Asharov et al. (Eurocrypt 2011) showed impossibility of rational fair computation in the two-party setting, for a particular function and a particular choice of utilities. We observe, however, that in their setting the parties have no strict incentive to compute the function even in an ideal world where fairness is guaranteed. Revisiting the problem, we show that rational fair computation is possible, for arbitrary functions, as long as the parties have a strict incentive to compute the function in an ideal world where fairness is guaranteed. Our results extend to more general utility functions that do not directly correspond to fairness, as well as to the multi-party setting. Our work thus shows a new setting in which game-theoretic considerations can be used to circumvent a cryptographic impossibility result.
Category / Keywords: cryptographic protocols / game theory, secure computation Original Publication (with major differences): Eurocrypt 2012 Date: received 22 Jul 2011, last revised 14 Apr 2015 Contact author: jkatz at cs umd edu Available format(s): PDF | BibTeX Citation Note: This is the full version, and contains additional results not present in the conference version. Version: 20150414:165132 (All versions of this report) Short URL: ia.cr/2011/396 Discussion forum: Show discussion | Start new discussion