TY - GEN
T1 - Collusion-preserving computation
AU - Alwen, Joël
AU - Katz, Jonathan
AU - Maurer, Ueli
AU - Zikas, Vassilis
PY - 2012/9/3
Y1 - 2012/9/3
N2 - In collusion-free protocols, subliminal communication is impossible and parties are thus unable to communicate any information "beyond what the protocol allows." Collusion-free protocols are interesting for several reasons, but have specifically attracted attention because they can be used to reduce trust in game-theoretic mechanisms. Collusion-free protocols are impossible to achieve (in general) when all parties are connected by point-to-point channels, but exist under certain physical assumptions (Lepinksi et al., STOC 2005) or when parties are connected in specific network topologies (Alwen et al., Crypto 2008). We provide a "clean-slate" definition of the stronger notion of collusion preservation. Our goals in revisiting the definition are: - To give a definition with respect to arbitrary communication resources (including as special cases the communication models from prior work). We can then, in particular, better understand what types of resources enable collusion-preserving protocols. - To construct protocols that allow no additional subliminal communication when parties can communicate via other means. (This property is not implied by collusion-freeness.) - To support composition, so protocols can be designed in a modular fashion using sub-protocols run among subsets of the parties. In addition to proposing the definition, we explore implications of our model and show a general feasibility result for collusion-preserving computation of arbitrary functionalities. We formalize a model for concurrently playing multiple extensive-form, mediated games while preserving many important equilibrium notions.
AB - In collusion-free protocols, subliminal communication is impossible and parties are thus unable to communicate any information "beyond what the protocol allows." Collusion-free protocols are interesting for several reasons, but have specifically attracted attention because they can be used to reduce trust in game-theoretic mechanisms. Collusion-free protocols are impossible to achieve (in general) when all parties are connected by point-to-point channels, but exist under certain physical assumptions (Lepinksi et al., STOC 2005) or when parties are connected in specific network topologies (Alwen et al., Crypto 2008). We provide a "clean-slate" definition of the stronger notion of collusion preservation. Our goals in revisiting the definition are: - To give a definition with respect to arbitrary communication resources (including as special cases the communication models from prior work). We can then, in particular, better understand what types of resources enable collusion-preserving protocols. - To construct protocols that allow no additional subliminal communication when parties can communicate via other means. (This property is not implied by collusion-freeness.) - To support composition, so protocols can be designed in a modular fashion using sub-protocols run among subsets of the parties. In addition to proposing the definition, we explore implications of our model and show a general feasibility result for collusion-preserving computation of arbitrary functionalities. We formalize a model for concurrently playing multiple extensive-form, mediated games while preserving many important equilibrium notions.
UR - http://www.scopus.com/inward/record.url?scp=84865489601&partnerID=8YFLogxK
U2 - 10.1007/978-3-642-32009-5_9
DO - 10.1007/978-3-642-32009-5_9
M3 - Conference contribution
AN - SCOPUS:84865489601
SN - 978-3-642-32008-8
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 124
EP - 143
BT - Advances in Cryptology - CRYPTO 2012
A2 - Safavi-Naini, Reihaneh
A2 - Canetti, Ran
PB - Springer
CY - Berlin, Heidelberg
T2 - 32nd Annual International Cryptology Conference
Y2 - 19 August 2012 through 23 August 2012
ER -