research-article

PASTRAMI: Privacy-preserving, Auditable, Scalable & Trustworthy Auctions for Multiple Items

Authors:

Alberto Sonnino,

Argyrios Tasiopoulos,

Ioannis Psaras,

Etienne RivièreAuthors Info & Claims

Middleware '20: Proceedings of the 21st International Middleware Conference

Pages 296 - 310

https://doi.org/10.1145/3423211.3425669

Published: 11 December 2020 Publication History

Abstract

Decentralised cloud computing platforms enable individuals to offer and rent resources in a peer-to-peer fashion. They must assign resources from multiple sellers to multiple buyers and derive prices that match the interests and capacities of both parties. The assignment process must be decentralised, fair and transparent, but also protect the privacy of buyers.

We present PASTRAMI, a decentralised platform enabling trustworthy assignments of items and prices between a large number of sellers and bidders, through the support of multi-item auctions. PASTRAMI uses threshold blind signatures and commitment schemes to provide strong privacy guarantees while making bidders accountable. It leverages the Ethereum blockchain for auditability, combining efficient off-chain computations with novel, on-chain proofs of misbehaviour. Our evaluation of PASTRAMI using Filecoin workloads show its ability to efficiently produce trustworthy assignments between thousands of buyers and sellers.

References

[1]

2018. iExec Whitepaper. https://iex.ec/whitepaper/iExec-WPv3.0-English.pdf.

[2]

2018. SONM: Decentralized Fog Computing Platform. https://sonm.com.

[3]

Marcin Andrychowicz, Stefan Dziembowski, Daniel Malinowski, and Lukasz Mazurek. 2014. Secure multiparty computations on bitcoin. In 2014 IEEE Symposium on Security and Privacy. IEEE, 443--458.

Digital Library

[4]

Juan Benet. 2014. Ipfs-content addressed, versioned, p2p file system. arXiv preprint arXiv:1407.3561 (2014).

[5]

Juan Benet, David Dalrymple, and Nicola Greco. 2018. Proof of replication. Technical Report. Technical report, Protocol Labs, July 27, 2017. https://filecoin. io/proof-of-replication. pdf. Accessed June.

[6]

George Bissias, A. Pinar Ozisik, Brian N. Levine, and Marc Liberatore. 2014. Sybil-Resistant Mixing for Bitcoin. In Workshop on Privacy in the Electronic Society (WPES '14). ACM, 149--158.

[7]

Erik-Oliver Blass and Florian Kerschbaum. 2018. Strain: A secure auction for blockchains. In European Symposium on Research in Computer Security. Springer, 87--110.

[8]

Peter Bogetoft, Dan Lund Christensen, Ivan Damgård, Martin Geisler, Thomas Jakobsen, Mikkel Krøigaard, Janus Dam Nielsen, Jesper Buus Nielsen, Kurt Nielsen, Jakob Pagter, et al. 2009. Secure multiparty computation goes live. In Intl. Conf. on Financial Cryptography and Data Security. Springer, 325--343.

Digital Library

[9]

Alexandra Boldyreva. 2003. Threshold signatures, multisignatures and blind signatures based on the gap-Diffie-Hellman-group signature scheme. In International Workshop on Public Key Cryptography. Springer, 31--46.

[10]

Dan Boneh, Craig Gentry, Ben Lynn, and Hovav Shacham. 2003. Aggregate and verifiably encrypted signatures from bilinear maps. In Eurocrypt, Vol. 2656. Springer, 416--432.

[11]

Dan Boneh, Ben Lynn, and Hovav Shacham. 2001. Short signatures from the Weil pairing. ASIACRYPT (2001), 514--532.

[12]

Joseph Bonneau, Arvind Narayanan, Andrew Miller, Jeremy Clark, Joshua A. Kroll, and Edward W. Felten. 2014. Mixcoin: Anonymity for Bitcoin with accountable mixes. In Financial Cryptography 2014.

[13]

Vitalik Buterin et al. 2013. Ethereum white paper.

[14]

Vitalik Buterin and Christian Reitwiessner. 2017. Ethereum Improvement Proposal 197. https://github.com/ethereum/EIPs/blob/master/EIPS/eip-197.md.

[15]

Miguel Castro, Barbara Liskov, et al. 1999. Practical Byzantine fault tolerance. In OSDI, Vol. 99. 173--186.

Digital Library

[16]

David Chaum. 1983. Blind signatures for untraceable payments. In Advances in cryptology. Springer, 199--203.

[17]

Guoxing Chen, Sanchuan Chen, Yuan Xiao, Yinqian Zhang, Zhiqiang Lin, and Ten H Lai. 2019. SgxPectre: Stealing Intel secrets from SGX enclaves via speculative execution. In 2019 IEEE European Symposium on Security and Privacy (EuroS&P). IEEE, 142--157.

[18]

Concourse Open Community. [n. d.]. ETH Gas Station. https://www.ethgasstation.info.

[19]

Victor Costan and Srinivas Devadas. 2016. Intel SGX Explained. IACR Cryptology ePrint Archive 2016, 086 (2016), 1--118.

[20]

Ethereum foundation. [n. d.]. A python interface for interacting with the Ethereum blockchain and ecosystem. https://github.com/ethereum/web3.py.

[21]

Ethereum foundation. [n.d.]. Remix. https://remix.ethereum.org.

[22]

Hisham S. Galal. [n.d.]. Auctioneer source code. https://github.com/HSG88/AuctionContract/tree/master/Auctioneer.

[23]

Hisham S Galal and Amr M Youssef. 2018. Succinctly Verifiable Sealed-Bid Auction Smart Contract. In Data Privacy Management, Cryptocurrencies and Blockchain Technology. Springer, 3--19.

[24]

Hisham S Galal and Amr M Youssef. 2018. Verifiable sealed-bid auction on the ethereum blockchain. In International Conference on Financial Cryptography and Data Security. Springer, 265--278.

[25]

Steven D Galbraith, Kenneth G Paterson, and Nigel P Smart. 2008. Pairings for cryptographers. Discrete Applied Math. 156, 16 (2008), 3113--3121.

Digital Library

[26]

Rosario Gennaro, Stanislaw Jarecki, Hugo Krawczyk, and Tal Rabin. 1999. Secure distributed key generation for discrete-log based cryptosystems. In Eurocrypt, Vol. 99. Springer, 295--310.

[27]

Michael Harkavy, J Doug Tygar, and Hiroaki Kikuchi. 1998. Electronic Auctions with Private Bids. In USENIX Workshop on Electronic Commerce.

[28]

Ethan Heilman, Leen Alshenibr, Foteini Baldimtsi, Alessandra Scafuro, and Sharon Goldberg. 2016. TumbleBit: An untrusted Bitcoincompatible anonymous payment hub. In NDSS 2017.

[29]

Harry Kalodner, Steven Goldfeder, Xiaoqi Chen, S Matthew Weinberg, and Edward W Felten. 2018. Arbitrum: Scalable, private smart contracts. In 27th {USENIX} Security Symposium ({USENIX} Security 18). 1353--1370.

[30]

Ghassan O Karame, Elli Androulaki, and Srdjan Capkun. 2012. Double-spending fast payments in bitcoin. In ACM conference on Computer and communications security. ACM, 906--917.

Digital Library

[31]

Aniket Kate, Yizhou Huang, and Ian Goldberg. 2012. Distributed Key Generation in the Wild. IACR Cryptology ePrint Archive 2012 (2012), 377.

[32]

Aniket Kate, Yizhou Huang, and Ian Goldberg. 2012. Distributed Key Generation in the Wild. Cryptology ePrint Archive, Report 2012/377. https://eprint.iacr.org/2012/377.

[33]

Ahmed Kosba, Andrew Miller, Elaine Shi, Zikai Wen, and Charalampos Papamanthou. 2016. Hawk: The blockchain model of cryptography and privacy-preserving smart contracts. In 2016 IEEE symposium on security and privacy (SP). IEEE, 839--858.

[34]

Michal Król, Alberto Sonnino, and Tasiopoulos Argyrios. 2020. Pastrami source code. https://github.com/harnen/FilecoinPricingMechanism.

[35]

Protocol Labs. 2018. FileCoin: A Decentralized Storage Network. Technical Report.

[36]

Storj Labs. 2018. Storj: A Decentralized Cloud Storage NetworkFramework. "https://storj.io/storj.pdf".

[37]

Erick Lavoie, Laurie J. Hendren, Frederic Desprez, and Miguel Correia. 2019. Pando: Personal Volunteer Computing in Browsers. In 20th ACM/IFIP International Conference on Middleware.

Digital Library

[38]

Daniel Lehmann, Rudolf Müller, and Tuomas Sandholm. 2006. The winner determination problem. Combinatorial auctions (2006), 297--318.

[39]

Gregory Maxwell. 2013. CoinJoin: Bitcoin privacy for the real world. https://bitcointalk.org/index.php?topic=279249.

[40]

Sarah Meiklejohn and Rebekah Mercer. 2018. Möbius: Trustless tumbling for transaction privacy. Proceedings on Privacy Enhancing Technologies 2018, 2 (2018), 105--121.

[41]

Debasis Mishra and David C Parkes. 2004. Multi-item Vickrey-Dutch auction for unit-demand preferences. Technical Report. Technical Report Harvard EconCS Technical Report, Harvard University.

[42]

Debasis Mishra and David C Parkes. 2009. Multi-item Vickrey-Dutch auctions. Games and Economic Behavior 66, 1 (2009), 326--347.

[43]

Roger B Myerson and Mark A Satterthwaite. 1983. Efficient mechanisms for bilateral trading. Journal of economic theory 29, 2 (1983), 265--281.

[44]

Satoshi Nakamoto. 2008. Bitcoin: A peer-to-peer electronic cash system. (2008).

[45]

Filecoin project. [n. d.]. Feature request: Clients can get estimates of miner storage. https://github.com/filecoin-project/go-filecoin/issues/2991.

[46]

Tim Ruffing, Pedro Moreno-Sanchez, and Aniket Kate. 2014. Coin-Shuffle: Practical Decentralized Coin Mixing for Bitcoin. In ESORICS (2) (Lecture Notes in Computer Science), Vol. 8713. Springer, 345--364.

[47]

Lloyd S Shapley and Martin Shubik. 1971. The assignment game I: The core. International Journal of game theory 1, 1 (1971), 111--130.

Digital Library

[48]

Alberto Sonnino, Mustafa Al-Bassam, Shehar Bano, and George Danezis. 2018. Coconut: Threshold Issuance Selective Disclosure Credentials with Applications to Distributed Ledgers. arXiv preprint arXiv:1802.07344 (2018).

[49]

Google Cloud Storage. [n. d.]. Pricing details by storage class. https://cloud.google.com/storage/pricing-summary/.

[50]

Jason Teutsch, Loi Luu, and Christian Reitwiessner. 2016. Truebit: A verification and storage solution for blockchains.

[51]

The Golem Project. 2016. Golem Whitepaper. https://golem.network/doc/Golemwhitepaper.pdf.

[52]

Luke Valenta and Brendan Rowan. 2015. Blindcoin: Blinded, Accountable Mixes for Bitcoin. In Financial Cryptography and Data Security, Michael Brenner, Nicolas Christin, Benjamin Johnson, and Kurt Rohloff (Eds.). 112--126.

[53]

Jo Van Bulck, Marina Minkin, Ofir Weisse, Daniel Genkin, Baris Kasikci, Frank Piessens, Mark Silberstein, Thomas F Wenisch, Yuval Yarom, and Raoul Strackx. 2018. Foreshadow: Extracting the keys to the intel SGX kingdom with transient out-of-order execution. In 27th USENIX Security Symposium.

[54]

William Vickrey. 1961. Counterspeculation, auctions, and competitive sealed tenders. The Journal of finance 16, 1 (1961), 8--37.

[55]

Wenhao Wang, Guoxing Chen, Xiaorui Pan, Yinqian Zhang, XiaoFeng Wang, Vincent Bindschaedler, Haixu Tang, and Carl A Gunter. 2017. Leaky cauldron on the dark land: Understanding memory side-channel hazards in SGX. In ACM SIGSAC Conference on Computer and Communications Security (CCS). ACM.

Digital Library

[56]

Rui Yuan, Yu-Bin Xia, Hai-Bo Chen, Bin-Yu Zang, and Jan Xie. 2018. ShadowEth: Private Smart Contract on Public Blockchain. Journal of Computer Science and Technology 33, 3 (2018), 542--556.

Cited By

CHIN KEMURA KSATO SOMOTE K(2024)A Sealed-Bid Auction with Fund Binding: Preventing Maximum Bidding Price LeakageIEICE Transactions on Information and Systems10.1587/transinf.2023DAP0002E107.D:5(615-624)Online publication date: 1-May-2024
https://doi.org/10.1587/transinf.2023DAP0002
Sariboz ETourani RVishwanathan RMisra SQuek TGao DZhou JCardenas A(2024)PEPPER: Privacy-prEserving, auditable, and fair Payment based resource discovery at the PERvasive edgeProceedings of the 19th ACM Asia Conference on Computer and Communications Security10.1145/3634737.3637679(1447-1462)Online publication date: 1-Jul-2024
https://dl.acm.org/doi/10.1145/3634737.3637679
Henry THatin JBesnard ELaga NGaaloul W(2024)Towards trustworthy and privacy-preserving decentralized auctionsJournal of Banking and Financial Technology10.1007/s42786-024-00051-08:1(45-63)Online publication date: 31-Aug-2024
https://doi.org/10.1007/s42786-024-00051-0
Show More Cited By

Index Terms

PASTRAMI: Privacy-preserving, Auditable, Scalable & Trustworthy Auctions for Multiple Items
1. Security and privacy
  1. Systems security
    1. Distributed systems security
    2. Operating systems security
      1. Trusted computing

Recommendations

Development and evaluation of a secure, privacy preserving combinatorial auction
AISC '11: Proceedings of the Ninth Australasian Information Security Conference - Volume 116

The use of electronic auctions as a means of trading goods has increased year after year. eBay has gone from half a million registered users in 1998 to 88 million today. Businesses have also shown interest in using auctions. However, the traditional ...
The Design and Implementation of a Secure Auction Service

We present the design and implementation of a distributed service for performing sealed-bid auctions. This service provides an interface by which clients, or "bidders," can issue secret bids to the service for an advertised auction. Once the bidding ...
Privacy-Respecting Auctions as Incentive Mechanisms in Mobile Crowd Sensing
Information Security Theory and Practice
Abstract
In many mobile crowdsensing scenarios it is desirable to give micro-payments to contributors as an incentive for their participation. However, to further encourage participants to use the system, one important requirement is protection of user ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

Middleware '20: Proceedings of the 21st International Middleware Conference

December 2020

455 pages

ISBN:9781450381536

DOI:10.1145/3423211

Copyright © 2020 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 11 December 2020

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Badges

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Funding Sources

Engineering and Physical Sciences Research Council
Facebook Calibra
Fonds De La Recherche Scientifique - FNRS

Conference

Middleware '20

Sponsor:

ACM

Middleware '20: 21st International Middleware Conference

December 7 - 11, 2020

Delft, Netherlands

Acceptance Rates

Overall Acceptance Rate 203 of 948 submissions, 21%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

11
Total Citations
View Citations
172
Total Downloads

Downloads (Last 12 months)18
Downloads (Last 6 weeks)1

Reflects downloads up to 06 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

CHIN KEMURA KSATO SOMOTE K(2024)A Sealed-Bid Auction with Fund Binding: Preventing Maximum Bidding Price LeakageIEICE Transactions on Information and Systems10.1587/transinf.2023DAP0002E107.D:5(615-624)Online publication date: 1-May-2024
https://doi.org/10.1587/transinf.2023DAP0002
Sariboz ETourani RVishwanathan RMisra SQuek TGao DZhou JCardenas A(2024)PEPPER: Privacy-prEserving, auditable, and fair Payment based resource discovery at the PERvasive edgeProceedings of the 19th ACM Asia Conference on Computer and Communications Security10.1145/3634737.3637679(1447-1462)Online publication date: 1-Jul-2024
https://dl.acm.org/doi/10.1145/3634737.3637679
Henry THatin JBesnard ELaga NGaaloul W(2024)Towards trustworthy and privacy-preserving decentralized auctionsJournal of Banking and Financial Technology10.1007/s42786-024-00051-08:1(45-63)Online publication date: 31-Aug-2024
https://doi.org/10.1007/s42786-024-00051-0
Zhang HYeo MEstrada-Galiñanes VFord B(2024)ZeroAuction: Zero-Deposit Sealed-Bid Auction via Delayed ExecutionFinancial Cryptography and Data Security. FC 2024 International Workshops10.1007/978-3-031-69231-4_12(170-188)Online publication date: 30-Nov-2024
https://doi.org/10.1007/978-3-031-69231-4_12
Tyagi NArun AFreitag CWahby RBonneau JMazières DMeng WJensen CCremers CKirda E(2023)Riggs: Decentralized Sealed-Bid AuctionsProceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security10.1145/3576915.3623182(1227-1241)Online publication date: 15-Nov-2023
https://dl.acm.org/doi/10.1145/3576915.3623182
Shi Zde Laat CGrosso PZhao Z(2023)Integration of Blockchain and Auction Models: A Survey, Some Applications, and ChallengesIEEE Communications Surveys & Tutorials10.1109/COMST.2022.322240325:1(497-537)Online publication date: Sep-2024
https://doi.org/10.1109/COMST.2022.3222403
Chin KEmura KOmote KSato S(2022)A Sealed-bid Auction with Fund Binding: Preventing Maximum Bidding Price Leakage2022 IEEE International Conference on Blockchain (Blockchain)10.1109/Blockchain55522.2022.00062(398-405)Online publication date: Aug-2022
https://doi.org/10.1109/Blockchain55522.2022.00062
Tran VLenssens BKassab ALaks ARivière ERosinosky GSadre R(2022)Machine‐as‐a‐Service: Blockchain‐based management and maintenance of industrial appliancesEngineering Reports10.1002/eng2.125675:7Online publication date: 29-Aug-2022
https://doi.org/10.1002/eng2.12567
Keizer NAscigil OPsaras IPavlou G(2021)FLOCK: Fast, Lightweight, and Scalable Allocation for Decentralized Services on Blockchain2021 IEEE International Conference on Blockchain and Cryptocurrency (ICBC)10.1109/ICBC51069.2021.9461079(1-9)Online publication date: 3-May-2021
https://doi.org/10.1109/ICBC51069.2021.9461079
Bodin UDhanrajani SAbdalla ADiani MKlenk FColledani MPalm ESchelén O(2021)Demand-supply matching through auctioning for the circular economyProcedia Manufacturing10.1016/j.promfg.2021.07.01354(82-87)Online publication date: 2021
https://doi.org/10.1016/j.promfg.2021.07.013
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten