Advertisement

Strain: A Secure Auction for Blockchains

  • Erik-Oliver Blass
  • Florian Kerschbaum
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11098)

Abstract

We present Strain, a new auction protocol running on top of blockchains and guaranteeing bid confidentiality against fully-malicious parties. As our goal is efficiency and low blockchain latency, we abstain from using traditional, highly interactive MPC primitives such as secret shares. We focus on a slightly weaker adversary model than MPC which allows Strain to achieve constant latency in both the number of parties and the bid length. The main idea behind Strain is a new maliciously-secure two-party comparison mechanism executed between any pair of bids in parallel. Using zero-knowledge proofs, Strain broadcasts the outcome of comparisons on the blockchain in a way that all parties can verify each outcome. Strain’s latency is not only asymptotically optimal, but also efficient in practice, requiring a total of just 4 blocks of the underlying blockchain. Strain provides typical auction security requirements such as non-retractable bids against fully-malicious adversaries.

References

  1. 1.
    Accenture: How blockchain can bring greater value to procure-to-pay processes (2017). https://www.accenture.com
  2. 2.
    Archer, D.W., Bogdanov, D., Pinkas, B., Pullonen, P.: Maturity and performance of programmable secure computation. IEEE Secur. Priv. 14(5), 48–56 (2016)CrossRefGoogle Scholar
  3. 3.
    Ben-Sasson, E., et al.: Zerocash: decentralized anonymous payments from Bitcoin. In: Symposium on Security and Privacy, Berkeley, CA, USA, pp. 459–474 (2014)Google Scholar
  4. 4.
    Benhamouda, F., Halevi, S., Halevi, T.: Supporting private data on Hyperledger Fabric with secure multiparty computation. In: International Conference on Cloud Engineering, pp. 357–363 (2018)Google Scholar
  5. 5.
    Blum, M.: Coin flipping by telephone. In: Advances in Cryptology: A Report on CRYPTO 1981, Santa Barbara, California, USA, 24–26 August, pp. 11–15 (1981)Google Scholar
  6. 6.
    Boneh, D., Franklin, M.: Efficient generation of shared RSA keys (extended abstract). In: Kaliski, B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 425–439. Springer, Heidelberg (1997).  https://doi.org/10.1007/BFb0052253CrossRefGoogle Scholar
  7. 7.
    Bos, J., den Boer, B.: Detection of disrupters in the DC protocol. In: Quisquater, J.-J., Vandewalle, J. (eds.) EUROCRYPT 1989. LNCS, vol. 434, pp. 320–327. Springer, Heidelberg (1990).  https://doi.org/10.1007/3-540-46885-4_33CrossRefGoogle Scholar
  8. 8.
    Brandt, F.: Fully private auctions in a constant number of rounds. In: Wright, R.N. (ed.) FC 2003. LNCS, vol. 2742, pp. 223–238. Springer, Heidelberg (2003).  https://doi.org/10.1007/978-3-540-45126-6_16CrossRefGoogle Scholar
  9. 9.
    Brandt, F.: Auctions. In: Rosenberg, B. (ed.) Handbook of Financial Cryptography and Security, pp. 49–58. Chapman and Hall/CRC (2010)Google Scholar
  10. 10.
    Cachin, C.: Efficient private bidding and auctions with an oblivious third party. In: Conference on Computer and Communications Security, Singapore, pp. 120–127 (1999)Google Scholar
  11. 11.
    Chaum, D.: The dining cryptographers problem: unconditional sender and recipient untraceability. J. Cryptol. 1(1), 65–75 (1988)MathSciNetCrossRefGoogle Scholar
  12. 12.
    Chaum, D., Pedersen, T.P.: Wallet databases with observers. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 89–105. Springer, Heidelberg (1993).  https://doi.org/10.1007/3-540-48071-4_7CrossRefGoogle Scholar
  13. 13.
    Couteau, G., Peters, T., Pointcheval, D.: Encryption switching protocols. Cryptology ePrint Archive, Report 2015/990 (2015). http://eprint.iacr.org/2015/990
  14. 14.
    Damgård, I.: On \(\varSigma \)-protocols (2010). http://www.cs.au.dk/~ivan/Sigma.pdf
  15. 15.
    Damgård, I., Geisler, M., Krøigaard, M.: Efficient and secure comparison for on-line auctions. In: Pieprzyk, J., Ghodosi, H., Dawson, E. (eds.) ACISP 2007. LNCS, vol. 4586, pp. 416–430. Springer, Heidelberg (2007).  https://doi.org/10.1007/978-3-540-73458-1_30CrossRefGoogle Scholar
  16. 16.
    Desmedt, Y., Frankel, Y.: Shared generation of authenticators and signatures (extended abstract). In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 457–469. Springer, Heidelberg (1992).  https://doi.org/10.1007/3-540-46766-1_37CrossRefGoogle Scholar
  17. 17.
    Dreier, J., Dumas, J.-G., Lafourcade, P.: Brandt’s fully private auction protocol revisited. J. Comput. Secur. 23(5), 587–610 (2015)CrossRefGoogle Scholar
  18. 18.
    Ethereum. White Paper (2017). https://github.com/ethereum/wiki/wiki/
  19. 19.
    Etherscan. The Ethereum Block Explorer (2017). https://etherscan.io/
  20. 20.
    Fiat, A., Shamir, A.: How to prove yourself: practical solutions to identification and signature problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1987).  https://doi.org/10.1007/3-540-47721-7_12CrossRefGoogle Scholar
  21. 21.
    Fischlin, M.: A cost-effective pay-per-multiplication comparison method for millionaires. In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol. 2020, pp. 457–471. Springer, Heidelberg (2001).  https://doi.org/10.1007/3-540-45353-9_33CrossRefGoogle Scholar
  22. 22.
    Garay, J., Kiayias, A., Leonardos, N.: The Bitcoin backbone protocol: analysis and applications. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9057, pp. 281–310. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-46803-6_10CrossRefGoogle Scholar
  23. 23.
    Goldwasser, S., Micali, S.: Probabilistic encryption and how to play mental poker keeping secret all partial information. In: STOCS, pp. 365–377 (1982)Google Scholar
  24. 24.
    Katz, J.: Efficient and non-malleable proofs of plaintext knowledge and applications. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 211–228. Springer, Heidelberg (2003).  https://doi.org/10.1007/3-540-39200-9_13CrossRefGoogle Scholar
  25. 25.
    Katz, J., Yung, M.: Threshold cryptosystems based on factoring. Cryptology ePrint Archive, Report 2001/093 (2001). http://eprint.iacr.org/2001/093
  26. 26.
    Kosba, A.E., Miller, A., Shi, E., Wen, Z., Papamanthou, C.: Hawk: the blockchain model of cryptography and privacy-preserving smart contracts. In: IEEE Symposium on Security and Privacy, San Jose, USA, pp. 839–858 (2016)Google Scholar
  27. 27.
    Lindell, Y.: How to simulate it – a tutorial on the simulation proof technique. Cryptology ePrint Archive, Report 2016/046 (2016). http://eprint.iacr.org/2016/046
  28. 28.
    Lindell, Y., Pinkas, B., Smart, N.P., Yanai, A.: Efficient constant round multi-party computation combining BMR and SPDZ. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. LNCS, vol. 9216, pp. 319–338. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-48000-7_16CrossRefGoogle Scholar
  29. 29.
    Lindell, Y., Smart, N.P., Soria-Vazquez, E.: More efficient constant-round multi-party computation from BMR and SHE. In: Hirt, M., Smith, A. (eds.) TCC 2016. LNCS, vol. 9985, pp. 554–581. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-53641-4_21CrossRefGoogle Scholar
  30. 30.
    Naor, M., Pinkas, B., Sumner, R.: Privacy preserving auctions and mechanism design. In: ACM Conference on Electronic Commerce, pp. 129–139 (1999)Google Scholar
  31. 31.
    Ogata, W., Kurosawa, K., Sako, K., Takatani, K.: Fault tolerant anonymous channel. In: Han, Y., Okamoto, T., Qing, S. (eds.) ICICS 1997. LNCS, vol. 1334, pp. 440–444. Springer, Heidelberg (1997).  https://doi.org/10.1007/BFb0028500CrossRefGoogle Scholar
  32. 32.
    Reiter, M.K., Wang, X.: Fragile mixing. In: Proceedings of the 11th ACM Conference on Computer and Communications Security, CCS 2004, pp. 227–235 (2004)Google Scholar
  33. 33.
    Reuters. Ukrainian ministry carries out first blockchain transactions (2017). https://www.reuters.com
  34. 34.
    Sander, T., Young, A.L., Yung, M.: Non-interactive CryptoComputing For NC\(^1\). In: FOCS, pp. 554–567 (1999)Google Scholar
  35. 35.
    Shoup, V.: Practical threshold signatures. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 207–220. Springer, Heidelberg (2000).  https://doi.org/10.1007/3-540-45539-6_15CrossRefGoogle Scholar
  36. 36.
    Strain. Source Code (2017). https://github.com/strainprotocol/
  37. 37.
    Tual, S.: What are State Channels? (2017). https://www.stephantual.com
  38. 38.
    University of Bristol. Multiparty computation with SPDZ online phase and MASCOT offline phase (2017). https://github.com/bristolcrypto/SPDZ-2
  39. 39.
    Vukolić, M.: The quest for scalable blockchain fabric: proof-of-work vs. BFT replication. In: Camenisch, J., Kesdoğan, D. (eds.) iNetSec 2015. LNCS, vol. 9591, pp. 112–125. Springer, Cham (2016).  https://doi.org/10.1007/978-3-319-39028-4_9CrossRefGoogle Scholar
  40. 40.
    Waidner, M.: Unconditional sender and recipient untraceability in spite of active attacks. In: Quisquater, J.-J., Vandewalle, J. (eds.) EUROCRYPT 1989. LNCS, vol. 434, pp. 302–319. Springer, Heidelberg (1990).  https://doi.org/10.1007/3-540-46885-4_32CrossRefzbMATHGoogle Scholar
  41. 41.
    Waidner, M., Pfitzmann, B.: The dining cryptographers in the disco: unconditional sender and recipient untraceability with computationally secure serviceability. In: Quisquater, J.-J., Vandewalle, J. (eds.) EUROCRYPT 1989. LNCS, vol. 434, p. 690. Springer, Heidelberg (1990).  https://doi.org/10.1007/3-540-46885-4_69CrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2018

Authors and Affiliations

  1. 1.AirbusMunichGermany
  2. 2.University of WaterlooWaterlooCanada

Personalised recommendations