Should silence be heard? Fair rational secret sharing with silent and non-silent players

Abstract

Parties in a rational secret sharing protocol may use mobile devices which are severely resource-constrained. Therefore, it may be in the interest of such parties to try to obtain the secret while spending as little as possible on communication and computation. This preference is different from a traditional rational player and is similar to freeriding. We call such players ‘silent’. The traditional rational player is represented as a ‘non-silent’ player and we modify its preference to incorporate the fact that 1) it is indifferent between incurring a cost and not incurring a cost when everybody is able to reconstruct the secret and 2) it prefers that nobody obtains the secret over some players obtaining the secret free-of-cost while others incur a cost in reconstructing the secret. We thus introduce a mixed-utility model consisting of the utility of obtaining the secret and the cost of computation in order to obtain the secret. We propose new rational secret reconstruction protocols in the simultaneous channel model for both online and offline dealer scenario, that satisfy a new notion of fairness which we call cost-aware complete fairness, in the presence of both silent and non-silent players. Our protocol with the offline dealer makes use of a simplified version of the Boneh-Gentry-Waters [21] broadcast encryption scheme. Both types of parties find it to be in (Bayesian) computational Nash Equilibrium to follow our protocols and the protocols are ([~|] — 1) resilient for non-silent players. © Springer International Publishing Switzerland 2014.