logo

SCIENCE CHINA Information Sciences, Volume 64 , Issue 10 : 202301(2021) https://doi.org/10.1007/s11432-019-2858-8

An incentive-compatible rational secret sharing scheme using blockchain and smart contract

More info
  • ReceivedDec 2, 2019
  • AcceptedMar 18, 2020
  • PublishedFeb 3, 2021

Abstract


Acknowledgment

This work was supported by National Natural Science Foundation of China (Grant Nos. 61662009, 61772008), Guizhou Provincial Department of Education Science and Technology Top Talent Support Project (Grant No. 2016060), Science and Technology Major Support Program of Guizhou Province (Grant No. 20183001), Science and Technology Program of Guizhou Province (Grant No. 20175788), Ministry of Education-China Mobile Research Fund Project (Grant No. MCM20170401), Guizhou University Cultivation Project (Grant No. 20175788), Key Program of the National Natural Science Union Foundation of China (Grant No. U1836205), and Science and Technology Program of Guizhou Province (Grant No. 20191098).


References

[1] Blakley G R. Safeguarding cryptographic keys. In: Proceedings of Americian Federation of Information Processing Societies (AFIPS'79) National Computer Conference, 1979. 313--317. Google Scholar

[2] Shamir A. How to share a secret. Commun ACM, 1979, 22: 612-613 CrossRef Google Scholar

[3] Halpern J, Teague V. Rational secret sharing and multiparty computation: extended abstract. In: Proceedings of the 36th Annual ACM Symposium on Theory of Computing, Chicago, 2004. 623--632. Google Scholar

[4] Dodis Y, Rabin T. Cryptography and game theory. Algorithmic game theory, 2007: 181-207. Google Scholar

[5] Gordon S D, Katz J. Rational secret sharing, revisited. In: Proceedings of the 5th International Conference on Security and Cryptography for Networks, Maiori, 2006. 229--241. Google Scholar

[6] Kol G, Naor M. Games for exchanging information. In: Proceedings of the 40th Annual ACM Symposium on Theory of Computing, Victoria, 2008. 423--432. Google Scholar

[7] Fuchsbauer G, Katz J, Naccache D. Efficient rational secret sharing in standard communication networks. In: Proceedings of the 7th Theory of Cryptography Conference, Zurich, 2010. 419--436. Google Scholar

[8] Fudenberg D, Tirole J. Game Theory. Cambridge: MIT Press, 1991. Google Scholar

[9] Maleka S, Shareef A, Rangan C P. Rational secret sharing with repeated games. In: Proceedings of the 4th Information Security Practice and Experience Conference, Sydney, 2008. 334--346. Google Scholar

[10] Ong S J, Parkes D C, Rosen A, et al. Fairness with an honest minority and a rational majority. In: Proceedings of the 6th Theory of Cryptography Conference, San Francisco, 2009. 36--53. Google Scholar

[11] Zhang Z, Liu M. Unconditionally secure rational secret sharing in standard communication networks. In: Proceeding of the 13th International Conference on Information Security and Cryptology, Seoul, 2010. 355--369. Google Scholar

[12] Zhang Z F, Liu M L. Rational secret sharing as extensive games. Science China Information Sciences, 2013, 56(3): 1-13. Google Scholar

[13] Tian Y, Ma J, Peng C. A rational framework for secure communication. Inf Sci, 2013, 250: 215-226 CrossRef Google Scholar

[14] Tian Y L, Peng C G, Lin D D, et al. Bayesian mechanism for rational secret sharing scheme. Science China Information Sciences, 2015, 58(5): 1-13. Google Scholar

[15] Jin J, Zhou X, Ma C, et al. A rational secret sharing relying on reputation. In: Proceeding of the 8th International Conference on Intelligent Networking and Collaborative Systems, Ostrawva, 2016. 384--387. Google Scholar

[16] Nisan N, Ronen A. Algorithmic Mechanism Design. Games Economic Behav, 2001, 35: 166-196 CrossRef Google Scholar

[17] Liu H, Li X, Ma J, et al. Reconstruction methodology for rational secret sharing based on mechanism design. Science China Information Sciences, 2017, 60(8): 088101:1-088101:3. Google Scholar

[18] Nakamoto S. Bitcoin: a peer-to-peer electronic cash system. 2008. https://bitcoin.org/en/bitcoin-paper. Google Scholar

[19] Zhou L, Wang L, Sun Y. MIStore: a Blockchain-Based Medical Insurance Storage System. J Med Syst, 2018, 42: 149 CrossRef Google Scholar

[20] Bartolucci S, Bernat P, Joseph D. SHARVOT: secret SHARe-based VOTing on the blockchain. In: Proceedings of the 1st International Workshop on Emerging Trends in Software Engineering for Blockchain, Gothenburg, 2018. 30--34. Google Scholar

[21] Kim Y, Raman R K, Kim Y S. Efficient Local Secret Sharing for Distributed Blockchain Systems. IEEE Commun Lett, 2019, 23: 282-285 CrossRef Google Scholar

[22] Xiong F, Xiao R, Ren W. A Key Protection Scheme Based on Secret Sharing for Blockchain-Based Construction Supply Chain System. IEEE Access, 2019, 7: 126773 CrossRef Google Scholar

[23] Dong C, Wang Y, Aldweesh A, et al. Betrayal, distrust, and rationality: Smart counter-collusion contracts for verifiable cloud computing. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, Dallas, 2017. 211--227. Google Scholar

[24] Katz J. Bridging game theory and cryptography: Recent results and future directions. In: Proceedings of the 5th Theory of Cryptography Conference, New York, 2008. 251--272. Google Scholar

[25] Szabo N. Formalizing and securing relationships on public networks. First Monday, 1997, 2(9). Google Scholar

[26] Pedersen T P. Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing. In: Proceedings of the 11st Annual International Cryptology Conference, Santa Barbara, 1991. 1290-140. Google Scholar

[27] Tian Y, Guo J, Wu Y. Towards Attack and Defense Views of Rational Delegation of Computation. IEEE Access, 2019, 7: 44037-44049 CrossRef Google Scholar

  • Figure 1

    GameSample.

  • Figure 2

    Game1.

  • Figure 3

    Game2.

  • Table 1  

    Table 1The ${p_{ldr}}$'s utility of IVR and NIVR

    Serial $p_{ldr}$ $p_{ldr}$ $p_{flr}$ $p_{flr}$ $u_{\rm~IVR}(p_{ldr})$ $u_{\rm~NIVR}(p_{ldr})$
    1* publish promulgate publish promulgate $b-g$ $b$
    2* publish promulgate publish deceive $b+r-g$ $b$
    3* publish promulgate cheat promulgate $b+r-g$ $d$
    4* publish promulgate cheat deceive $b+r-g$ $d$
    5* publish deceive publish deceive $b-r-g$ $b$
    6* publish deceive cheat promulgate $d-r-g$ $d$
    7* publish deceive cheat deceive $d-r-g$ $d$
    8* cheat promulgate publish deceive $a-r-g$ $a$
    9* cheat promulgate cheat promulgate $c-r-g$ $c$
    10* cheat promulgate cheat deceive $c-r-g$ $c$
    11* cheat deceive publish deceive $a-r-g$ $a$
    12* cheat deceive cheat promulgate $c-r-g$ $c$
    13* cheat deceive cheat deceive $c-r-g$ $c$
    14* publish deceive publish promulgate $b-r-g$ $b$
    15* cheat promulgate publish promulgate $a-r-g$ $a$
    16* cheat deceive publish promulgate $a-r-g$ $a$
  • Table 2  

    Table 2Utility function in Game2

    Node $u(p_1)$ $u(p_2)$
    $n_{17}$ $b$ $b$
    $n_{18}$ $b+r-g$ $b-r$
    $n_{19}$ $b-r$ $b+r-g$
    $n_{20}$ $b$ $b$
    $n_{21}$ $b+r-g$ $b-r$
    $n_{22}$ $b+r-g$ $b-r-g$
    $n_{23}$ $d$ $a$
    $n_{24}$ $d$ $a$
    $n_{25}$ $b-r$ $b+r-g$
    $n_{26}$ $a$ $d$
    $n_{27}$ $b-r-g$ $b+r-g$
    $n_{28}$ $a$ $d$
    $n_{29}$ $c$ $c$
    $n_{30}$ $c$ $c$
    $n_{31}$ $c$ $c$
    $n_{32}$ $c$ $c$
    Game1 $c$ $c$
  • Table 3  

    Table 3Functions in the smart contract

    Serial Function Description
    $1$ Sign A player calls this function to sign IC before $T_1$. Auto-transferring each player's deposit $r+g$ to the contract account if the contract takes effect.
    2 SendSecretShare A player calls this function to send the commitment of his/her secret share before $T_2$.
    3 SendReconstructedSecret A player calls this function to send the commitment of his/her reconstructed secret before $T_3$.
    4 IVROrNot A player calls this function to choose whether initiate a verification request or not before $T_4$.
    5 Transfer This function can handle disputes in different situations:If (UIVR) contract auto-transfers deposit $r+g$ to $p_{ldr}$, deposit $r+g$ to $p_{flr}$.Else if (IVR) Case1 (Both players are honest): contract auto-transfers deposit $r$ to $p_{ldr}$, deposit $r+g$ to $p_{flr}$ and deposit $g$ to $V$; Case2 ($p_{ldr}$ is honest while $p_{flr}$ is dishonest): contract auto-transfers deposit $2r$ to $p_{ldr}$, deposit $g$ to $p_{flr}$ and deposit $g$ to $V$; Case3 ($p_{ldr}$ is dishonest while $p_{flr}$ is honest): contract auto-transfers deposit $2r+g$ to $p_{flr}$ and deposit $g$ to $V$; Case4 (Both players are dishonest, $p_{flr}~$ either cheats in the PSSP or deceives in the PRSP): contract auto-transfers deposit $g$ to $p_{flr}$ and deposit $2r+g$ to $V$; Case5 (both players are dishonest, $p_{flr}~$ both cheats in the PSSP and deceives in the PRSP): contract auto-transfers deposit $2r+2g$ to $V$.
    6 TimeOut $V$ can call this function if it times out: Case1 (Only $p_i$ called the function SendSecretShare before $T_2$): contract auto-transfers deposit $r+g$ to $p_i$, deposit $r+g$ to $V$; Case2 (No player called the function SendSecretShare before $T_2$): contract auto-transfers deposit $2r+2g$ to $V$; Case3 (Only $p_i$ called the function SendReconstructedSecret before $T_3$): contract auto-transfers deposit $r+g$ to $p_i$, deposit $r+g$ to $V$; Case4 (No player called the function SendReconstructedSecret before $T_3$): contract auto-transfers deposit $2r+2g$ to $V$; Case5 (Only $p_i$ called the function IVROrNot before $T_4$): contract auto-transfers deposit $r+g$ to $p_i$, deposit $r+g$ to $V$; Case6 (No player called the function IVROrNot before $T_4$): contract auto-transfers deposit $2r+2g$ to $V$.
  • Table 4  

    Table 4Cost of using the smart contract

    Serial Function Cost in Gas Cost in Dollar
    $1$ Deploy 1382691 0.26
    $2$ Sign 292963 0.056
    $3$ SendSecretShare 132224 0.025
    $4$ SendReconstructedSecret 132180 0.025
    $5$ IVROrNot 95416 0.018
    $6$ Transfer 41748 0.008
  • Table 5  

    Table 5Number of calculations

    Player Generate commitment Open commitment Compute hash function
    $p_1$ 2 3 5
    $p_2$ 2 3 5
    $V$ 0 0 0
    Total 4 6 10