Cryptology ePrint Archive: Report 2020/1249

Adversarial Level Agreements for Two-Party Protocols

Marilyn George and Seny Kamara

Abstract: Adversaries in cryptography have traditionally been modeled as either semi-honest or malicious. Over the years, however, several lines of work have investigated the design of cryptographic protocols against rational adversaries. The most well-known example are covert adversaries in secure computation (Aumann & Lindell, TCC '07) which are adversaries that wish to deviate from the protocol but without being detected. To protect against such adversaries, protocols secure in the covert model guarantee that deviations are detected with probability at least $\varepsilon$ which is known as the deterrence factor.

In this work, we initiate the study of contracts in cryptographic protocol design. We show how to design, use and analyze contracts between parties for the purpose of incentivizing honest behavior from rational adversaries. We refer to such contracts as adversarial level agreements (ALA). The framework we propose can result in more efficient protocols and can enforce deterrence in covert protocols; meaning that one can guarantee that a given deterrence factor will deter the adversary instead of assuming it.

We show how to apply our framework to two-party protocols, including secure two-party computation (2PC) and proofs of storage (PoS). In the 2PC case, we integrate ALAs to publicly-verifiable covert protocols and show, through a game-theoretic analysis, how to set the parameters of the ALA to guarantee honest behavior. We do the same in the setting of PoS which are two-party protocols that allow a client to efficiently verify the integrity of a file stored in the cloud.

Category / Keywords: cryptographic protocols / Adversarial Level Agreements, 2PC, Covert Security, Game Theory, Rational Cryptography, Proofs of Storage

Date: received 8 Oct 2020

Contact author: marilyn_george at brown edu

Available format(s): PDF | BibTeX Citation

Version: 20201009:113830 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]