Comprehensive survey on privacy-preserving protocols for sealed-bid auctions

Abstract The internet is a ubiquitous technology that has changed conventional human interactions. In our present time, it is not unusual for financial transactions to take place virtually with nothing more than a computer and a credit card; many times without ever having to engage face-to-face with another person. Part of these electronic transactions taking place day-to-day are not simple economic mechanisms, instead they are constructed in the form of auctions in which a key aspect is the protection of bidders. Ideally, electronic auction mechanisms should provide the following fundamental properties: privacy of the losing bids, robustness, verifiability, and non-repudiation. This can only be accomplished by proper sealed-bid auction protocols. Indeed, the main motivation for constructing sealed-bid auction protocols is the fact that auctioneers and/or sellers may use the past losing bids to maximize their revenues in future auctions and negotiations. In addition, private valuations can be used to disclose personal preferences and private information about the bidders. This paper therefore surveys existing cryptographic solutions that are used for electronic sealed-bid auction protocols, and provides the challenges that currently exist in this field. Overall, various technical approaches will be covered and the state-of-the-art will be reviewed thoroughly.

[1]  Shohachiro Nakanishi,et al.  Distributed auction servers resolving winner and winning bid without revealing privacy of bids , 2000, Proceedings Seventh International Conference on Parallel and Distributed Systems: Workshops.

[2]  Christopher Thorpe,et al.  Time-Lapse Cryptography , 2006 .

[3]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[4]  H. Nurmi,et al.  Cryptographic protocols for Vickrey auctions , 1993 .

[5]  Ed Dawson,et al.  Batch verification of validity of bids in homomorphic e-auction , 2006, Comput. Commun..

[6]  Moni Naor,et al.  Privacy preserving auctions and mechanism design , 1999, EC '99.

[7]  Moshe Tennenholtz Some Tractable Combinatorial Auctions , 2000, AAAI/IAAI.

[8]  Jacques Stern,et al.  Non-interactive Private Auctions , 2002, Financial Cryptography.

[9]  Douglas R. Stinson,et al.  Unconditionally Secure Proactive Secret Sharing Scheme with Combinatorial Structures , 1999, Selected Areas in Cryptography.

[10]  Ari Juels,et al.  A Two-Server, Sealed-Bid Auction Protocol , 2002, Financial Cryptography.

[11]  Matthew K. Franklin,et al.  Verifiable Signature Sharing , 1995, EUROCRYPT.

[12]  Atsuko Miyaji,et al.  A Second-price Sealed-bid Auction with the Discriminant of the p0-th Root , 2002, Financial Cryptography.

[13]  Yi Mu,et al.  First price sealed bid auction without auctioneers , 2007, IWCMC.

[14]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[15]  Mehrdad Nojoumian,et al.  Efficient Implementation and Computational Analysis of Privacy-Preserving Auction Protocols , 2020 .

[16]  Douglas R. Stinson,et al.  Efficient Sealed-Bid Auction Protocols Using Verifiable Secret Sharing , 2014, ISPEC.

[17]  Hiroaki Kikuchi,et al.  Multi-round Anonymous Auction Protocols , 1999 .

[18]  Atsuko Miyaji,et al.  A Practical English Auction with Simple Revocation , 2002 .

[19]  Jacques Traoré,et al.  An Online Public Auction Protocol Protecting Bidder Privacy , 2000, ACISP.

[20]  Edith Elkind,et al.  Interleaving Cryptography and Mechanism Design: The Case of Online Auctions , 2004, Financial Cryptography.

[21]  Valtteri Niemi,et al.  Secure Vickrey Auctions without Threshold Trust , 2002, Financial Cryptography.

[22]  Kunio Kobayashi,et al.  Efficient Sealed-Bid Auction Using Hash Chain , 2000, ICISC.

[23]  Srividhya Subramanian,et al.  Design and verification of a secure electronic auction protocol , 1998, Proceedings Seventeenth IEEE Symposium on Reliable Distributed Systems (Cat. No.98CB36281).

[24]  Ed Dawson,et al.  Optimization of Electronic First-Bid Sealed-Bid Auction Based on Homomorphic Secret Sharing , 2005, Mycrypt.

[25]  Ed Dawson,et al.  Five Sealed-bid Auction Models , 2003, ACSW.

[26]  Jean-Jacques Quisquater,et al.  A "Paradoxical" Indentity-Based Signature Scheme Resulting from Zero-Knowledge , 1988, CRYPTO.

[27]  J. Doug Tygar,et al.  Electronic Auctions with Private Bids , 1998, USENIX Workshop on Electronic Commerce.

[28]  Chin-Chen Chang,et al.  Efficient anonymous auction protocols with freewheeling bids , 2003, Comput. Secur..

[29]  Douglas R. Stinson,et al.  Unconditionally Secure First-Price Auction Protocols Using a Multicomponent Commitment Scheme , 2010, ICICS.

[30]  Matthew K. Franklin,et al.  The Design and Implementation of a Secure Auction Service , 1996, IEEE Trans. Software Eng..

[31]  Min-Shiang Hwang,et al.  Adding timestamps to the secure electronic auction protocol , 2002, Data Knowl. Eng..

[32]  Ed Dawson,et al.  A Multiplicative Homomorphic Sealed-Bid Auction Based on Goldwasser-Micali Encryption , 2005, ISC.

[33]  Wenbo Shi,et al.  A sealed-bid multi-attribute auction protocol with strong bid privacy and bidder privacy , 2013, Secur. Commun. Networks.

[34]  Makoto Yokoo,et al.  Secure multi-agent dynamic programming based on homomorphic encryption and its application to combinatorial auctions , 2002, AAMAS '02.

[35]  Sven de Vries,et al.  Combinatorial Auctions: A Survey , 2003, INFORMS J. Comput..

[36]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[37]  Makoto Yokoo,et al.  Secure Combinatorial Auctions by Dynamic Programming with Polynomial Secret Sharing , 2002, Financial Cryptography.

[38]  E. Maskin Asymmetric Auctions , 2007 .

[39]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[40]  Felix Brandt,et al.  Fully Private Auctions in a Constant Number of Rounds , 2003, Financial Cryptography.

[41]  Kemal Akkaya,et al.  Implementation and analysis of Dutch-style sealed-bid auctions computational vs unconditional security , 2015, 2015 International Conference on Information Systems Security and Privacy (ICISSP).

[42]  Ronald M. Harstad,et al.  Computationally Manageable Combinational Auctions , 1998 .

[43]  Jonathan D. Levin,et al.  Comparing Open and Sealed Bid Auctions: Evidence from Timber Auctions , 2008 .

[44]  David C. Parkes,et al.  Cryptographic Combinatorial Clock-Proxy Auctions , 2009, Financial Cryptography.

[45]  Felix Brandt,et al.  On the Existence of Unconditionally Privacy-Preserving Auction Protocols , 2008, TSEC.

[46]  Hiroaki Kikuchi,et al.  (M+1)st-Price Auction Protocol , 2002, Financial Cryptography.

[47]  Pascal Lafourcade,et al.  Formal Verification of e-Auction Protocols , 2013, POST.

[48]  T. Sandholm Limitations of the Vickrey Auction in Computational Multiagent Systems , 1996 .

[49]  Kouichi Sakurai,et al.  A bulletin-board based digital auction scheme with bidding down strategy-towards anonymous electroni , 1999 .

[50]  Felix Brandt,et al.  Cryptographic Protocols for Secure Second-Price Auctions , 2001, CIA.

[51]  Silvio Micali,et al.  Probabilistic Encryption , 1984, J. Comput. Syst. Sci..

[52]  Felix Brandt,et al.  A verifiable, bidder-resolved Auction Protocol , 2002 .

[53]  Makoto Yokoo,et al.  An efficient approximate algorithm for winner determination in combinatorial auctions , 2000, EC '00.

[54]  Douglas R. Stinson,et al.  Cryptography: Theory and Practice , 1995 .

[55]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[56]  Ed Dawson,et al.  Non-interactive Auction Schemewith Strong Privacy , 2002, ICISC.

[57]  Gerhard Weiß,et al.  Vicious strategies for Vickrey auctions , 2001, AGENTS '01.

[58]  Tuomas Sandholm,et al.  Algorithm for optimal winner determination in combinatorial auctions , 2002, Artif. Intell..

[59]  Kazue Sako,et al.  An Auction Protocol Which Hides Bids of Losers , 2000, Public Key Cryptography.

[60]  Torben P. Pedersen Distributed Provers with Applications to Undeniable Signatures , 1991, EUROCRYPT.

[61]  Gerhard Weiß,et al.  Antisocial Agents and Vickrey Auctions , 2001, ATAL.

[62]  Avi Wigderson,et al.  Completeness Theorems for Non-Cryptographic Fault-Tolerant Distributed Computation (Extended Abstract) , 1988, STOC.

[63]  Ed Dawson,et al.  Efficient Implementation of Relative Bid Privacy in Sealed-Bid Auction , 2003, WISA.

[64]  Yoav Shoham,et al.  Spiteful Bidding in Sealed-Bid Auctions , 2007, IJCAI.

[65]  Byoungcheon Lee,et al.  Efficient Public Auction with One-Time Registration and Public Verifiability , 2001, INDOCRYPT.

[66]  Wen-Shenq Juang,et al.  An electronic online bidding auction protocol with both security and efficiency , 2006, Appl. Math. Comput..

[67]  Christian Cachin,et al.  Efficient private bidding and auctions with an oblivious third party , 1999, CCS '99.

[68]  Kaoru Kurosawa,et al.  Efficient Anonymous Channel and All/Nothing Election Scheme , 1994, EUROCRYPT.

[69]  Makoto Yokoo,et al.  Secure Multi-attribute Procurement Auction , 2005, Financial Cryptography.

[70]  Mehrdad Nojoumian,et al.  Novel Secret Sharing and Commitment Schemes for Cryptographic Applications , 2012 .

[71]  Markus Jakobsson,et al.  Mix and Match: Secure Function Evaluation via Ciphertexts , 2000, ASIACRYPT.

[72]  R. Cramer,et al.  Multiparty Computation from Threshold Homomorphic Encryption , 2000 .

[73]  Justie Su-tzu Juan,et al.  Practical electronic auction scheme with strong anonymity and bidding privacy , 2011, Inf. Sci..

[74]  Hideki Imai,et al.  Reducing the round complexity of a sealed-bid auction protocol with an off-line TTP , 2000, CCS.

[75]  Atsuko Miyaji,et al.  An Anonymous Aution Protocol with a Single Non-trusted Center Using Binary Trees , 2000, ISW.

[76]  Tassos Dimitriou,et al.  Privacy-respecting auctions and rewarding mechanisms in mobile crowd-sensing applications , 2017, J. Netw. Comput. Appl..

[77]  Ed Dawson,et al.  Robust, Privacy Protecting and Publicly Verifiable Sealed-Bid Auction , 2002, ICICS.

[78]  Taher ElGamal,et al.  A public key cyryptosystem and signature scheme based on discrete logarithms , 1985 .

[79]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[80]  Yoav Shoham,et al.  Taming the Computational Complexity of Combinatorial Auctions: Optimal and Approximate Approaches , 1999, IJCAI.

[81]  Chin-Chen Chang,et al.  New Sealed-Bid Electronic Auction with Fairness, Security and Efficiency , 2008, Journal of Computer Science and Technology.

[82]  Ed Dawson,et al.  Efficient Bid Validity Check in ElGamal-Based Sealed-Bid E-Auction , 2007, ISPEC.

[83]  Daisuke Yamamoto,et al.  Sealed-Bid Auctions with Efficient Bids , 2003, ICISC.

[84]  Tal Rabin,et al.  Verifiable secret sharing and multiparty protocols with honest majority , 1989, STOC '89.

[85]  Masayuki Abe,et al.  M+1-st Price Auction Using Homomorphic Encryption , 2002, Public Key Cryptography.