collusion preserving computation
play

Collusion-Preserving Computation Jol Alwen (ETH Zrich) Jonathan - PowerPoint PPT Presentation

Feb 15, 2023 •277 likes •970 views

Collusion-Preserving Computation Jol Alwen (ETH Zrich) Jonathan Katz (U. Maryland) Ueli Maurer (ETH Zrich) Vassilis Zikas (U. Maryland) Overview l Motivation & Goals l Definition l Fall-back Security l Synchronization

  1. Collusion-Preserving Computation Joël Alwen (ETH Zürich) Jonathan Katz (U. Maryland) Ueli Maurer (ETH Zürich) Vassilis Zikas (U. Maryland)

  2. Overview l Motivation & Goals l Definition l Fall-back Security l Synchronization Pollution l Implications for Game Theory l Future Directions

  3. Goals (1)

  4. Goals (1) l Primary Goal: A realization notion bounding the capabilities of deviating coalitions even in the presence of arbitrary composition.

  5. Goals (1) l Primary Goal: A realization notion bounding the capabilities of deviating coalitions even in the presence of arbitrary composition. “R realizes F” = R can be used in place of F l

  6. Goals (1) l Primary Goal: A realization notion bounding the capabilities of deviating coalitions even in the presence of arbitrary composition. “R realizes F” = R can be used in place of F l “capabilities of deviating coalitions” = such l that even collaborating “dishonest” players can do no more with R then they could with F

  7. Goals (1) l Primary Goal: A realization notion bounding the capabilities of deviating coalitions even in the presence of arbitrary composition. “R realizes F” = R can be used in place of F l “capabilities of deviating coalitions” = such l that even collaborating “dishonest” players can do no more with R then they could with F “arbitrary composition” = regardless of any l concurrent activities in which they may be involved.

  8. Example Use Cases

  9. Example Use Cases l Composable Game Theory. Extreme case of deviating coalitions. l

  10. Example Use Cases l Composable Game Theory. Extreme case of deviating coalitions. l l Collusion-Free (CF) MPC robust in the presence of side-channels. CF (provably) not concurrently composable l

  11. Example Use Cases l Composable Game Theory. Extreme case of deviating coalitions. l l Collusion-Free (CF) MPC robust in the presence of side-channels. CF (provably) not concurrently composable l l Other (intuitive) examples requiring bounds on collaborating dishonest players. Incoercability: Coercer/Informant & Coercee. l Auctions: Bid fixing by corrupt bidders. l Bounded Isolation: Useful for say, poker or bridge l

  12. Goals (2)

  13. Goals (2) Generic definition independent of l communication resource R. Better for comparing different − constructions. Allows investigating minimal properties − for resource R used to realize a given F.

  14. Goals (2) Generic definition independent of l communication resource R. Better for comparing different − constructions. Allows investigating minimal properties − for resource R used to realize a given F. Non-triviality: strong fall-back security even l if R “miss-behaves”.

  15. Goals (2) Generic definition independent of l communication resource R. Better for comparing different − constructions. Allows investigating minimal properties − for resource R used to realize a given F. Non-triviality: strong fall-back security even l if R “miss-behaves”. Concrete communication resource R & l construction for many F.

  16. Goals (2) Generic definition independent of l communication resource R. Better for comparing different − constructions. Allows investigating minimal properties − for resource R used to realize a given F. Non-triviality: strong fall-back security even l if R “miss-behaves”. Concrete communication resource R & l construction for many F. Explore implications for composable Game l

  17. Related Work

  18. Related Work l SFE/MPC [GMW, BGW,...] First generic realization notions. l Not generally composable − Gives deviating coalitions arbitrary (internal) − capabilities (monolithic adversary)

  19. Related Work l SFE/MPC [GMW, BGW,...] First generic realization notions. l Not generally composable − Gives deviating coalitions arbitrary (internal) − capabilities (monolithic adversary) l Arbitrary composition [Can, PW, CLOS, CDPW,...] Exa: UC, GUC, JUC, etc. l But monolithic adversary −

  20. Related Work l SFE/MPC [GMW, BGW,...] First generic realization notions. l Not generally composable − Gives deviating coalitions arbitrary (internal) − capabilities (monolithic adversary) l Arbitrary composition [Can, PW, CLOS, CDPW,...] Exa: UC, GUC, JUC, etc. l But monolithic adversary − l Collusion-Free (CF) computation [LMPS, ILM, ASV, AKLPSV] Bounds deviating coalitions (via split adversaries) l

  21. CF is not Composable

  22. CF is not Composable l = 2-party null functionality (does nothing) F l Define and protocol π = ( , ) π 2 π 1 R

  23. CF is not Composable l = 2-party null functionality (does nothing) F l Define and protocol π = ( , ) π 2 π 1 R R π 2 2k π 1 m ∈ {0,1} k r ← {0,1} (unif. rand.) k r' ∈ {0,1} If r' = r ⇒ a := m a Else ⇒ a := ⊥

  24. CF is not Composable l = 2-party null functionality (does nothing) F l Define and protocol π = ( , ) π 2 π 1 R R π 2 2k π 1 m ∈ {0,1} k r ← {0,1} (unif. rand.) k r' ∈ {0,1} If r' = r ⇒ a := m a Else ⇒ a := ⊥ r is uniform random and allows no communication between F l π 1 simulators. ⇒ Can always simulate for with a = ⊥ . ⇒ CF-realizes via π . R F

  25. CF is not Composable l = 2-party null functionality (does nothing) F l Define and protocol π = ( , ) π 2 π 1 R R π 2 2k π 1 m ∈ {0,1} k r ← {0,1} (unif. rand.) k r' ∈ {0,1} If r' = r ⇒ a := m a Else ⇒ a := ⊥ r is uniform random and allows no communication between F l π 1 simulators. ⇒ Can always simulate for with a = ⊥ . ⇒ CF-realizes via π . R F Now compose with ; a k -bit channel from P2 → P1. Use it transmit r . C l So P2 can learn m from . But using & the simulators can C F R communicate at most k. I.e. π is no longer simulatable!

  26. Composable CF → Collusion-Preservation

  27. Composable CF → Collusion-Preservation l Goal: Add composability to CF.

  28. Composable CF → Collusion-Preservation l Goal: Add composability to CF. l Idea: Add an environment (as in UC-style realization notions) to CF → CP .

  29. Composable CF → Collusion-Preservation l Goal: Add composability to CF. l Idea: Add an environment (as in UC-style realization notions) to CF → CP . l Immediate results: Dummy (adversary) lemma and (G)UC l composition theorems hold essentially unchanged.

  30. Composable CF → Collusion-Preservation l Goal: Add composability to CF. l Idea: Add an environment (as in UC-style realization notions) to CF → CP . l Immediate results: Dummy (adversary) lemma and (G)UC l composition theorems hold essentially unchanged. CP strictly generalizes (G)UC realization l notions.

  31. Construction (1)

  32. Construction (1) l CP Construction for F using resource R: Trivial Idea: Resource R = Functionality F. l

  33. Construction (1) l CP Construction for F using resource R: Trivial Idea: Resource R = Functionality F. l l Issues: R depends on F l We show that to some extent such a − dependency is unavoidable. However at least R must only be − “programmable” but not fully “non-uniform”.

  34. Construction (1) l CP Construction for F using resource R: Trivial Idea: Resource R = Functionality F. l l Issues: R depends on F l We show that to some extent such a − dependency is unavoidable. However at least R must only be − “programmable” but not fully “non-uniform”. If R mis-behaves all bets are off. l Usually we don't care about this case. But trust − is a rare commodity.

  35. Fallback Security

  36. Fallback Security l Def. “Fallback Security” = Security attained when protocol is run using an arbitrary communication resource.

  37. Fallback Security l Def. “Fallback Security” = Security attained when protocol is run using an arbitrary communication resource. l Example: Protocol π CP-realizes R from F with GUC-Fallback Security. If π is run with R then F is CP-realized. l If π is run with any R* then F is GUC-realized. l

  38. Fallback Security l Def. “Fallback Security” = Security attained when protocol is run using an arbitrary communication resource. l Example: Protocol π CP-realizes R from F with GUC-Fallback Security. If π is run with R then F is CP-realized. l If π is run with any R* then F is GUC-realized. l l Now trivial construction no longer works because it achieves no fallback security.

  39. Construction (2)

  40. Construction (2) l Recall CF construction of Mediated Model of [ASV, AKLPSV]. Idea: “assisted SFE in the mediator's head” For functionality F, let protocol π = GMW(F). l “Mediator” resource M runs π on behalf of players “in l her head”. Player Pi's internal state in π shared between Pi and l M. Next protocol msg generated and Pi's state updated l via 2-party SFE between Pi and M.

Recommend

Collusion- -Free Free Collusion Multiparty Computation Multiparty Computation in the Mediated

Collusion- -Free Free Collusion Multiparty Computation Multiparty Computation in the Mediated

Collusion- -Free Free Collusion Multiparty Computation Multiparty Computation in the Mediated Model in the Mediated Model Jol Alwen (NYU) Jonathan Katz (U. Maryland) Yehuda Lindell (Bar-Ilan U.) Giuseppe Persiano (U. Salerno) abhi

519 views • 25 slides
The Phantom Tollbooth: Privacy-Preserving Toll Collection in the Presence of Driver Collusion

The Phantom Tollbooth: Privacy-Preserving Toll Collection in the Presence of Driver Collusion

The Phantom Tollbooth: Privacy-Preserving Toll Collection in the Presence of Driver Collusion Sarah Meiklejohn (UC San Diego) Keaton Mowery (UC San Diego) Stephen Checkoway (UC San Diego) Hovav Shacham (UC San Diego) 1 Motivation: how tolling

2.01k views • 144 slides
Privacy-Preserving Computation with Trusted Computing via Scramble-then-Compute Hung Dang, Anh

Privacy-Preserving Computation with Trusted Computing via Scramble-then-Compute Hung Dang, Anh

Privacy-Preserving Computation with Trusted Computing via Scramble-then-Compute Hung Dang, Anh Dinh, Ee-Chien Chang, Beng Chin Ooi School of Computing National University of Singapore PETS 2017 Privacy-Preserving Computation with Trusted

477 views • 34 slides
Incentive Engineering for Outsourced Computation in the Face of Collusion Arman Khouzani, Viet

Incentive Engineering for Outsourced Computation in the Face of Collusion Arman Khouzani, Viet

Incentive Engineering for Outsourced Computation in the Face of Collusion Arman Khouzani, Viet Pham , and Carlos Cid Information Security Group Royal Holloway University of London { arman.khouzani, viet.pham.2010, carlos.cid } @rhul.ac.uk

319 views • 17 slides
Secure Multiparty Computation Introduction to Privacy Preserving Distributed Data Mining Li

Secure Multiparty Computation Introduction to Privacy Preserving Distributed Data Mining Li

CS573 Data Privacy and Security Secure Multiparty Computation Introduction to Privacy Preserving Distributed Data Mining Li Xiong Slides credit: Chris Clifton, Purdue University; Murat Kantarcioglu, UT Dallas Outline Overview Data

901 views • 42 slides
A Collusion Attack on Pairwise Key Presdistribution Schemes for Distributed Sensor Networks

A Collusion Attack on Pairwise Key Presdistribution Schemes for Distributed Sensor Networks

Introduction & background Key-swapping collusion attack Analysis Discussion & Conclusions A Collusion Attack on Pairwise Key Presdistribution Schemes for Distributed Sensor Networks Tyler W Moore University of Cambridge Computer

773 views • 19 slides
Privacy-Preserving Search of Similar Patients in Genomic Data Gilad Asharov Shai Halevi

Privacy-Preserving Search of Similar Patients in Genomic Data Gilad Asharov Shai Halevi

Privacy-Preserving Search of Similar Patients in Genomic Data Gilad Asharov Shai Halevi Yehuda Lindell Tal Rabin Secure Computation Computation on private inputs without revealing anything but the output Applications :

299 views • 25 slides
Fighting Collusion in Auctions Theory & Experiment Audrey Hu Theo Offerman Sander

Fighting Collusion in Auctions Theory & Experiment Audrey Hu Theo Offerman Sander

Fighting Collusion in Auctions Theory & Experiment Audrey Hu Theo Offerman Sander Onderstal Motivation Fighting collusion is a primary concern of auctioneers (Graham and Marshall, 1987; Marshall and Marx, 2006) In the 1980s, 75%

488 views • 22 slides
Competition Policy - Spring 2005 Collusion II Antonio Cabrales & Massimo Motta April 22,

Competition Policy - Spring 2005 Collusion II Antonio Cabrales & Massimo Motta April 22,

Prepared with SEVI SLIDES Competition Policy - Spring 2005 Collusion II Antonio Cabrales & Massimo Motta April 22, 2005 Summary Symmetry helps collusion Multimarket contacts Cartels

522 views • 31 slides
OLIGOPOLY DYNAMICS: COLLUSION AND PRICE WARS Overview Context: Firms interact over time

OLIGOPOLY DYNAMICS: COLLUSION AND PRICE WARS Overview Context: Firms interact over time

OLIGOPOLY DYNAMICS: COLLUSION AND PRICE WARS Overview Context: Firms interact over time possibly using history-dependent strategies Concepts: repeated games, grim strategies, collusion, price wars Economic principle: repetition

375 views • 26 slides
BEWARE Sustainable Beef L i b e r t y H a n g s i n T h e B a l a n c e What Is the GRSB? A

BEWARE Sustainable Beef L i b e r t y H a n g s i n T h e B a l a n c e What Is the GRSB? A

BEWARE Sustainable Beef L i b e r t y H a n g s i n T h e B a l a n c e What Is the GRSB? A legal entity a 501(c) (3) Corporation Organized in Colorado a vehicle to facilitate collusion against freedom loving people collusion |k

1.11k views • 69 slides
Collaboration or Combination? Integration or Collusion? Beware of Antitrust Risks Contracts

Collaboration or Combination? Integration or Collusion? Beware of Antitrust Risks Contracts

Collaboration or Combination? Integration or Collusion? Beware of Antitrust Risks Contracts Mergers Collaboration or Combination? ACOs Networks Integration or Collusion? Employed Beware of Antitrust Risks Physicians Bundled Payments

297 views • 7 slides
Me Merge gers a and Collus Collusion ion in in Al All - Pay Au Auctions and Crowdsourcin

Me Merge gers a and Collus Collusion ion in in Al All - Pay Au Auctions and Crowdsourcin

Me Merge gers a and Collus Collusion ion in in Al All - Pay Au Auctions and Crowdsourcin Crowdsourcing Con g Conte tests sts Omer Lev, Maria Polukarov, Yoram Bachrach & Jeffrey S. Rosenschein AAMAS 2013 St. Paul, Minnesota

570 views • 21 slides
3.6. Tacit Collusion Matilde Machado

3.6. Tacit Collusion Matilde Machado

3.6. Tacit Collusion Matilde Machado 3.6. Colusin Tcita: juegos

372 views • 8 slides
Academic Integrity: Distinguishing Between Collaboration and Collusion Dr Donna M Velliaris

Academic Integrity: Distinguishing Between Collaboration and Collusion Dr Donna M Velliaris

A Clearer Pathway to Institutionalising Academic Integrity: Distinguishing Between Collaboration and Collusion Dr Donna M Velliaris Eynesbury Institute of Business & Technology (EIBT) AUSTRALIA ISANA Conference, Melbourne, December 2015

496 views • 21 slides
The Organization of Contracting in Supply Chains in the Presence of Relational Collusion

The Organization of Contracting in Supply Chains in the Presence of Relational Collusion

The Organization of Contracting in Supply Chains in the Presence of Relational Collusion Alexander E. Saak, IFPRI asaak@cgiar.org David A. Hennessy, Michigan State University hennes64@msu.edu Economic Problem How are effort and investment

217 views • 21 slides
Positivity- -preserving Lagrangian schemes for preserving Lagrangian schemes for Positivity

Positivity- -preserving Lagrangian schemes for preserving Lagrangian schemes for Positivity

Sino-German Symposium on Advanced Numerical Methods for Compressible Fluid Mechanics and Related Problems, May 22-26, 2014 Beijing Positivity- -preserving Lagrangian schemes for preserving Lagrangian schemes for Positivity multi-

746 views • 53 slides
THE LAW AND ECONOMICS OF COLLUSION Overview Context: At an industry convention, a competitor

THE LAW AND ECONOMICS OF COLLUSION Overview Context: At an industry convention, a competitor

THE LAW AND ECONOMICS OF COLLUSION Overview Context: At an industry convention, a competitor complains that competition is much too tough. How should you reply? Concepts: antitrust, competition policy, price fixing, civil and

825 views • 45 slides
Privacy Preserving Data Mining Moheeb Rajab Agenda Overview and Terminology Motivation

Privacy Preserving Data Mining Moheeb Rajab Agenda Overview and Terminology Motivation

Privacy Preserving Data Mining Moheeb Rajab Agenda Overview and Terminology Motivation Active Research Areas Secure Multi-party Computation (SMC) Randomization approach Limitations Summary and Insights Overview

716 views • 53 slides
Contracts Mergers Collaboration or Combination? ACOs Networks Integration or Collusion?

Contracts Mergers Collaboration or Combination? ACOs Networks Integration or Collusion?

Contracts Mergers Collaboration or Combination? ACOs Networks Integration or Collusion? Employed Beware of Antitrust Risks Physicians Bundled Payments Integration September 9, 2011 House Ways & Means Committee Just when you thought

232 views • 7 slides
3.5. Tacit Collusion Matilde Machado

3.5. Tacit Collusion Matilde Machado

3.5. Tacit Collusion Matilde Machado 3.5. Tacit Collusion Up to now

466 views • 7 slides
Forward Trading and Collusion in Supply Functions Nikolas Wlfing ZEW Mannheim / ETH Zrich

Forward Trading and Collusion in Supply Functions Nikolas Wlfing ZEW Mannheim / ETH Zrich

Introduction Model Main Results Generalisation Conclusion Thanks Forward Trading and Collusion in Supply Functions Nikolas Wlfing ZEW Mannheim / ETH Zrich Conference on Energy and Climate Change Toulouse, 8. September 2015 1 / 23

583 views • 17 slides
Privacy-Preserving Outsourcing by Distributed Verifiable Computation Meilof Veeningen Philips

Privacy-Preserving Outsourcing by Distributed Verifiable Computation Meilof Veeningen Philips

Privacy-Preserving Outsourcing by Distributed Verifiable Computation Meilof Veeningen Philips Research MPC 2016, Aarhus, May 30 2016 2 Philips Research 3 Philips Research 4 Philips Research 5 Philips Research 6 Philips Research

529 views • 31 slides
Collusion, Randomization and Leadership in Groups Rohan Dutta, David K. Levine and Salvatore

Collusion, Randomization and Leadership in Groups Rohan Dutta, David K. Levine and Salvatore

Collusion, Randomization and Leadership in Groups Rohan Dutta, David K. Levine and Salvatore Modica 1 The Question What happens when collusive Mancurian groups such as trade- unions, political parties, lobbying organizations and so

525 views • 30 slides

More recommend