Abstract
Sealed-Bid auction is an efficient and rational method to establish the price in open market. However sealed-bid auctions are subject to bid-rigging attack. Receipt-free mechanisms were proposed to prevent bid-rigging. The prior receipt-free mechanisms are based on two assumptions; firstly, existence of untappable channel between bidders and auction authorities. Secondly, mechanisms assume the authorities to be honest (not colluding). Moreover the bandwidth required to communicate the receipt-free bids is huge. This paper presents a sealed-bid auction mechanism to resist bid-rigging. The proposed method does not assume untappable channel nor consider the authorities to be necessarily honest. The proposed mechanism also manages the bandwidth efficiently, and improves the performance of the system.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
A channel that provides perfect security in an information-theoretic sense. Even encryption does not provide an untappable channel.
- 2.
Probabilistic encryption uses randomness in encryption so that, when encrypting the same message several times it will, in general yield different ciphertexts.
- 3.
Lagrange interpolation coefficient for the \(i^{th}\) sealer is .
References
Shamir, A.: How to share a secret. Commun. ACM 22(11), 612–613 (1979)
Lee, B., Kim, K.: Receipt-free electronic voting scheme with a tamper-resistant randomizer. In: Lee, P.J., Lim, C.H. (eds.) ICISC 2002. LNCS, vol. 2587, pp. 389–406. Springer, Heidelberg (2003)
Bárász, M., Ligeti, P., Mérai, L., Nagy, D.A.: Anonymous sealed bid auction protocol based on a variant of the dining cryptographers’ protocol. Periodica Math. Hung. 65(2), 167–176 (2012)
Boyd, C., Mao, W.: Security issues for electronic auctions. HP Laboratories Technical report, Hewlett-Packard Laboratories (2000)
Yao, A.C.: Protocols for secure computations. In: 23rd Annual Symposium on Foundations of Computer Science, SFCS ’82, pp. 160–164. IEEE Computer Society (1982)
Wu, C.-C., Chang, C.-C., Lin, I.-C.: New sealed-bid electronic auction with fairness, security and efficiency. J. Comput. Sci. Technol. 23(2), 253–264 (2008)
Chaum, D., Pedersen, T.P.: Wallet databases with observers. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 89–105. Springer, Heidelberg (1993)
Gao, C., an Yao, Z., Xie, D., Wei, B.: Electronic sealed-bid auction with incoercinility. In: Wan, X. (ed.) Electronic Power Systems and Computers. LNEE, vol. 99, pp. 47–54. Springer, Heidelberg (2011)
Xiong, H., Qin, Z., Zhang, F., Yang, Y., Zhao, Y.: A sealed-bid electronic auction protocol based on ring signature. In: ICCCAS, pp. 480–483. IEEE (2007)
Howlader, J., Ghosh, A., Pal, T.D.R.: Secure receipt-free sealed-bid electronic auction. In: Ranka, S., Aluru, S., Buyya, R., Chung, Y.-C., Dua, S., Grama, A., Gupta, S.K.S., Kumar, R., Phoha, V.V. (eds.) IC3 2009. CCIS, vol. 40, pp. 228–239. Springer, Heidelberg (2009)
Howlader, J., Kar, J., Mal, A.K.: Coercion resistant MIX for electronic auction. In: Venkatakrishnan, V., Goswami, D. (eds.) ICISS 2012. LNCS, vol. 7671, pp. 238–248. Springer, Heidelberg (2012)
Howlader, J., Basu, S.: Sender-side public key deniable encryption scheme. In: ARTCom, pp. 9–13. IEEE Computer Society (2009)
Howlader, J., Nair, V., Basu, S., Mal, A.K.: Uncoercibility in e-voting and e-auctioning mechanisms using deniable encryption. IJNSA 3(2), 97–109 (2011)
Franklin, M.K., Reiter, M.K.: The design and implementation of a secure auction service. IEEE Trans. Softw. Eng. 22(5), 302–312 (1996)
Sako, K., Kilian, J.: Receipt-free mix-type voting scheme. In: Guillou, L.C., Quisquater, J.-J. (eds.) EUROCRYPT 1995. LNCS, vol. 921, pp. 393–403. Springer, Heidelberg (1995)
Kikuchi, H., Hakavy, M., Tygar, D.: Multi-round anonymous auction protocols. Inst. Electron. Inf. Commun. Eng. Trans. Inf. Syst. E82-D(4), 769–777 (1999)
Chaum, D.L.: Untraceable electronic mail, return addresses, and digital pseudonyms. Commun. ACM 24(2), 84–90 (1981)
Abe, M., Suzuki, K.: Receipt-free sealed-bid auction. In: Chan, A.H., Gligor, V.D. (eds.) ISC 2002. LNCS, vol. 2433, pp. 191–199. Springer, Heidelberg (2002)
Jakobsson, M.: A practical mix. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 448–461. Springer, Heidelberg (1998)
Noar, M., Pinkas, B., Sumner, R.: Privacy preserving auction and mechanism design. In: ACM Conference on Electronic Commerce, pp. 129–139. ACM (1999)
Canetti, R., Dwork, C., Naor, M., Ostrovsky, R.: Deniable encryption. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 90–104. Springer, Heidelberg (1997)
Gennaro, R., Jarecki, S., Krawczyk, H., Rabin, T.: Secure distributed key generation for discrete-log based cryptosystems. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 295–310. Springer, Heidelberg (1999)
Gennaro, R., Jarecki, S., Krawczyk, H., Rabin, T.: Secure distributed key generation for discrete-log based cryptosystems. J. Cryptol. 20(1), 51–83 (2007)
Rjas̆ková, Z.: Electronic voting schemes. Master’s thesis, Department of Computer Science Faculty of Mathematics, Physics and Informatics Comenius University, Bratislava (2002)
Goldwasser, S., Micali, S.: How to play any mental game or a completeness theorem for protocols with honest majority. In: 19th Annual ACM Symposium on Theory of Computing, pp. 365–377. ACM (1982)
Goldwasser, S., Micali, S.: Probabilistic encryption. J. Comput. Syst. Sci. 28(2), 270–299 (1984)
Ham, W., Kim, K., Imai, H.: Yet another strong sealed-bid auctions. In: SCIS, pp. 11–16 (2003)
Chen, X., Lee, B., Kim, K.: Receipt-free electronic auction schemes using homomorphic encryption. In: Lim, J.-I., Lee, D.-H. (eds.) ICISC 2003. LNCS, vol. 2971, pp. 259–273. Springer, Heidelberg (2004)
Her, Y.-S., Imamoto, K., Sakurai, K.: Receipt-free sealed-bid auction based on mix-net and pseudo ID (2004)
Huang, Z., Qiu, W., Guan, H., Chen, K.: Efficient receipt-free electronic auction protocol. In: SITIS, pp. 1023–1028. IEEE Computer Society (2007)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Appendices
Appendix
1.1 Proof of Sealing
Sealer \(S_l\) receives the partially sealed bid-vector \(\langle \mathcal {X}_{S_{l-1}i}, \mathcal {Y}_{S_{l-1}i} \rangle \) from the preceding sealer \(S_{l-1}\), selects \(\hat{r}_{S_li,(k,j)}, r_{S_li,(k,j)} \in _R \mathbb {Z}_p\) randomly, performs the sealing operation and forwards the partially sealed bid-vector to the next sealer \(S_{l+1}\). Figure 2 describes the process. The sealing operation of the \(S_l\) is as follows:
After \(t\) sealing operation the bid-vector is reduced to
1.2 ZK Protocol
Zero-Knowledge (ZK) protocol [7] is a tool by which the prover can prove to another party (the verifier) that a function has been correctly computed, without revealing the secret parameters of the computation. The auction mechanism uses the ZK protocol to determine the winning bidder. Let \(w=w_{d-1}\dots w_0\) be the winning price and \(B_i\) responds as the winner. The bidder \(B_i\) have to prove the following:
-
\(B_i\) publishes \(G_i = g_{y}^{x_{B_i}}\) and proves that \(G_i\) and \(h_{B_i}\) having common exponent (\(x_{B_i}\)) over \(g_y\) and \(g\) respectively, without disclosing the secret \(x_{B_i}\). Algorithm 7 describes the proof.
-
For \(k=0,1,\ldots d-1\), \(B_i\) publishes the product of all \(\hat{r}_{i,(k,w_k)}\) and proves that he knows the common exponents over \(X_{i,(k,w_k)}\)s and \(G_{i,(k,w_k)}\)s. The proof would not be carried on individual items but exercised on the product of all \(X_{i,(k,w_k)}\) (for \(k=0,1,\ldots d-1\)). The Algorithm 6 describes the proof.
Does ProcSwap() vulnerable
The subprocess \(EBY()\) is a recursive process that partitions the list \(L\) into two halves and invokes the P rocSwap(). Figure 3 shows the process of partitioning ans swapping operation. \(EBY()\) divides the list into some stacks of sealed bids. Every stack contains only two sealed bids where at least one of them must contains the Yes Mark on the \(P_{k,w_k}\) index. However, P rocSwap() procedure takes a stack (size \(2\)) and demands additional information to determine the bid containing the Yes Mark. We claim that the additional information that is published in order to execute P rocSwap() does not compromise the receipt-freeness property.
Lemma 1
Let \( a,b,c~ \& ~d \in \mathbb {Z}_{p}\) such that;
Though the values of \( k_1,k_2,k_3~ \& ~k_4\) are known, it is computationally infeasible to find the unique solution of \( a,b,c~ \& ~d\).
Proof
In the above set of equation, any one of the equation is derivable from the other three equations. Let \(a.b = k_1\), \(c.d = k_2\) and \(a.c = k_3\) are given, the fourth equation can be derivable from the given three equations, that is, \(b.d = (a.b).(c.d).(a.c)^{-1} = k_1.k_2.k_{3}^{-1}\). Therefore the above system is effectively consists of three equations with four unknown variables. Henceforth infeasible to determine the unique solution of the \( a,b,c~ \& ~b\). If \(p\) is sufficiently big any random search is inefficient to get the solution of \( a,b,c,~ \& ~d\) Â Â Â \(\Box \).
Let \(T1\) be a stack containing two bids \(B_1\) and \(B_2\). Also let \(T2\) be another stack containing two void bids \(V_1\) and \(V_2\). Therefore the \(\mathcal {BB}\) already contains the values
(The procedure P rocS( \(T1,S_1,P_{k,j}\) ) and P rocS( \(T2,S_1,P_{k,j}\) ) publish the values).
The call to the procedure P rocSwap(T1,T2) demands
Knowing the values \( k_1,k_2,k_3~ \& ~k_4\) adversary would not able to resolve the secrets \(\hat{r}_{S_1B_1,(k,j)}\) and \(\hat{r}_{S_1B_2,(k,j)}\) without better than any random guess.
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Howlader, J., Roy, S.K., Mal, A.K. (2014). Practical Receipt-Free Sealed-Bid Auction in the Coercive Environment. In: Lee, HS., Han, DG. (eds) Information Security and Cryptology -- ICISC 2013. ICISC 2013. Lecture Notes in Computer Science(), vol 8565. Springer, Cham. https://doi.org/10.1007/978-3-319-12160-4_25
Download citation
DOI: https://doi.org/10.1007/978-3-319-12160-4_25
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-12159-8
Online ISBN: 978-3-319-12160-4
eBook Packages: Computer ScienceComputer Science (R0)