|
The goal of a cryptographic protocol is to provide some form of
insurance, that is, protection
against cheaters - even cheaters who collude as a group -
from disrupting the privacy and correctness of an interaction.
The literature offers many parameters and notions for such
protection. Such protection, however, usually relies an assumption
that a fraction of the participants in an interaction follow the
protocol honestly without regard to whether doing so aligns with
participants' interests. In this sense, the price of security is
individual rationality.
The goal of rational cryptography is to find ways to dismiss the idea
that such security must have
a price. In other words, the goal is to find protocols that
simultaneously insure honest players, to the best extent possible,
against damage from coalitions of cheating ones, and
reward players by making sure that at every step, it is the
participant's best interest to follow the protocol honestly.
Defining such notions and achieving them require ideas from the
cryptographic notion of secure function evaluation and the game
theoretic notion of equilibrium.
|
