Seminars
View all Seminars | Download ICal for this eventRational Secure Computation: New Definitions and Constructions
Series: M.Tech (Research) Thesis Defense
Speaker: Siddharth Agarwal,M.Tech (Engg.) student,Dept. of CSA
Date/Time: Jun 25 11:00:00
Location: CSA Lecture Hall (Room No. 117, Ground Floor)
Faculty Advisor: Prof. Bhavana Kanukurthi and Prof. Chaya Ganesh
Abstract:
Cryptography and Game Theory are two fascinating areas of modern computing, and there have been numerous works since the early 2000s to bridge these. While cryptography assumes that parties are either purely honest or malicious, game theory treats parties as rational agents governed by their utility functions. Secure Multiparty Computation is one of the fundamental problems in Cryptography where a collection of parties jointly evaluate a function on their inputs such that no information about the private input of parties is revealed except the evaluation of the function. Standard notions of security in Secure Multiparty Computation either assumes that (i) all parties behave honestly in the protocol (Semi-Honest Security) or (ii) a subset of parties can deviate from the protocol execution in an arbitrary manner (Malicious Security). We believe that both assumptions do not model real-life entities as (i) it would be naive to assume that parties necessarily follow the protocol honestly, and (ii) some of the deviations from the protocol execution may be "useless". In this work, we explore the problem of enabling Secure Two-Party Computation, assuming that the parties executing the protocol are "rational". We make the following contributions:
<br>
(i) We provide a rigorous definition of security that overcomes gaps in prior definitions as well as takes an -entropic- view of utilities. Informally speaking, we model the utility of a party as a function of the "information" a party learns about the function evaluation and private input of the other party.
<br>
(ii) We place Rational Security in the hierarchy of traditional security for two-party computation. Our notion of Rational Security is stronger than Semi-Honest Security and weaker than Malicious Security, which aligns more closely with our intuitive understanding of rational security.
<br>
(iii) We construct a protocol for two-party computation that is rationally secure as per our definition for a general function. Our construction, which provides rational security, has a small overhead over semi-honest secure protocol and is more efficient than state-of-the-art malicious secure protocols.