Efficient private bidding and auctions with an oblivious third party

We describe a novel and efficient protocol for the following problem: <italic>A</italic> wants to buy some good from <italic>B</italic> if the price is less than <italic>a</italic>. <italic>B</italic> would like to sell, but only for more than <italic>b</italic>, and neither of them wants to reveal the secret bounds. Will the deal take place? Our solution uses an oblivious third party <italic>T</italic> who learns no information about <italic>a</italic> or <italic>b</italic>, not even whether <italic>a</italic> > <italic>b</italic>. The protocol needs only a single round of interaction, ensures fairness, and is not based on general circuit evaluation techniques. It uses a novel construction, which combines homomorphic encryption with the φ-hiding assumption and which may be of independent interest. Applications include bargaining between two parties and secure and efficient auctions in the absence of a fully trusted auction service.

[1]  Michael K. Reiter,et al.  Fair Exchange with a Semi-Trusted Third Party (extended abstract) , 1997, CCS.

[2]  J. Doug Tygar,et al.  Electronic Auctions with Private Bids , 1998, USENIX Workshop on Electronic Commerce.

[3]  Avi Wigderson,et al.  Completeness theorems for non-cryptographic fault-tolerant distributed computation , 1988, STOC '88.

[4]  Josh Benaloh Verifiable secret-ballot elections , 1987 .

[5]  David Chaum,et al.  Multiparty unconditionally secure protocols , 1988, STOC '88.

[6]  Ran Canetti,et al.  Security and Composition of Multiparty Cryptographic Protocols , 2000, Journal of Cryptology.

[7]  Arie Segev,et al.  Auctions on the Internet: A Field Study , 1998 .

[8]  Silvio Micali,et al.  Computationally Private Information Retrieval with Polylogarithmic Communication , 1999, EUROCRYPT.

[9]  Moni Naor,et al.  Universal one-way hash functions and their cryptographic applications , 1989, STOC '89.

[10]  Martín Abadi,et al.  On hiding information from an oracle , 1987, STOC '87.

[11]  Silvio Micali,et al.  How to play ANY mental game , 1987, STOC.

[12]  Matthew K. Franklin,et al.  The design and implementation of a secure auction service , 1995, Proceedings 1995 IEEE Symposium on Security and Privacy.

[13]  Manoj Kumar,et al.  Internet Auctions , 1998, USENIX Workshop on Electronic Commerce.

[14]  Josh Benaloh,et al.  Dense Probabilistic Encryption , 1999 .

[15]  N. Asokan,et al.  Optimistic protocols for fair exchange , 1997, CCS '97.

[16]  Jacques Stern,et al.  A new public key cryptosystem based on higher residues , 1998, CCS '98.

[17]  Silvio Micali,et al.  Probabilistic Encryption , 1984, J. Comput. Syst. Sci..

[18]  Silvio Micali,et al.  Secure Computation (Abstract) , 1991, CRYPTO.

[19]  Andrew Chi-Chih Yao,et al.  Protocols for secure computations , 1982, FOCS 1982.

[20]  Silvio Micali,et al.  A fair protocol for signing contracts , 1990, IEEE Trans. Inf. Theory.

[21]  N. Asokan,et al.  Optimistic fair exchange of digital signatures , 1998, IEEE Journal on Selected Areas in Communications.