Marcin Andrychowicz, Stefan Dziembowski, Daniel Malinowski, Lukasz Mazurek
{"title":"比特币的安全多方计算","authors":"Marcin Andrychowicz, Stefan Dziembowski, Daniel Malinowski, Lukasz Mazurek","doi":"10.1145/2896386","DOIUrl":null,"url":null,"abstract":"Bit coin is a decentralized digital currency, introduced in 2008, that has recently gained noticeable popularity. Its main features are: (a) it lacks a central authority that controls the transactions, (b) the list of transactions is publicly available, and (c) its syntax allows more advanced transactions than simply transferring the money. The goal of this paper is to show how these properties of Bit coin can be used in the area of secure multiparty computation protocols (MPCs). Firstly, we show that the Bit coin system provides an attractive way to construct a version of \"timed commitments\", where the committer has to reveal his secret within a certain time frame, or to pay a fine. This, in turn, can be used to obtain fairness in some multiparty protocols. Secondly, we introduce a concept of multiparty protocols that work \"directly on Bit coin\". Recall that the standard definition of the MPCs guarantees only that the protocol \"emulates the trusted third party\". Hence ensuring that the inputs are correct, and the outcome is respected is beyond the scope of the definition. Our observation is that the Bit coin system can be used to go beyond the standard \"emulation-based\" definition, by constructing protocols that link their inputs and the outputs with the real Bit coin transactions. As an instantiation of this idea we construct protocols for secure multiparty lotteries using the Bit coin currency, without relying on a trusted authority (one of these protocols uses the Bit coin-based timed commitments mentioned above). Our protocols guarantee fairness for the honest parties no matter how the loser behaves. For example: if one party interrupts the protocol then her money is transferred to the honest participants. Our protocols are practical (to demonstrate it we performed their transactions in the actual Bit coin system), and can be used in real life as a replacement for the online gambling sites. We think that this paradigm can have also other applications. We discuss some of them.","PeriodicalId":196038,"journal":{"name":"2014 IEEE Symposium on Security and Privacy","volume":"50 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-05-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"423","resultStr":"{\"title\":\"Secure Multiparty Computations on Bitcoin\",\"authors\":\"Marcin Andrychowicz, Stefan Dziembowski, Daniel Malinowski, Lukasz Mazurek\",\"doi\":\"10.1145/2896386\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Bit coin is a decentralized digital currency, introduced in 2008, that has recently gained noticeable popularity. Its main features are: (a) it lacks a central authority that controls the transactions, (b) the list of transactions is publicly available, and (c) its syntax allows more advanced transactions than simply transferring the money. The goal of this paper is to show how these properties of Bit coin can be used in the area of secure multiparty computation protocols (MPCs). Firstly, we show that the Bit coin system provides an attractive way to construct a version of \\\"timed commitments\\\", where the committer has to reveal his secret within a certain time frame, or to pay a fine. This, in turn, can be used to obtain fairness in some multiparty protocols. Secondly, we introduce a concept of multiparty protocols that work \\\"directly on Bit coin\\\". Recall that the standard definition of the MPCs guarantees only that the protocol \\\"emulates the trusted third party\\\". Hence ensuring that the inputs are correct, and the outcome is respected is beyond the scope of the definition. Our observation is that the Bit coin system can be used to go beyond the standard \\\"emulation-based\\\" definition, by constructing protocols that link their inputs and the outputs with the real Bit coin transactions. As an instantiation of this idea we construct protocols for secure multiparty lotteries using the Bit coin currency, without relying on a trusted authority (one of these protocols uses the Bit coin-based timed commitments mentioned above). Our protocols guarantee fairness for the honest parties no matter how the loser behaves. For example: if one party interrupts the protocol then her money is transferred to the honest participants. Our protocols are practical (to demonstrate it we performed their transactions in the actual Bit coin system), and can be used in real life as a replacement for the online gambling sites. We think that this paradigm can have also other applications. We discuss some of them.\",\"PeriodicalId\":196038,\"journal\":{\"name\":\"2014 IEEE Symposium on Security and Privacy\",\"volume\":\"50 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2014-05-18\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"423\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2014 IEEE Symposium on Security and Privacy\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/2896386\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2014 IEEE Symposium on Security and Privacy","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2896386","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Bit coin is a decentralized digital currency, introduced in 2008, that has recently gained noticeable popularity. Its main features are: (a) it lacks a central authority that controls the transactions, (b) the list of transactions is publicly available, and (c) its syntax allows more advanced transactions than simply transferring the money. The goal of this paper is to show how these properties of Bit coin can be used in the area of secure multiparty computation protocols (MPCs). Firstly, we show that the Bit coin system provides an attractive way to construct a version of "timed commitments", where the committer has to reveal his secret within a certain time frame, or to pay a fine. This, in turn, can be used to obtain fairness in some multiparty protocols. Secondly, we introduce a concept of multiparty protocols that work "directly on Bit coin". Recall that the standard definition of the MPCs guarantees only that the protocol "emulates the trusted third party". Hence ensuring that the inputs are correct, and the outcome is respected is beyond the scope of the definition. Our observation is that the Bit coin system can be used to go beyond the standard "emulation-based" definition, by constructing protocols that link their inputs and the outputs with the real Bit coin transactions. As an instantiation of this idea we construct protocols for secure multiparty lotteries using the Bit coin currency, without relying on a trusted authority (one of these protocols uses the Bit coin-based timed commitments mentioned above). Our protocols guarantee fairness for the honest parties no matter how the loser behaves. For example: if one party interrupts the protocol then her money is transferred to the honest participants. Our protocols are practical (to demonstrate it we performed their transactions in the actual Bit coin system), and can be used in real life as a replacement for the online gambling sites. We think that this paradigm can have also other applications. We discuss some of them.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
