A secure protocol for electronic, sealed-bid, single item auctions is presented. The protocol caters to both first and second price (Vickrey) auctions and provides full price flexibility. Both computational and communication cost are linear with the number of bidders and utilize only standard cryptographic primitives. The protocol strictly divides knowledge of the bidder's identity and their actual bids between, respectively, a registration authority and an auctioneer, who are assumed not to collude but may be separately corrupt. This assures strong bidder-anonymity, though only weak bid privacy. The protocol is structured in two phases, each involving only off-line communication. Registration, requiring the use of the public key infrastructure, is simultaneous with hash-sealed bid-commitment and generates a receipt to the bidder containing a pseudonym. This phase is followed by encrypted bid-submission. Both phases involve the registration authority acting as a communication conduit but the actual message size is quite small. It is argued that this structure guarantees non-repudiation by both the winner and the auctioneer. Second price correctness is enforced either by observing the absence of registration of the claimed second-price bid or, where registered but lower than the actual second price, is subject to cooperation by the second price bidder- presumably motivated through self-interest. The use of the registration authority in other contexts is also considered with a view to developing an architecture for efficient secure multiparty transactions.
|Title of host publication||Proceedings - The Second International Conference on Availability, Reliability and Security, ARES 2007|
|Place of Publication||Los Alamitos, CA|
|Publisher||Institute of Electrical and Electronics Engineers (IEEE)|
|Number of pages||5|
|ISBN (Print)||0769527752, 9780769527758|
|Publication status||Published - 2007|
|Event||2nd International Conference on Availability, Reliability and Security, ARES 2007 - Vienna, Australia|
Duration: 10 Apr 2007 → 13 Apr 2007
|Other||2nd International Conference on Availability, Reliability and Security, ARES 2007|
|Period||10/04/07 → 13/04/07|
Bibliographical noteCopyright 2007 IEEE. Reprinted from ARES 2007 : the Second International Conference on Availability, Reliability and Security : 10-13 April, 2007, Vienna, Austria. This material is posted here with permission of the IEEE. Such permission of the IEEE does not in any way imply IEEE endorsement of any of Macquarie Universityâ€™s products or services. Internal or personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution must be obtained from the IEEE by writing to firstname.lastname@example.org. By choosing to view this document, you agree to all provisions of the copyright laws protecting it.
- Multiparty security