Blockchain-based Rational Secure Two-party Computation

Secure multi-party computation(MPC)enables a group to jointly perform a computation without disclosing any participant's private inputs.The standard secure multi-party computation considers the security under the semi-honest adversary or malicious adversary model.In 2007,Aumann and Lindell proposed a covert adversary model,which allows the adversarial behavior to succeed with a small probability and learn additional information,but fail with a high probability and be caught by honest parties.We found that in covert adversary model,the adversarial behavior is found without follow-up punitive measures,and it cannot have a substantial impact on the adversary.In addition,the covert adversary model and the standard model,do not consider fairness,which ensure adversary can learn the output only if honest parties have learned the output.Secure two-party computation research on the joint computation of two participants,which is a special case of secure multi-party computation.We propose a novel MPC model,named Blockchain-based Rational Secure Two-party Computation(BRSTC).BRSTC considers that parties have digital currency accounts on the blockchain.Before the computation,all parties submit a digital currency deposit,and the blockchain allocates all deposits based on the participant's behavior.BRSTC model has these properties: 1.Security with possible penalty: If adversary cheats,adversary will be punished by with a certain probability ?;2.Fairness with penalty: If adversary abort after learning the result to prevent the honest party from learning the output,adversary must be punished;3.Output confidentiality: After the computation,the honest parties' output must not have any information leaked to the blockchain.Then,we have designed a two-party computation protocol in BRSTC model.On the basis of the publicly verifiable garbled circuit protocol,the judgment method is placed in the smart contract,and the smart contract imposes digital currency penalties on the detected cheating behavior.In addition,in order to ensure fairness,smart contracts impose digital currency penalties on the behavior of not publishing intermediate data or publishing incorrect intermediate data.Finally,through two rounds of garbled circuit protocols,we ensure that the intermediate data published on the blockchain will not leak the participant's output.BRSTC realizes the security and fairness of two-party computation against rational adversaries.