In this work we put forth a comparative approach to fairness. We present new intuitive notions that when presented with two arbitrary protocols, provide the means to answer the question “Which of the protocols is fairer?” The basic idea is that we can use an appropriate utility function to express the preferences of an adversary who wants to break fairness. Thus, we can compare protocols with respect to how fair they are, placing them in a partial order according to this relative-fairness relation.
After formulating such utility-based fairness notions, we turn to the question of finding optimal protocols---i.e., maximal elements in the above partial order. We investigate---and answer---this question for secure function evaluation, both in the two-party and multi-party settings.
To our knowledge, the only other fairness notion providing some sort of comparative state- ment is that of 1/p-security (aka “partial fairness”) by Gordon and Katz [Eurocrypt’10]. We also show in this paper that for a special class of utilities our notion strictly implies 1/p-security. In addition, we fix a shortcoming of the definition which is exposed by our comparison, thus strengthening that result.Category / Keywords: cryptographic protocols / Cryptographic protocols, secure multi-party computation, fairness, rational protocol design. Date: received 2 Mar 2015 Contact author: vzikas at inf ethz ch Available format(s): PDF | BibTeX Citation Version: 20150304:163702 (All versions of this report) Short URL: ia.cr/2015/187 Discussion forum: Show discussion | Start new discussion