachan, P., Phegade, V., del Cuvillo, J.: Using innovative instructions to create trustworthy software solutions. In: HASP@ISCA, p. 11 (2013)
Hong, Y., Wang, H., Xie, S., Liu, B.: Privacy preserving and collusion resistant energy sharing. In: 2018 IEEE ICASSP, pp. 6941–6945 (2018)
Hong, Y., Goel, S., Liu, W.: An efficient and privacy-preserving scheme for P2P energy exchange among smart microgrids. Int. J. Energy Res. 40(3), 313–331 (2016)
Huang, H., Li, X., Sun, Y., Xu, H., Huang, L.: PPS: privacy-preserving strategyproof social-efficient spectrum auction mechanisms. IEEE Trans. Parallel Distrib. Syst. 26(5), 1393–1404 (2015)
Huang, Q., Tao, Y., Wu, F.: SPRING: a strategy-proof and privacy preserving spectrum auction mechanism. In: Proceedings of the IEEE INFOCOM, pp. 827–835 (2013)
Jia, J., Zhang, Q., Zhang, Q., Liu, M.: Revenue generation for truthful spectrum auction in dynamic spectrum access. In: ACM MobiHoc, pp. 3–12 (2009)
Jin, A., Song, W., Zhuang, W.: Auction-based resource allocation for sharing cloudlets in mobile cloud computing. IEEE Trans. Emerg. Topics Comput. 6, 45–57 (2018)
Johari, R., Tsitsiklis, J.N.: Efficiency loss in a network resource allocation game. Math. Oper. Res. 29(3), 407–435 (2004)
Kebriaei, H., Maham, B., Niyato, D.: Double-sided bandwidth-auction game for cognitive device-to-device communication in cellular networks. IEEE Trans. Vehicular Technol. 65(9), 7476–7487 (2016)
Kojima, F., Yamashita, T.: Double auction with interdependent values: incentives and efficiency. Theor. Econ. 12(3), 1393–1438 (2017)
Kosba, A.E., Miller, A., Shi, E., Wen, Z., Papamanthou, C.: Hawk: the blockchain model of cryptography and privacy-preserving smart contracts. In: IEEE Symposium on Security and Privacy, pp. 839–858 (2016)
Krishna, V.: Auction Theory. Academic Press, Boston (2009)
Lazar, A.A., Semret, N.: Design and analysis of the progressive second price auction for network bandwidth sharing. Telecommun. Syst. 13 (2001)
Liu, B., Xie, S., Hong, Y.: PANDA: privacy-aware double auction for divisible resources without a mediator. In: AAMAS, pp. 1904–1906 (2020)
Lorenzo, B., González-Castaño, F.J.: A matching game for data trading in operator-supervised user-provided networks. In: IEEE ICC, pp. 1–7 (2016)
Maheswaran, R.T., Başar, T.: Nash equilibrium and decentralized negotiation in auctioning divisible resources. Group Decis. Negot. 12(5), 361–395 (2003)
Peng, K., Boyd, C., Dawson, E., Viswanathan, K.: Robust, privacy protecting and publicly verifiable sealed-bid auction. In: International Conference, ICICS, pp. 147–159 (2002)
Shi, E., Zhang, F., Pass, R., Devadas, S., Song, D., Liu, C.: Trusted hardware: life, the composable universe, and everything. Manuscript (2015)
Suzuki, K., Yokoo, M.: Secure generalized Vickrey auction using homomorphic encryption. In: Wright, R.N. (ed.) FC 2003. LNCS, vol. 2742, pp. 239–249. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-45126-6_17
Suzuki, K., Yokoo, M.: Secure combinatorial auctions by dynamic programming with polynomial secret sharing. In: Blaze, M. (ed.) FC 2002. LNCS, vol. 2357, pp. 44–56. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-36504-4_4
Tsai, C., et al.: Cooperation and security isolation of library OSES for multi-process applications. In: EuroSys, pp. 9:1–9:14. ACM (2014)
Tsai, C., Porter, D.E., Vij, M.: Graphene-SGX: a practical library OS for unmodified applications on SGX. In: Silva, D.D., Ford, B. (eds.) USENIX, pp. 645–658 (2017)
Tuffin, B.: Revisited progressive second price auction for charging telecommunication networks. Telecommun. Syst. 20(3–4), 255–263 (2002)
Wang, Y., Saad, W., Han, Z., Poor, H.V., Basar, T.: A game-theoretic approach to energy trading in the smart grid. IEEE Trans. Smart Grid 5(3), 1439–1450 (2014)
Wu, F., Vaidya, N.H.: SMALL: a strategy-proof mechanism for radio spectrum allocation. In: IEEE INFOCOM, pp. 81–85 (2011)
Xie, S., Wang, H., Hong, Y., Thai, M.: Privacy preserving distributed energy trading. In: IEEE ICDCS (2020)
Xu, P., Xu, X., Tang, S., Li, X.: Truthful online spectrum allocation and auction in multi-channel wireless networks. In: IEEE INFOCOM, pp. 26–30 (2011)
Yokoo, M., Sakurai, Y., Matsubara, S.: The effect of false-name bids in combinatorial auctions: new fraud in internet auctions. Games Econ. Behav. 46, 174–188 (2004)
Yuan, R., Xia, Y., Chen, H., Zang, B., Xie, J.: Shadoweth: private smart contract on public blockchain. J. Comput. Sci. Technol. 33(3), 542–556 (2018)
Yu, J., Cheung, M.H., Huang, J., Poor, H.V.: Mobile data trading: a behavioral economics perspective. In: IEEE WiOpt, pp. 363–370 (2015)
Zhang, D., Chang, Z., Yu, F.R., Chen, X., Hämäläinen, T.: A double auction mechanism for virtual resource allocation in SDN-based cellular network. In: IEEE International Symposium on PIMRC, pp. 1–6 (2016)
Zhang, F., Cecchetti, E., Croman, K., Juels, A., Shi, E.: Town crier: an authenticated data feed for smart contracts. In: ACM Conference on CCS, pp. 270–282 (2016)
Zou, S., Ma, Z., Liu, X.: Resource allocation game under double-sided auction mechanism: efficiency and convergence. IEEE Trans. Automat. Contr. 63, 1273–1287 (2018)
Acknowledgments
This work is partially supported by the National Science Foundation (NSF) under Grant No. CNS-1745894. The authors would like to thank the anonymous reviewers for their constructive comments.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Appendix
Appendix
Proof of Theorem 1
Proof
(1) Per the payment rule of ETA (extended from the VCG auction) in Eq. 1, buyer \(m\in \mathcal {B}\) will change its own strategies based on other buyers’ strategies (so does seller \(n\in \mathcal {S}\)). As defined in Sect. 2.1, \(\rho _{m}\) is the payment made by buyer m while \(\rho _{n}\) is the payment received by seller n. Also, \(\rho (r_{i},r_{-i})\) is defined as the difference between all the buyers’ aggregated valuation if any other buyer i is not in the auction and the aggregated valuation if buyer i is in the auction. Then, \(\rho (r_{i},r_{-i})\) can be transformed into the difference between two payoff functions:
In addition, as defined in Sect. 2.1, the payoff function for buyer m is \(\widehat{V}_{m}(A_{m}^{*}({r})) - \rho (r_{i},r_{-i})\). The payoff function is supposed to be maximized if there exists the optimal bid profile \(r^{*}\), including the optimal allocation profiles for buyers and sellers: \(A_{m}^{*}({r})\) and \(A_{n}^{*}({r})\). After integrating Eq. 8, we have the payoff function w.r.t. the buyer m as below:
In Eq. 9, the \(\left[ (\max \sum _{m \ne i} f_{m}(r))\right] \) is the same for all the buyers (\(\forall m\in \mathcal {B}\)). Then, the problem of maximizing buyer m’s payoff is reduced to the problem of maximizing \(\left[ \widehat{V}_{m}(A_{m}^{*}({r}^{*})) + \sum _{m \ne i} f_{m}(r^{*}) \right] \). Intuitively, buyer m would choose the strategy to maximize \(\left[ \widehat{V}_{m}(A_{m}^{*}({r}^{*})) + \sum _{m \ne i} f_{m}(r^{*}) \right] \). Per Definition 4 and incentive compatibility proven in (4), if each agent responds untruthfully, it would not obtain a higher payoff than truthful response. If buyer m bids truthfully and the objective (to maximize) for double auction mechanism becomes identical to the \(\left[ \widehat{V}_{m}(A_{m}^{*}({r}^{*})) + \sum _{m \ne i} f_{m}(r^{*}) \right] \). The payoff will be maximized if buyer m bids truthfully. Therefore, the truthful responses in the double auction mechanism are the best strategies for all the buyer \(\forall m\in \mathcal {B}\).
Similarly, for any seller \(n\in \mathcal {S}\), its payoff function \(f_{n}({r}) = \rho (r_{j},r_{-j}) - \widehat{C}_{n}(A_{n}^{*})\) as defined in Sect. 2.1 can also be proven in the same way. Thus, the divisible double auction mechanism in ETA ensures weakly dominant strategy.
(2) If buyer \(m\in \mathcal {B}\) provides truthful bid profile, then it has a non-negative payoff function \(f_{m}({r}) = \widehat{V}_{m}(A_{m}^{*}) - \rho (r_{i},r_{-i}), \forall m \in \mathcal {B}\). Similarly, seller \(n\in \mathcal {S}\) can also obtain a non-negative payoff function: \(f_{n}({r}) = \rho (r_{j},r_{-j}) - \widehat{C}_{n}(A_{n}^{*}), \forall n \in \mathcal {S}\) with truthful bid profile. Thus, the double auction satisfies individual rationality, which indicates that all the agents have non-negative payoffs by participating in the double auction of ETA.
(3) Allocation \((A_{m}, \rho _{m})\) satisfies Pareto efficiency within the budget \(\varphi _{m}\) (\(\rho _{m} < \varphi _{m}\)) in the divisible double auction ETA if there does not exist a better allocation \((A_{m}^{'}, \rho _{m}^{'}) \): \(f_{m}(A_{m}, \rho _{m}) > f_{m}(A_{m}^{'}, p_{m}^{'})\). Suppose that buyer \(m\in \mathcal {B}\) is allocated with amount \(A_{m}\) in bid profile r (satisfying individual rationality as above and incentive compatibility as proven in (4)). We now prove the Pareto efficiency (optimality). Given \(f_{m}^{*}\) = \(\max _{A_{m}} f_{m}(A_{m},\rho (A_{m}, (r_{-m}))\), buyer m’s payoff is upper bounded by \(f_{m}^{*}\). If m would like to gain more payoff, then it needs to pay \( \rho (A_{m}, (r_{m},r_{-m}))\). Thus, the payoff is supposed to be lowered bounded by \(f_{m}^{*}\). Thus, buyer m’s payoff is exactly \(f_{m}^{*}\) for the optimality. Similarly, \(f_{n}^{*}\) = \(\max _{A_{n}} f_{n}(A_{n},\rho (A_{n}, (r_{-n}))\) can be proven for sellers. Therefore, the Pareto efficiency is verified in ETA.
(4) Denote the allocation of buyer \(m\in \mathcal {B}\) as the \(A_{m}\), and also denote the allocation in the k-th iteration as \(A_{m}^{k}\). To show the incentive compatibility for any buyer \(m \in \mathcal {B}\), we verify that for any bid profile \(b=(b_{m}, m \in \mathcal {B})\). Given \(r_{-m}\), there exists a truthful bid profile \(b_{m}= (\alpha _{m}, d_{m}^{k})\) where \(\alpha _{m} = \widehat{V}_{m}^{'}(d_{m}^{k})\), such that \(f_{m}(b_{m}^{k}, r_{-m}) \ge f_{m}(b_{m}, r_{-m}), \forall m \in \mathcal {B}\):
-
Case 1: if \(\alpha _{m} < \widehat{V}_{m}^{'}(d_{m})\). Consider a bid \(b_{m}^{k}\), such that \(d_{m}^{k} = A_{m} \le d_{m}\). Based on the diminishing marginal utility of the valuation function for buyers, we have \(\alpha _{m}^{k} \ge \widehat{V}_{m}^{'}(d_{m}) > \alpha _{m}\). Since we get the maximum social welfare, we have \(A_{m}^{k} \ge A_{m}\). Thus, we have \(f_{m}(b_{m}^{k}, r_{-m}) \ge f_{m}(b_{m}, r_{-m}), \forall m \in \mathcal {B}\).
-
Case 2: if \(\alpha _{m} > \widehat{V}_{m}^{'}(d_{m})\). Considering bid \(b_{m}^{k}\), such that \(d_{m}^{k} = d_{m}\), we have \(\alpha _{m} > \widehat{V}_{m}^{'}(d_{m}) = \widehat{V}_{m}^{'} (d_{m}^{k}) = \alpha _{m}^{k}\). Also, \(A_{m}^{k} \le A_{m}\) holds for the maximum social welfare. When \(A_{m}^{k} = A_{m}\), we have \(f_{m}(b_{m}^{k}, r_{-m}) = f_{m}(b_{m}, r_{-m}), \forall m \in \mathcal {B}\). When \(A_{m}^{k} < A_{m}\), we have:
(10)
Given Case 1 and 2, we have \(f_{m}(b_{m}^{k}, r_{-m}) \ge f_{m}(b_{m}, r_{-m}), \forall m \in \mathcal {B}\). Similarly, incentive compatibility can also be proven for all the sellers \(\forall n \in \mathcal {S}\).
(5) Assuming that \(\sum _{m \in \mathcal {B}} d_{m} \ge \sum _{n \in \mathcal {S}} h_{n}\) holds for the initialization, then the potential amount for all divisible resources \(C = \min \{ \sum _{m \in \mathcal {B}} d_{m}, \sum _{n \in \mathcal {S}} h_{n}\}\) holds for the iterative computation in the ETA. Thus, we have \(\sum _{m \in \mathcal {B}} d_{m} = \sum _{n \in \mathcal {S}} h_{n}\). Furthermore, compared with the other case: \(\sum d_{m} \le h_{n}\), the divisible double auction mechanism in ETA satisfies the feasibility. In summary, these complete the proof. Â Â Â \(\square \)
Rights and permissions
Copyright information
© 2021 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Liu, B., Xie, S., Hong, Y. (2021). Efficient and Private Divisible Double Auction in Trusted Execution Environment. In: Chen, B., Huang, X. (eds) Applied Cryptography in Computer and Communications. AC3 2021. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 386. Springer, Cham. https://doi.org/10.1007/978-3-030-80851-8_6
Download citation
DOI: https://doi.org/10.1007/978-3-030-80851-8_6
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-80850-1
Online ISBN: 978-3-030-80851-8
eBook Packages: Computer ScienceComputer Science (R0)