For distributed protocols involving many servers, assuming that they do not collude with each other makes some secrecy problems solvable and reduces overheads and computational hardness assumptions in others. While the non-collusion assumption is pervasive among privacy-preserving systems, it remains highly susceptible to covert, undetectable collusion among computing parties. This work stems from an observation that if the number of available computing parties is much higher than the number of parties required to perform a secure computation, collusion attempts could be deterred. We focus on the standard problem of multi-server private information retrieval (PIR) that inherently assumes that servers do not collude. For PIR application scenarios, such as those for blockchain light clients, where the available servers are plentiful, a single server's deviating action is not tremendously beneficial to itself. We can make deviations undesired through small amounts of rewards and penalties, thus {\em raising the bar} for collusion significantly. For any given multi-server 1-private PIR (i.e., the base PIR scheme is constructed assuming no pairwise collusion), we provide a collusion mitigation mechanism. We first define a two-stage sequential game that captures how rational servers interact with each other during collusion, then determine the payment rules such that the game realizes the unique sequential equilibrium: a non-collusion outcome. We also offer privacy protection for an extended period after the query executions, and guarantee user compensation in case of a reported privacy breach. Overall, we conjecture that the incentive structure for collusion mitigation to be functional towards relaxing the strong non-collusion assumptions across a variety of multi-party computation tasks.
翻译:对于涉及许多服务器的分布式协议,假设它们不相互串通,就会造成一些保密问题,可以解决,并减少间接费用和计算硬性假设。虽然非通融假设在隐私保护系统中很普遍,但对于计算方而言,它仍然极易受到隐蔽和无法察觉的串通。这项工作源于这样一种观察,即如果可用的计算方数目大大高于进行安全计算所需的当事方数目,串通尝试就可能受到阻遏。我们侧重于多服务器保密性私人信息检索(PIR)的标准问题,它本身就假定服务器不会串通。对于PIR应用方案,例如对链式光客机的假设,即现有服务器非常灵活,但单个服务器的扭曲行动对自身并无极大好处。我们可以通过少量的奖赏和惩罚使偏差变得不可取,从而大大提升连通性。对于任何多服务器的保密性降低多功能的私人信息检索(PIR)标准问题(即基础PIR计划是假定服务器不会相互串通的),因此,我们为每个客户链路路客户设定了一个不相串通性交易的假设,我们如何在每次连续交易规则之间实现相互连通性互通性互通性互换后,从而实现整个交易的排序规则。