Completely fair SFE and coalition-safe cheap talk

Secure function evaluation (SFE) enables a group of players, by themselves, to evaluate a function on private inputs as securely as if a trusted third party had done it for them. A completely fair SFE is a protocol in which, conceptually, the function values are learned atomically.We provide a completely fair SFE protocol which is secure for any number of malicious players, using a novel combination of computational and physical channel assumptions.We also show how completely fair SFE has striking applications togame theory. In particular, it enables "cheap-talk" protocol that(a) achieve correlated-equilibrium payoffs in any game, (b) are the first protocols which provably give no additional power to any coalition of players, and (c) are exponentially more efficient than prior counterparts.

[1]  Ran Canetti,et al.  Universally composable security: a new paradigm for cryptographic protocols , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[2]  Shai Halevi,et al.  A Cryptographic Solution to a Game Theoretic Problem , 2000, CRYPTO.

[3]  Moni Naor,et al.  Adaptively secure multi-party computation , 1996, STOC '96.

[4]  David Chaum,et al.  Multiparty unconditionally secure protocols , 1988, STOC '88.

[5]  Elchanan Ben-Porath,et al.  Correlation without Mediation: Expanding the Set of Equilibrium Outcomes by "Cheap" Pre-play Procedures , 1998 .

[6]  Leonid A. Levin,et al.  Fair Computation of General Functions in Presence of Immoral Majority , 1990, CRYPTO.

[7]  A. Yao,et al.  Fair exchange with a semi-trusted third party (extended abstract) , 1997, CCS '97.

[8]  Vanessa Teague,et al.  Selecting Correlated Random Actions , 2004, Financial Cryptography.

[9]  Silvio Micali,et al.  The knowledge complexity of interactive proof-systems , 1985, STOC '85.

[10]  Eric van Damme,et al.  Non-Cooperative Games , 2000 .

[11]  R. Aumann Subjectivity and Correlation in Randomized Strategies , 1974 .

[12]  Richard Cleve,et al.  Limits on the security of coin flips when half the processors are faulty , 1986, STOC '86.

[13]  Imre Bárány,et al.  Fair Distribution Protocols or How the Players Replace Fortune , 1992, Math. Oper. Res..

[14]  J. Wooders,et al.  Coalition-Proof Equilibrium , 1996 .

[15]  J. Vial,et al.  Strategically zero-sum games: The class of games whose completely mixed equilibria cannot be improved upon , 1978 .

[16]  I. Ray Coalition-proof correlated equilibrium: a definition , 1996 .

[17]  Silvio Micali,et al.  How to play ANY mental game , 1987, STOC.

[18]  Silvio Micali,et al.  Probabilistic Encryption , 1984, J. Comput. Syst. Sci..

[19]  Silvio Micali,et al.  Secure Computation (Abstract) , 1991, CRYPTO.

[20]  Silvio Micali,et al.  Everything Provable is Provable in Zero-Knowledge , 1990, CRYPTO.

[21]  Dino Gerardi,et al.  Unmediated Communication in Games with Complete and Incomplete Information , 2002, J. Econ. Theory.

[22]  José E. Vila,et al.  Computational complexity and communication: Coordination in two-player games , 2002 .

[23]  Silvio Micali,et al.  How to simultaneously exchange a secret bit by flipping a symmetrically-biased coin , 1983, 24th Annual Symposium on Foundations of Computer Science (sfcs 1983).

[24]  Manuel Blum,et al.  Noninteractive Zero-Knowledge , 1991, SIAM J. Comput..

[25]  Andrew Chi-Chih Yao,et al.  Theory and application of trapdoor functions , 1982, 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982).

[26]  Tal Rabin,et al.  Verifiable secret sharing and multiparty protocols with honest majority , 1989, STOC '89.

[27]  Juan A. Garay,et al.  Efficient and Secure Multi-Party Computation with Faulty Majority and Complete Fairness , 2004, IACR Cryptol. ePrint Arch..

[28]  Silvio Micali,et al.  Byzantine Agreement in Constant Expected Time (and Trusting No One) , 1985, FOCS 1985.

[29]  Avi Wigderson,et al.  Completeness theorems for non-cryptographic fault-tolerant distributed computation , 1988, STOC '88.

[30]  Oded Goldreich,et al.  A randomized protocol for signing contracts , 1985, CACM.

[31]  Silvio Micali,et al.  Parallel Reducibility for Information-Theoretically Secure Computation , 2000, CRYPTO.