Mechanisms that aggregate the possibly conflicting preferences of individual agents are studied extensively in economics, operations research, and lately computer science. Perhaps surprisingly, the classic literature assumes participating agents to act selfishly, possibly untruthfully, if it is to their advantage, whereas the mechanism center is usually assumed to be honest and trustworthy. We argue that cryptography offers various concepts and building blocks to ensure the secure, i.e., correct and private, execution of mechanisms. We propose models with and without a center that guarantee correctness and preserve the privacy of preferences relying on diverse assumptions such as the trustworthiness of the center or the hardness of computation. The decentralized model in which agents jointly “emulate” a virtual mechanism center is particularly interesting for two reasons. For one, it provides privacy without relying on a trusted third-party. Second, it enables the provably correct execution of randomized mechanisms (which is not the case in the centralized model). We furthermore point out how untruthful and multi-step mechanisms can improve privacy. In particular, we show that the fully private emulation of a preference elicitor can result in unconditional privacy of a (non-empty) subset of preferences.


Vickrey Auction Secure Multiparty Computation Private Channel Mechanism Execution Trapdoor Permutation 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [AH00]
    Avery, C., Hendershott, T.: Bundling and optimal auctions of multiple products. Review of Economic Studies 67, 483–497 (2000)CrossRefzbMATHGoogle Scholar
  2. [BGW88]
    Ben-Or, M., Goldwasser, S., Wigderson, A.: Completeness theorems for non-cryptographic fault-tolerant distributed computation. In: Proc. of 20th STOC, pp. 1–10. ACM Press, New York (1988)Google Scholar
  3. [Blu82]
    Blum, M.: Coin flipping by telephone. In: Proc. of 24th IEEE Spring Computer Conference, pp. 133–137. IEEE Press, Los Alamitos (1982)Google Scholar
  4. [BOGG+88]
    Ben-Or, M., Goldreich, O., Goldwasser, S., Håstad, J., Kilian, J., Micali, S., Rogaway, P.: Everything provable is provable in zero-knowledge. In: Goldwasser, S. (ed.) CRYPTO 1988. LNCS, vol. 403, pp. 37–56. Springer, Heidelberg (1990)Google Scholar
  5. [Bra03a]
    Brandt, F.: Fully private auctions in a constant number of rounds. In: Wright, R.N. (ed.) FC 2003. LNCS, vol. 2742, pp. 223–238. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  6. [Bra03b]
    Brandt, F.: Social choice and preference protection - Towards fully private mechanism design. In: Nisan, N. (ed.) Proc. of 4th ACM Conference on Electronic Commerce, pp. 220–221. ACM Press, New York (2003)Google Scholar
  7. [BS04]
    Brandt, F., Sandholm, T. (Im)possibility of unconditionally privacy-preserving auctions. In: Sierra, C., Sonenberg, L. (eds.) Proc. of 3rd AAMAS Conference, pp. 810–817. ACM Press, New York (2004)Google Scholar
  8. [BTT89]
    Bartholdi III, J., Tovey, C.A., Trick, M.A.: The computational difficulty of manipulating an election. Social Choice and Welfare 6(3), 227–241 (1989)MathSciNetCrossRefzbMATHGoogle Scholar
  9. [CCD88]
    Chaum, D., Crépeau, C., Damgård, I.: Multi-party unconditionally secure protocols. In: Proc. of 20th STOC, pp. 11–19. ACM Press, New York (1988)Google Scholar
  10. [CK89]
    Chor, B., Kushilevitz, E.: A zero-one law for Boolean privacy. In: Proc. of 21st STOC, pp. 36–47. ACM Press, New York (1989)Google Scholar
  11. [CS01]
    Conen, W., Sandholm, T.: Preference elicitation in combinatorial auctions. In: Proc. of 3rd ACM Conference on E-Commerce, pp. 256–259. ACM Press, New York (2001)CrossRefGoogle Scholar
  12. [CS02a]
    Conitzer, V., Sandholm, T.: Complexity of mechanism design. In: Proc. of 18th Conference on Uncertainty in Artificial Intelligence (UAI), pp. 103–110 (2002)Google Scholar
  13. [CS02b]
    Conitzer, V., Sandholm, T.: Vote elicitation: Complexity and strategy-proofness. In: Proc. of 18th AAAI Conference, pp. 392–397. AAAI Press, Menlo Park (2002)Google Scholar
  14. [CS03a]
    Conitzer, V., Sandholm, T.: Applications of automated mechanism design. In: Proc. of UAI workshop on Bayesian Modeling Applications (2003)Google Scholar
  15. [CS03b]
    Conitzer, V., Sandholm, T.: Computational criticisms of the revelation principle. In: Proc. of 5th Workshop on Agent Mediated Electronic Commerce (AMEC). LNCS. Springer, Heidelberg (2003)Google Scholar
  16. [CS03c]
    Conitzer, V., Sandholm, T.: Universal voting protocol tweaks to make manipulation hard. In: Proc. of 18th IJCAI, pp. 781–788 (2003)Google Scholar
  17. [DH76]
    Diffie, W., Hellman, M.E.: New directions in cryptography. IEEE Transactions on Information Theory IT-22(6), 644–654 (1976)MathSciNetCrossRefzbMATHGoogle Scholar
  18. [FNR+02]
    Feigenbaum, J., Nisan, N., Ramachandran, V., Sami, R., Shenker, S.: Agents’ privacy in distributed algorithmic mechanisms. Position Paper (2002)Google Scholar
  19. [FS02]
    Feigenbaum, J., Shenker, S.: Distributed algorithmic mechanism design: Recent results and future directions. In: Proc. of 6th International Workshop on Discrete Algorithms and Methods for Mobile Computing and Communications, pp. 1–13. ACM Press, New York (2002)Google Scholar
  20. [GMW87]
    Goldreich, O., Micali, S., Wigderson, A.: How to play any mental game or a completeness theorem for protocols with honest majority. In: Proc. of 19th STOC, pp. 218–229. ACM Press, New York (1987)Google Scholar
  21. [Gol01]
    Goldreich, O.: Foundations of Cryptography. Basic Tools, vol. 1. Cambridge University Press, Cambridge (2001)CrossRefzbMATHGoogle Scholar
  22. [HT04]
    Halpern, J., Teague, V.: Rational secret sharing and multiparty computation. In: Proc. of 36th STOC, ACM Press, New York (2004)Google Scholar
  23. [Kik01]
    Kikuchi, H.: (M+1)st-price auction protocol. In: Syverson, P.F. (ed.) FC 2001. LNCS, vol. 2339, pp. 351–363. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  24. [Kus89]
    Kushilevitz, E.: Privacy and communication complexity. In: Proc. of 30th FOCS Symposium, pp. 416–421. IEEE Computer Society Press, Los Alamitos (1989)Google Scholar
  25. [LSP82]
    Lamport, L., Shostak, R., Pease, M.: The Byzantine generals problem. ACM Transactions on Programming Languages and Systems 4(3), 382–401 (1982)CrossRefzbMATHGoogle Scholar
  26. [MPS03]
    McGrew, R., Porter, R., Shoham, Y.: Towards a general theory of non-cooperative computation. In: Proc. of 9th International Conference on Theoretical Aspects of Rationality and Knowledge (TARK) (2003)Google Scholar
  27. [MT99]
    Monderer, D., Tennenholtz, M.: Distributed games: From mechanisms to protocols. In: Proc. of 15th AAAI Conference, pp. 32–37. AAAI Press, Menlo Park (1999)Google Scholar
  28. [MV04]
    Mehta, A., Vazirani, V.: Randomized truthful auctions of digital goods are randomizations over truthful auctions. In: Proc. of 5th ACM Conference on E-Commerce, pp. 120–124. ACM Press, New York (2004)Google Scholar
  29. [Nao89]
    Naor, M.: Bit commitment using pseudorandomness. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 128–137. Springer, Heidelberg (1990)Google Scholar
  30. [NPS99]
    Naor, M., Pinkas, B., Sumner, R.: Privacy preserving auctions and mechanism design. In: Proc. of 1st ACM Conference on E-Commerce, pp. 129–139. ACM Press, New York (1999)CrossRefGoogle Scholar
  31. [PS03]
    Porter, R., Shoham, Y.: On cheating in sealed-bid auctions. In: Proc. of 4th ACM Conference on E-Commerce, pp. 76–84. ACM Press, New York (2003)Google Scholar
  32. [RTK90]
    Rothkopf, M.H., Teisberg, T.J., Kahn, E.P.: Why are Vickrey auctions rare? Journal of Political Economy 98(1), 94–109 (1990)CrossRefGoogle Scholar
  33. [San93]
    Sandholm, T.: An implementation of the contract net protocol based on marginal cost calculations. In: Proc. of 10th AAAI Conference, pp. 256–262. AAAI Press, Menlo Park (1993)Google Scholar
  34. [Yao82]
    Yao, A.C.: Protocols for secure computation. In: Proc. of 23th FOCS Symposium, pp. 160–164. IEEE Computer Society Press, Los Alamitos (1982)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Felix Brandt
    • 1
  • Tuomas Sandholm
    • 1
  1. 1.Carnegie Mellon UniversityPittsburghUSA

Personalised recommendations