skip to main content
research-article

On the Existence of Unconditionally Privacy-Preserving Auction Protocols

Published:01 May 2008Publication History
Skip Abstract Section

Abstract

We investigate whether it is possible to preserve privacy in sealed-bid auctions to a maximal extent. In particular, this paper focuses on <it>unconditional full privacy</it>, i.e., privacy that relies neither on trusted third parties (like auctioneers), nor on computational intractability assumptions (like the hardness of factoring). These constraints imply a scenario in which bidders exchange messages according to some predefined protocol in order to jointly determine the auction outcome without revealing any additional information. It turns out that the first-price sealed-bid auction can be emulated by an unconditionally fully private protocol. However, the protocol's round complexity is exponential in the bid size, and there is no more efficient protocol. On the other hand, we prove the impossibility of privately emulating the second-price sealed-bid auction for more than two bidders. This impossibility holds even when relaxing various privacy constraints such as allowing the revelation of all but one losing bid (while maintaining anonymity) or allowing the revelation of the second highest bidder's identity.

References

  1. <scp>Abe, M. and Suzuki, K.</scp> 2002. M+1-st price auction using homomorphic encryption. In &lt;it&gt;Proceedings of the 5th International Conference on Public Key Cryptography (PKC'02)&lt;/it&gt;. Lecture Notes in Computer Science, vol. 2274. Springer-Verlag, 115--224. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. <scp>Bar-Yehuda, R., Chor, B., and Kushilevitz, E.</scp> 1990. Privacy, additional information, and communication. In &lt;it&gt;Proceedings of the 5th IEEE Conference on Structure in Complexity Theory&lt;/it&gt;. 55--65.Google ScholarGoogle Scholar
  3. <scp>Baudron, O. and Stern, J.</scp> 2001. Non-interactive private auctions. In &lt;it&gt;Proceedings of the 5th Annual Conference on Financial Cryptography (FC'01)&lt;/it&gt;. Lecture Notes in Computer Science, vol. 2339. Springer-Verlag, 300--313. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. <scp>Beimel, A., Malkin, T., and Micali, S.</scp> 1999. The all-or-nothing nature of two-party secure computation. In &lt;it&gt;Advances in Cryptology - Proceedings of the 19th Annual International Cryptology Conference (CRYPTO'99)&lt;/it&gt;. Lecture Notes in Computer Science, vol. 1666. Springer-Verlag, 80--97. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. <scp>Ben-Or, M., Goldwasser, S., and Wigderson, A.</scp> 1988. Completeness theorems for non-cryptographic fault-tolerant distributed computation. In &lt;it&gt;Proceedings of the 20th Annual ACM Symposium on the Theory of Computing (STOC'88)&lt;/it&gt;. ACM Press, 1--10. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. <scp>Benaloh, J.</scp> 1987. Secret sharing homomorphisms: Keeping shares of a secret secret. In &lt;it&gt;Advances in Cryptology---Proceedings of the 13th Annual International Cryptology Conference (CRYPTO'87)&lt;/it&gt;. Lecture Notes in Computer Science, vol. 263. Springer-Verlag, 251--260. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. <scp>Brandt, F.</scp> 2002. Secure and private auctions without auctioneers. Tech. rep. FKI-245-02, Department for Computer Science, Technical University of Munich. ISSN 0941-6358.Google ScholarGoogle Scholar
  8. <scp>Brandt, F.</scp> 2003. Fully private auctions in a constant number of rounds. In &lt;it&gt;Proceedings of the 7th Annual Conference on Financial Cryptography (FC'03)&lt;/it&gt;, R. N. Wright, Ed. Lecture Notes in Computer Science, vol. 2742. Springer-Verlag, 223--238.Google ScholarGoogle Scholar
  9. <scp>Brandt, F.</scp> 2006. How to obtain full privacy in auctions. &lt;it&gt;Int. J. Inform. Secur. 5,&lt;/it&gt; 4, 201--216. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. <scp>Brandt, F. and Sandholm, T.</scp> 2005. Efficient privacy-preserving protocols for multi-unit auctions. In &lt;it&gt;Proceedings of the 9th International Conference on Financial Cryptography and Data Security (FC'05)&lt;/it&gt;, A. Patrick and M. Yung, Eds. Lecture Notes in Computer Science, vol. 3570. Springer-Verlag, 298--312. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. <scp>Cachin, C.</scp> 1999. Efficient private bidding and auctions with an oblivious third party. In &lt;it&gt;Proceedings of the 6th ACM Conference on Computer and Communications Security&lt;/it&gt;. ACM Press, 120--127. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. <scp>Chaum, D., Crépeau, C., and Damgård, I.</scp> 1988. Multi-party unconditionally secure protocols. In &lt;it&gt;Proceedings of the 20th Annual ACM Symposium on the Theory of Computing (STOC'88)&lt;/it&gt;. ACM Press, 11--19. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. <scp>Chor, B., Geréb-Graus, M., and Kushilevitz, E.</scp> 1994. On the structure of the privacy hierarchy. &lt;it&gt;J. Crypto. 7,&lt;/it&gt; 1, 53--60.Google ScholarGoogle Scholar
  14. <scp>Chor, B. and Kushilevitz, E.</scp> 1989. A zero-one law for Boolean privacy. In &lt;it&gt;Proceedings of the 21st Annual ACM Symposium on the Theory of Computing (STOC'89)&lt;/it&gt;. ACM Press, 62--72. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. <scp>Franklin, M. K. and Reiter, M. K.</scp> 1996. The design and implementation of a secure auction service. &lt;it&gt;IEEE Trans. Softw. Engin. 22,&lt;/it&gt; 5, 302--312. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. <scp>Goldreich, O.</scp> 2001. &lt;it&gt;Foundations of Cryptography: Volume 1, Basic Tools&lt;/it&gt;. Cambridge University Press. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. <scp>Goldreich, O., Micali, S., and Wigderson, A.</scp> 1987. How to play any mental game or a completeness theorem for protocols with honest majority. In &lt;it&gt;Proceedings of the 19th Annual ACM Symposium on the Theory of Computing (STOC'87)&lt;/it&gt;. ACM Press, 218--229. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. <scp>Harkavy, M., Tygar, J. D., and Kikuchi, H.</scp> 1998. Electronic auctions with private bids. In &lt;it&gt;Proceedings of the 3rd USENIX Workshop on Electronic Commerce&lt;/it&gt;. 61--74. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. <scp>Juels, A. and Szydlo, M.</scp> 2002. A two-server, sealed-bid auction protocol. In &lt;it&gt;Proceedings of the 6th Annual Conference on Financial Cryptography (FC'02)&lt;/it&gt;, M. Blaze, Ed. Lecture Notes in Computer Science, vol. 2357. Springer-Verlag, 72--86. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. <scp>Kikuchi, H.</scp> 2001. (M+1)st-price auction protocol. In &lt;it&gt;Proceedings of the 5th Annual Conference on Financial Cryptography (FC'01)&lt;/it&gt;. Lecture Notes in Computer Science, vol. 2339. Springer-Verlag, 351--363. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. <scp>Kikuchi, H., Harkavy, M., and Tygar, J. D.</scp> 1998. Multi-round anonymous auction protocols. In &lt;it&gt;Proceedings of the 1st IEEE Workshop on Dependable and Real-Time E-Commerce Systems&lt;/it&gt;. 62--69.Google ScholarGoogle Scholar
  22. <scp>Krishna, V.</scp> 2002. &lt;it&gt;Auction Theory&lt;/it&gt;. Academic Press.Google ScholarGoogle Scholar
  23. <scp>Kushilevitz, E.</scp> 1989. Privacy and communication complexity. In &lt;it&gt;Proceedings of the 30th Symposium on Foundations of Computer Science (FOCS'89)&lt;/it&gt;. IEEE Computer Society Press, 416--421.Google ScholarGoogle Scholar
  24. <scp>Lamport, L., Shostak, R., and Pease, M.</scp> 1982. The Byzantine generals problem. &lt;it&gt;ACM Trans. Program. Lang. Syst. 4,&lt;/it&gt; 3, 382--401. Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. <scp>Lipmaa, H., Asokan, N., and Niemi, V.</scp> 2002. Secure Vickrey auctions without threshold trust. In &lt;it&gt;Proceedings of the 6th Annual Conference on Financial Cryptography (FC'02)&lt;/it&gt;, M. Blaze, Ed. Lecture Notes in Computer Science, vol. 2357. Springer-Verlag, 87--101. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. <scp>López, N., Nú ñez, M., Rodríguez, I., and Rubio, F.</scp> 2004. Improving privacy in Vickrey auctions. &lt;it&gt;ACM SIGEcom Exchanges 5,&lt;/it&gt; 1, 1--12. Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. <scp>Naor, M., Pinkas, B., and Sumner, R.</scp> 1999. Privacy preserving auctions and mechanism design. In &lt;it&gt;Proceedings of the 1st ACM Conference on Electronic Commerce (ACM-EC'99)&lt;/it&gt;. ACM Press, 129--139. Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. <scp>Nurmi, H. and Salomaa, A.</scp> 1993. Cryptographic protocols for Vickrey auctions. &lt;it&gt;Group Decision and Negotiation 2&lt;/it&gt;, 363--373.Google ScholarGoogle Scholar
  29. <scp>Peng, K., Boyd, C., Dawson, E., and Viswanathan, K.</scp> 2002. Non-interactive auction scheme with strong privacy. In &lt;it&gt;Proceedings of the 5th International Conference on Information Security and Cryptology (ICISC'02)&lt;/it&gt;. Lecture Notes in Computer Science, vol. 2587. Springer-Verlag, 407--420. Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. <scp>Porter, R. and Shoham, Y.</scp> 2005. On cheating in sealed-bid auctions. &lt;it&gt;Decision Supp. Syst. 39,&lt;/it&gt; 1, 41--54.Google ScholarGoogle Scholar
  31. <scp>Rodríguez, I. and López, N.</scp> 2006. Analyzing the privacy of a Vickrey auction mechanism. &lt;it&gt;Int. J. E-Busin. Resear. 2,&lt;/it&gt; 3, 17--27.Google ScholarGoogle Scholar
  32. <scp>Rothkopf, M. H. and Harstad, R. M.</scp> 1995. Two models of bid-taker cheating in Vickrey auctions. &lt;it&gt;J. Busin. 68,&lt;/it&gt; 2, 257--267.Google ScholarGoogle ScholarCross RefCross Ref
  33. <scp>Rothkopf, M. H., Teisberg, T. J., and Kahn, E. P.</scp> 1990. Why are Vickrey auctions rare? &lt;it&gt;J. Politi. Econo. 98,&lt;/it&gt; 1, 94--109.Google ScholarGoogle Scholar
  34. <scp>Sako, K.</scp> 2000. An auction protocol which hides bids of losers. In &lt;it&gt;Proceedings of the 3rd International Conference on Public Key Cryptography (PKC'00)&lt;/it&gt;. Lecture Notes in Computer Science, vol. 1751. Springer-Verlag, 422--432. Google ScholarGoogle ScholarDigital LibraryDigital Library
  35. <scp>Sandholm, T.</scp> 2000. Issues in computational Vickrey auctions. &lt;it&gt;Int. J. Electr. Comm.&lt;/it&gt; (Special Issue on Intelligent Agents for Electronic Commerce) &lt;it&gt;4,&lt;/it&gt; 3, 107--129. Google ScholarGoogle ScholarDigital LibraryDigital Library
  36. <scp>Sandholm, T. and Boutilier, C.</scp> 2006. Preference elicitation in combinatorial auctions. In &lt;it&gt;Combinatorial Auctions&lt;/it&gt;, P. Cramton, Y. Shoham, and R. Steinberg, Eds. MIT Press, Chapter 10, 233--263.Google ScholarGoogle Scholar
  37. <scp>Vickrey, W.</scp> 1961. Counter speculation, auctions, and competitive sealed tenders. &lt;it&gt;J. Finance 16,&lt;/it&gt; 1, 8--37.Google ScholarGoogle ScholarCross RefCross Ref
  38. <scp>Yao, A. C.</scp> 1979. Some complexity questions related to distributed computing. In &lt;it&gt;Proceedings of the 11th Annual ACM Symposium on the Theory of Computing (STOC'79)&lt;/it&gt;. ACM Press, 209--213. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. On the Existence of Unconditionally Privacy-Preserving Auction Protocols

              Recommendations

              Reviews

              J Wolper

              In an auction, each agent submits a bid; the agent submitting the largest bid wins. Often, agents would prefer to keep their bids to themselves, against a coalition of adversaries. The absence of a trusted auctioneer necessitates some kind of distributed protocol for computing the winning bid. Privacy results typically involve either a one-way function or an infeasibility assumption, but Brandt and Sandholm eschew these, seeking instead unconditional privacy that they define rigorously. They analyze traditional first-bid auctions, where the highest bidder pays the bid price, and second-bid auctions, where the highest bidder wins but pays the second-highest price. A privacy protocol that emulates a Dutch auction (descending bids) is developed for a first-bid auction. The remaining results are generally negative, except in a two-player case. They prove that there is no privacy protocol for second-price auctions. The paper is clearly written and well organized. Many of the definitions are technical, but Brandt and Sandholm include a heuristic for each. Older results are cited, and proofs of new results are easy to follow. Other applications for private auctions are mentioned, but not developed. The paper also briefly considers results with loosened privacy requirements. Online Computing Reviews Service

              Access critical reviews of Computing literature here

              Become a reviewer for Computing Reviews.

              Comments

              Login options

              Check if you have access through your login credentials or your institution to get full access on this article.

              Sign in

              Full Access

              • Published in

                cover image ACM Transactions on Information and System Security
                ACM Transactions on Information and System Security  Volume 11, Issue 2
                March 2008
                207 pages
                ISSN:1094-9224
                EISSN:1557-7406
                DOI:10.1145/1330332
                Issue’s Table of Contents

                Copyright © 2008 ACM

                Publisher

                Association for Computing Machinery

                New York, NY, United States

                Publication History

                • Published: 1 May 2008
                • Accepted: 1 August 2007
                • Revised: 1 August 2006
                • Received: 1 July 2005
                Published in tissec Volume 11, Issue 2

                Permissions

                Request permissions about this article.

                Request Permissions

                Check for updates

                Qualifiers

                • research-article
                • Research
                • Refereed

              PDF Format

              View or Download as a PDF file.

              PDF

              eReader

              View online with eReader.

              eReader
              About Cookies On This Site

              We use cookies to ensure that we give you the best experience on our website.

              Learn more

              Got it!