Fair Computation with Rational Players
We consider the problem of fairness in two-party computation, where this means (informally) that both parties should learn the correct output. A seminal result of Cleve (STOC 1986) shows that fairness is, in general, impossible to achieve for malicious parties. Here, we treat the parties as rational and seek to understand what can be done.
Asharov et al. (Eurocrypt 2011) recently considered this problem and showed impossibility of rational fair computation for a particular function and a particular set of utilities. We observe, however, that in their setting the parties have no incentive to compute the function even in an ideal world where fairness is guaranteed. Revisiting the problem, we show that rational fair computation is possible, for arbitrary functions and utilities, as long as at least one of the parties has a strict incentive to compute the function in the ideal world. This gives a novel setting in which game-theoretic considerations can be used to circumvent an impossibility result in cryptography.
KeywordsNash Equilibrium Incentive Compatibility Cryptographic Protocol Ideal World Negligible Probability
- 1.Abraham, I., Dolev, D., Gonen, R., Halpern, J.: Distributed computing meets game theory: robust mechanisms for rational secret sharing and multiparty computation. In: 25th Annual ACM Symposium on Principles of Distributed Computing (PODC), pp. 53–62. ACM Press (2006)Google Scholar
- 6.Cleve, R.: Limits on the security of coin flips when half the processors are faulty. In: 18th Annual ACM Symposium on Theory of Computing (STOC), pp. 364–369. ACM Press (1986)Google Scholar
- 9.Dodis, Y., Rabin, T.: Cryptography and game theory. In: Nisan, N., Roughgarden, T., Tardos, E., Vazirani, V. (eds.) Algorithmic Game Theory, pp. 181–207. Cambridge University Press (2007)Google Scholar
- 12.Gordon, S.D., Hazay, C., Katz, J., Lindell, Y.: Complete fairness in secure two-party computation. J. ACM 58(6) (2011)Google Scholar
- 16.Gradwohl, R., Livne, N., Rosen, A.: Sequential rationality in cryptographic protocols. In: 51st FOCS Annual Symposium on Foundations of Computer Science (FOCS), pp. 623–632. IEEE (2010)Google Scholar
- 17.Halpern, J., Teague, V.: Rational secret sharing and multiparty computation. In: 36th Annual ACM Symposium on Theory of Computing (STOC), pp. 623–632. ACM Press (2004)Google Scholar
- 20.Izmalkov, S., Micali, S., Lepinski, M.: Rational secure computation and ideal mechanism design. In: 46th FOCSAnnual Symposium on Foundations of Computer Science (FOCS), pp. 585–595. IEEE (2005), Full version available at, http://dspace.mit.edu/handle/1721.1/38208
- 23.Kol, G., Naor, M.: Games for exchanging information. In: 40th Annual ACM Symposium on Theory of Computing (STOC), pp. 423–432. ACM Press (2008)Google Scholar
- 24.Lepinski, M., Micali, S., Peikert, C., Shelat, A.: Completely fair SFE and coalition-safe cheap talk. In: 23rd ACM PODCAnnual ACM Symposium on Principles of Distributed Computing (PODC), pp. 1–10. ACM Press (2004)Google Scholar
- 25.Lepinski, M., Micali, S., Shelat, A.: Collusion-free protocols. In: 37th Annual ACM Symposium on Theory of Computing (STOC), pp. 543–552. ACM Press (2005)Google Scholar