Cryptology ePrint Archive: Report 2013/499
Limits on the Power of Cryptographic Cheap Talk
Pavel Hubacek and Jesper Buus Nielsen and Alon Rosen
Abstract: We revisit the question of whether cryptographic protocols can replace correlated equilibria mediators in two-player strategic games. This problem was first addressed by Dodis, Halevi and Rabin (CRYPTO 2000), who suggested replacing the mediator with a secure protocol and proved that their solution is stable in the Nash equilibrium (NE) sense, provided that the players are computationally bounded.
We show that there exist two-player games for which no cryptographic protocol can implement the mediator in a sequentially rational way; that is, without introducing empty threats. This explains why all solutions so far were either sequentially unstable, or were restricted to a limited class of correlated equilibria (specifically, those that do not dominate any NE, and hence playing them does not offer a clear advantage over playing any NE).
In the context of computational NE, we classify necessary and sufficient cryptographic assumptions for implementing a mediator that allows to achieve a given utility profile of a correlated equilibrium. The picture that emerges is somewhat different than the one arising in semi-honest secure two-party computation. Specifically, while in the latter case every functionality is either “complete" (i.e., implies Oblivious Transfer) or “trivial" (i.e., can be securely computed unconditionally), in the former there exist some “intermediate" utility profiles whose implementation is equivalent to the existence of one-way functions.
Category / Keywords: foundations / correlated equilibrium, cheap talk, secure two-party computation, sequential rationality, oblivious transfer, one-way functions
Original Publication (with major differences): IACR-CRYPTO-2013
Date: received 14 Aug 2013
Contact author: hubacek at cs au dk
Available format(s): PDF | BibTeX Citation
Note: This is the full version of the paper in CRYPTO 2013.
Version: 20130815:072716 (All versions of this report)
Short URL: ia.cr/2013/499
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]