For privacy-preserving solutions involving many servers, assuming that they do not collude with each other makes some secrecy problems solvable and reduces overheads and computational hardness assumptions in others. While the non-collusion assumption is pervasive among secure distributed systems, it remains highly susceptible to covert, undetectable collusion among computing parties. This work stems from an observation that if the number of available computing parties is much higher than the number of parties required to perform a secure computation, collusion attempts could be deterred. We focus on the standard distributed protocol of multi-server private information retrieval (PIR) that inherently assumes that servers do not collude. For PIR application scenarios, such as those for blockchain light clients, where the available servers can be plentiful, a single server's deviating action is not tremendously beneficial to itself. We can make deviations undesired via small amounts of rewards and penalties, thus {\em raising the bar} for collusion significantly. For any given multi-server 1-private PIR (i.e., the base PIR system is constructed assuming no pairwise collusion), we design and implement a collusion mitigation mechanism considering Byzantine and rational deviations. We first define a two-stage sequential game that captures how rational servers interact with each other during collusion, then determine the payment rules such that the game realizes the unique sequential equilibrium: a non-collusion outcome. We also offer privacy protection for an extended period after the query executions and guarantee user compensation in case of a reported privacy breach.
翻译:对于涉及许多服务器的隐私保护解决方案,假设它们彼此不相互串通,就会造成某些保密问题可以解决,并减少间接费用和计算硬性假设。虽然在安全的分布式系统中,非黑化假设很普遍,但仍然极易在计算方之间隐蔽、无法察觉的串通。这项工作源于这样一种观察,即如果现有计算方的数目大大高于进行安全计算所需当事方的数目,那么串通尝试就可能受到阻遏。我们注重多服务器私人信息检索的标准分发协议,而这种协议本身就假定服务器不会串通。对于用户信息应用方案,例如对链式光客户的假设,即现有服务器可以宽敞,单一服务器的解密行动对自身并无极大好处。我们可以通过少量的奖赏和惩罚使偏差不可取,从而大大提升了串通。对于任何指定的多服务器私营信息检索系统(即基础 PIR系统是假定服务器不会串通的。 对于用户应用程序应用程序应用情景,例如对链式灯客户的假设,在其中,现有服务器可以是宽敞的,但单一服务器的互通性操作性行动并没有极大好处。 我们设计了一个在随后的游戏的游戏规则中,我们定义了一种合理的互通性互通性互换。