On Fair Exchange, Fair Coins and Fair Sampling

  • Shashank Agrawal
  • Manoj Prabhakaran
Conference paper

DOI: 10.1007/978-3-642-40041-4_15

Part of the Lecture Notes in Computer Science book series (LNCS, volume 8042)
Cite this paper as:
Agrawal S., Prabhakaran M. (2013) On Fair Exchange, Fair Coins and Fair Sampling. In: Canetti R., Garay J.A. (eds) Advances in Cryptology – CRYPTO 2013. Lecture Notes in Computer Science, vol 8042. Springer, Berlin, Heidelberg

Abstract

We study various classical secure computation problems in the context of fairness, and relate them with each other. We also systematically study fair sampling problems (i.e., inputless functionalities) and discover three levels of complexity for them.

Our results include the following:

  • Fair exchange cannot be securely reduced to the problem of fair cointossing by an r-round protocol, except with an error that is \(\Omega(\frac{1}{r})\).

  • Finite fair sampling problems with rational probabilities can all be reduced to fair coin-tossing and unfair 2-party computation (or equivalently, under computational assumptions). Thus, for this class of functionalities, fair coin-tossing is complete.

  • Only sampling problems which have fair protocols without any fair setup are the trivial ones in which the two parties can sample their outputs independently.Others all have an \(\Omega(\frac{1}{r})\) error, roughly matching an upperbound for fair sampling from [21].

  • We study communication-less protocols for sampling, given another sampling problem as setup, since such protocols are inherently fair. We use spectral graph theoretic tools to show that it is impossible to reduce a sampling problem with common information (like fair cointossing) to a sampling problem without (like “noisy” coin-tossing, which has a small probability of disagreement).

The last result above is a slightly sharper version of a classical result by Witsenhausen from 1975. Our proof reveals the connection between the tool used by Witsenhausen, namely “maximal correlation,” and spectral graph theoretic tools like Cheeger inequality.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© International Association for Cryptologic Research 2013

Authors and Affiliations

  • Shashank Agrawal
    • 1
  • Manoj Prabhakaran
    • 1
  1. 1.University of Illinois, Urbana-ChampaignUSA

Personalised recommendations