This work was supported by National Natural Science Foundation of China (Grant Nos. 61662009, 61772008), Guizhou Provincial Department of Education Science and Technology Top Talent Support Project (Grant No. 2016060), Science and Technology Major Support Program of Guizhou Province (Grant No. 20183001), Science and Technology Program of Guizhou Province (Grant No. 20175788), Ministry of Education-China Mobile Research Fund Project (Grant No. MCM20170401), Guizhou University Cultivation Project (Grant No. 20175788), Key Program of the National Natural Science Union Foundation of China (Grant No. U1836205), and Science and Technology Program of Guizhou Province (Grant No. 20191098).
[1] Blakley G R. Safeguarding cryptographic keys. In: Proceedings of Americian Federation of Information Processing Societies (AFIPS'79) National Computer Conference, 1979. 313--317. Google Scholar
[2] Shamir A. How to share a secret. Commun ACM, 1979, 22: 612-613 CrossRef Google Scholar
[3] Halpern J, Teague V. Rational secret sharing and multiparty computation: extended abstract. In: Proceedings of the 36th Annual ACM Symposium on Theory of Computing, Chicago, 2004. 623--632. Google Scholar
[4] Dodis Y, Rabin T. Cryptography and game theory. Algorithmic game theory, 2007: 181-207. Google Scholar
[5] Gordon S D, Katz J. Rational secret sharing, revisited. In: Proceedings of the 5th International Conference on Security and Cryptography for Networks, Maiori, 2006. 229--241. Google Scholar
[6] Kol G, Naor M. Games for exchanging information. In: Proceedings of the 40th Annual ACM Symposium on Theory of Computing, Victoria, 2008. 423--432. Google Scholar
[7] Fuchsbauer G, Katz J, Naccache D. Efficient rational secret sharing in standard communication networks. In: Proceedings of the 7th Theory of Cryptography Conference, Zurich, 2010. 419--436. Google Scholar
[8] Fudenberg D, Tirole J. Game Theory. Cambridge: MIT Press, 1991. Google Scholar
[9] Maleka S, Shareef A, Rangan C P. Rational secret sharing with repeated games. In: Proceedings of the 4th Information Security Practice and Experience Conference, Sydney, 2008. 334--346. Google Scholar
[10] Ong S J, Parkes D C, Rosen A, et al. Fairness with an honest minority and a rational majority. In: Proceedings of the 6th Theory of Cryptography Conference, San Francisco, 2009. 36--53. Google Scholar
[11] Zhang Z, Liu M. Unconditionally secure rational secret sharing in standard communication networks. In: Proceeding of the 13th International Conference on Information Security and Cryptology, Seoul, 2010. 355--369. Google Scholar
[12] Zhang Z F, Liu M L. Rational secret sharing as extensive games. Science China Information Sciences, 2013, 56(3): 1-13. Google Scholar
[13] Tian Y, Ma J, Peng C. A rational framework for secure communication. Inf Sci, 2013, 250: 215-226 CrossRef Google Scholar
[14] Tian Y L, Peng C G, Lin D D, et al. Bayesian mechanism for rational secret sharing scheme. Science China Information Sciences, 2015, 58(5): 1-13. Google Scholar
[15] Jin J, Zhou X, Ma C, et al. A rational secret sharing relying on reputation. In: Proceeding of the 8th International Conference on Intelligent Networking and Collaborative Systems, Ostrawva, 2016. 384--387. Google Scholar
[16] Nisan N, Ronen A. Algorithmic Mechanism Design. Games Economic Behav, 2001, 35: 166-196 CrossRef Google Scholar
[17] Liu H, Li X, Ma J, et al. Reconstruction methodology for rational secret sharing based on mechanism design. Science China Information Sciences, 2017, 60(8): 088101:1-088101:3. Google Scholar
[18] Nakamoto S. Bitcoin: a peer-to-peer electronic cash system. 2008. https://bitcoin.org/en/bitcoin-paper. Google Scholar
[19] Zhou L, Wang L, Sun Y. MIStore: a Blockchain-Based Medical Insurance Storage System. J Med Syst, 2018, 42: 149 CrossRef Google Scholar
[20] Bartolucci S, Bernat P, Joseph D. SHARVOT: secret SHARe-based VOTing on the blockchain. In: Proceedings of the 1st International Workshop on Emerging Trends in Software Engineering for Blockchain, Gothenburg, 2018. 30--34. Google Scholar
[21] Kim Y, Raman R K, Kim Y S. Efficient Local Secret Sharing for Distributed Blockchain Systems. IEEE Commun Lett, 2019, 23: 282-285 CrossRef Google Scholar
[22] Xiong F, Xiao R, Ren W. A Key Protection Scheme Based on Secret Sharing for Blockchain-Based Construction Supply Chain System. IEEE Access, 2019, 7: 126773 CrossRef Google Scholar
[23] Dong C, Wang Y, Aldweesh A, et al. Betrayal, distrust, and rationality: Smart counter-collusion contracts for verifiable cloud computing. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, Dallas, 2017. 211--227. Google Scholar
[24] Katz J. Bridging game theory and cryptography: Recent results and future directions. In: Proceedings of the 5th Theory of Cryptography Conference, New York, 2008. 251--272. Google Scholar
[25] Szabo N. Formalizing and securing relationships on public networks. First Monday, 1997, 2(9). Google Scholar
[26] Pedersen T P. Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing. In: Proceedings of the 11st Annual International Cryptology Conference, Santa Barbara, 1991. 1290-140. Google Scholar
[27] Tian Y, Guo J, Wu Y. Towards Attack and Defense Views of Rational Delegation of Computation. IEEE Access, 2019, 7: 44037-44049 CrossRef Google Scholar
Figure 1
GameSample.
Figure 2
Game1.
Figure 3
Game2.
Serial | $p_{ldr}$ | $p_{ldr}$ | $p_{flr}$ | $p_{flr}$ | $u_{\rm~IVR}(p_{ldr})$ | $u_{\rm~NIVR}(p_{ldr})$ |
1* | publish | promulgate | publish | promulgate | $b-g$ | $b$ |
2* | publish | promulgate | publish | deceive | $b+r-g$ | $b$ |
3* | publish | promulgate | cheat | promulgate | $b+r-g$ | $d$ |
4* | publish | promulgate | cheat | deceive | $b+r-g$ | $d$ |
5* | publish | deceive | publish | deceive | $b-r-g$ | $b$ |
6* | publish | deceive | cheat | promulgate | $d-r-g$ | $d$ |
7* | publish | deceive | cheat | deceive | $d-r-g$ | $d$ |
8* | cheat | promulgate | publish | deceive | $a-r-g$ | $a$ |
9* | cheat | promulgate | cheat | promulgate | $c-r-g$ | $c$ |
10* | cheat | promulgate | cheat | deceive | $c-r-g$ | $c$ |
11* | cheat | deceive | publish | deceive | $a-r-g$ | $a$ |
12* | cheat | deceive | cheat | promulgate | $c-r-g$ | $c$ |
13* | cheat | deceive | cheat | deceive | $c-r-g$ | $c$ |
14* | publish | deceive | publish | promulgate | $b-r-g$ | $b$ |
15* | cheat | promulgate | publish | promulgate | $a-r-g$ | $a$ |
16* | cheat | deceive | publish | promulgate | $a-r-g$ | $a$ |
Node | $u(p_1)$ | $u(p_2)$ |
$n_{17}$ | $b$ | $b$ |
$n_{18}$ | $b+r-g$ | $b-r$ |
$n_{19}$ | $b-r$ | $b+r-g$ |
$n_{20}$ | $b$ | $b$ |
$n_{21}$ | $b+r-g$ | $b-r$ |
$n_{22}$ | $b+r-g$ | $b-r-g$ |
$n_{23}$ | $d$ | $a$ |
$n_{24}$ | $d$ | $a$ |
$n_{25}$ | $b-r$ | $b+r-g$ |
$n_{26}$ | $a$ | $d$ |
$n_{27}$ | $b-r-g$ | $b+r-g$ |
$n_{28}$ | $a$ | $d$ |
$n_{29}$ | $c$ | $c$ |
$n_{30}$ | $c$ | $c$ |
$n_{31}$ | $c$ | $c$ |
$n_{32}$ | $c$ | $c$ |
Game1 | $c$ | $c$ |
Serial | Function | Description |
$1$ | Sign | A player calls this function to sign IC before $T_1$. Auto-transferring each player's deposit $r+g$ to the contract account if the contract takes effect. |
2 | SendSecretShare | A player calls this function to send the commitment of his/her secret share before $T_2$. |
3 | SendReconstructedSecret | A player calls this function to send the commitment of his/her reconstructed secret before $T_3$. |
4 | IVROrNot | A player calls this function to choose whether initiate a verification request or not before $T_4$. |
5 | Transfer | This function can handle disputes in different situations:If (UIVR) contract auto-transfers deposit $r+g$ to $p_{ldr}$, deposit $r+g$ to $p_{flr}$.Else if (IVR) Case1 (Both players are honest): contract auto-transfers deposit $r$ to $p_{ldr}$, deposit $r+g$ to $p_{flr}$ and deposit $g$ to $V$; Case2 ($p_{ldr}$ is honest while $p_{flr}$ is dishonest): contract auto-transfers deposit $2r$ to $p_{ldr}$, deposit $g$ to $p_{flr}$ and deposit $g$ to $V$; Case3 ($p_{ldr}$ is dishonest while $p_{flr}$ is honest): contract auto-transfers deposit $2r+g$ to $p_{flr}$ and deposit $g$ to $V$; Case4 (Both players are dishonest, $p_{flr}~$ either cheats in the PSSP or deceives in the PRSP): contract auto-transfers deposit $g$ to $p_{flr}$ and deposit $2r+g$ to $V$; Case5 (both players are dishonest, $p_{flr}~$ both cheats in the PSSP and deceives in the PRSP): contract auto-transfers deposit $2r+2g$ to $V$. |
6 | TimeOut | $V$ can call this function if it times out: Case1 (Only $p_i$ called the function SendSecretShare before $T_2$): contract auto-transfers deposit $r+g$ to $p_i$, deposit $r+g$ to $V$; Case2 (No player called the function SendSecretShare before $T_2$): contract auto-transfers deposit $2r+2g$ to $V$; Case3 (Only $p_i$ called the function SendReconstructedSecret before $T_3$): contract auto-transfers deposit $r+g$ to $p_i$, deposit $r+g$ to $V$; Case4 (No player called the function SendReconstructedSecret before $T_3$): contract auto-transfers deposit $2r+2g$ to $V$; Case5 (Only $p_i$ called the function IVROrNot before $T_4$): contract auto-transfers deposit $r+g$ to $p_i$, deposit $r+g$ to $V$; Case6 (No player called the function IVROrNot before $T_4$): contract auto-transfers deposit $2r+2g$ to $V$. |
Serial | Function | Cost in Gas | Cost in Dollar |
$1$ | Deploy | 1382691 | 0.26 |
$2$ | Sign | 292963 | 0.056 |
$3$ | SendSecretShare | 132224 | 0.025 |
$4$ | SendReconstructedSecret | 132180 | 0.025 |
$5$ | IVROrNot | 95416 | 0.018 |
$6$ | Transfer | 41748 | 0.008 |
Player | Generate commitment | Open commitment | Compute hash function |
$p_1$ | 2 | 3 | 5 |
$p_2$ | 2 | 3 | 5 |
$V$ | 0 | 0 | 0 |
Total | 4 | 6 | 10 |