Incentives in Security Protocols

Real world protocols often involve human choices that depend on incentives, including when they fail. We look at three example systems (the EMV protocol, consensus in cryptocurrencies, and Tor), paying particular attention to the role that incentives play in fail-safe and fail-deadly situations. In this position paper we argue that incentives should explicitly be taken into account in the design of security protocols, and discuss general challenges in doing so.

[1]  Ueli Maurer,et al.  Rational Protocol Design: Cryptography against Incentive-Driven Adversaries , 2013, 2013 IEEE 54th Annual Symposium on Foundations of Computer Science.

[2]  Trond Hønsi SpaceMint - A Cryptocurrency Based on Proofs of Space , 2017 .

[3]  T. Maugh Why buy when you can rent? , 1984, Science.

[4]  A. Rustichini,et al.  A Fine is a Price , 2000, The Journal of Legal Studies.

[5]  Michael Dahlin,et al.  BAR fault tolerance for cooperative services , 2005, SOSP '05.

[6]  Kartik Nayak,et al.  Solidus: An Incentive-compatible Cryptocurrency Based on Permissionless Byzantine Consensus , 2016, ArXiv.

[7]  Roger Dingledine,et al.  Building Incentives into Tor , 2010, Financial Cryptography.

[8]  A. Tversky,et al.  Prospect theory: an analysis of decision under risk — Source link , 2007 .

[9]  Roger Dingledine,et al.  On the Economics of Anonymity , 2003, Financial Cryptography.

[10]  P. Cochat,et al.  Et al , 2008, Archives de pediatrie : organe officiel de la Societe francaise de pediatrie.

[11]  Kartik Nayak,et al.  Solida: A Blockchain Protocol Based on Reconfigurable Byzantine Consensus , 2016, OPODIS.

[12]  Steven J. Murdoch,et al.  EMV: why payment systems fail , 2014, CACM.

[13]  Elaine Shi,et al.  Snow White: Provably Secure Proofs of Stake , 2016, IACR Cryptol. ePrint Arch..

[14]  Nicholas Hopper,et al.  Shadow: Running Tor in a Box for Accurate and Efficient Experimentation , 2011, NDSS.

[15]  Rob Jansen,et al.  A TorPath to TorCoin: Proof-of-Bandwidth Altcoins for Compensating Relays , 2014 .

[16]  Candelaria Hernández-Goya,et al.  A rational approach to cryptographic protocols , 2007, Math. Comput. Model..

[17]  Ueli Maurer,et al.  But Why does it Work? A Rational Protocol Design Treatment of Bitcoin , 2018, IACR Cryptol. ePrint Arch..

[18]  Joshua A. Kroll,et al.  The Economics of Bitcoin Mining, or Bitcoin in the Presence of Adversaries , 2013 .

[19]  Joseph Y. Halpern Beyond nash equilibrium: solution concepts for the 21st century , 2008, PODC '08.

[20]  Henning Pagnia,et al.  On the Impossibility of Fair Exchange without a Trusted Third Party , 1999 .

[21]  Aggelos Kiayias,et al.  Ouroboros: A Provably Secure Proof-of-Stake Blockchain Protocol , 2017, CRYPTO.

[22]  Ittay Eyal,et al.  The Miner's Dilemma , 2014, 2015 IEEE Symposium on Security and Privacy.

[23]  Nikita Borisov,et al.  SmartCast: An Incentive Compatible Consensus Protocol Using Smart Contracts , 2017, Financial Cryptography Workshops.

[24]  Elaine Shi,et al.  FruitChains: A Fair Blockchain , 2017, IACR Cryptol. ePrint Arch..

[25]  Joseph Y. Halpern,et al.  Game Theory with Costly Computation , 2008, ArXiv.

[26]  S. Matthew Weinberg,et al.  On the Instability of Bitcoin Without the Block Reward , 2016, CCS.

[27]  Andrew Miller,et al.  From Onions to Shallots: Rewarding Tor Relays with TEARS , 2014 .

[28]  Aviv Zohar,et al.  Optimal Selfish Mining Strategies in Bitcoin , 2015, Financial Cryptography.

[29]  Steven J. Murdoch,et al.  Security Protocols and Evidence: Where Many Payment Systems Fail , 2014, Financial Cryptography.

[30]  Ross J. Anderson Why information security is hard - an economic perspective , 2001, Seventeenth Annual Computer Security Applications Conference.

[31]  Emin Gün Sirer,et al.  Majority Is Not Enough: Bitcoin Mining Is Vulnerable , 2013, Financial Cryptography.

[32]  Steven J Murdoch,et al.  Reliability of Chip & PIN evidence in banking disputes , 2014 .

[33]  Danny Dolev,et al.  Distributed computing meets game theory: robust mechanisms for rational secret sharing and multiparty computation , 2006, PODC '06.

[34]  W. Ziemba,et al.  Growth-optimal investments and numeraire portfolios under transactions costs , 2013 .

[35]  Jason Teutsch,et al.  Demystifying Incentives in the Consensus Computer , 2015, CCS.

[36]  Danny Dolev,et al.  Lower Bounds on Implementing Robust and Resilient Mediators , 2007, TCC.