Asharov et al. (Eurocrypt 2011) recently considered this problem and showed impossibility of rational fair computation for a particular function and a particular set of utilities. We observe, however, that in their setting the parties have no incentive to compute the function even in an ideal world where fairness is guaranteed. Revisiting the problem, we show that rational fair computation is possible (for arbitrary functions and utilities) as long as the parties have a strict incentive to compute the function in the ideal world. This gives a new example where game theory can be used to circumvent impossibility results in cryptography.
Category / Keywords: cryptographic protocols / game theory, secure computation Date: received 22 Jul 2011 Contact author: jkatz at cs umd edu Available formats: PDF | BibTeX Citation Version: 20110728:025742 (All versions of this report) Discussion forum: Show discussion | Start new discussion