Implementing e-Auctions with Sharemind

Md. Sadek Ferdous12th November 2008

Implementing e-Auctions with Sharemind

November 12, 2008

Au

ctio

n e

-Au

ctio

n P

rop

osed

Solu

tion

C

on

clu

sio

ns

Types of AuctionPossible exploitations in Auction

Advantages of e-AuctionAuction stepsSecurity considerationsDesign Issues

SharemindProposed solutionDesign issues in the solutionSuggestion

Conclusions

Overview

Implementing e-Auctions with Sharemind

November 12, 2008

Au

ctio

n e

-Au

ctio

n P

rop

osed

Solu

tion

C

on

clu

sio

ns

• Mention of auction in as early as 500 B.C

• One of the main forms of selling, buying and exchanging goods

• Objective is the efficient trading of commodities

Auction

Implementing e-Auctions with Sharemind

November 12, 2008

Au

ctio

n e

-Au

ctio

n P

rop

osed

Solu

tion

C

on

clu

sio

ns

• Open cry auction --English and Dutch auction• Sealed bid auction --Sealed bid first price auction and Vickrey

auction• Multi item auction --Discriminative auction, Non-discriminative --Combinatorial and Walrasian Auction• All pay auction• Buyout auction --Permanent & Temporary• No reserve (NR) auction• Reserve auction• Reverse auction• Round robin auction

Types of auctions

Implementing e-Auctions with Sharemind

November 12, 2008

Au

ctio

n e

-Au

ctio

n P

rop

osed

Solu

tion

C

on

clu

sio

ns

• Bid shielding• Collusion• Bid schilling• Bid sniping• Bid siphoning• Mispresented or non-existent item

Exploitations in auctions

Implementing e-Auctions with Sharemind

November 12, 2008

Au

ctio

n e

-Au

ctio

n P

rop

osed

Solu

tion

C

on

clu

sio

ns

• Shorthand for Electronic auction• One of the major sources of

revenue for e-Commerce• eBay with yearly revenue of 7.67

Billion USD is the main actor to popularize the term e-Auction

e-Auction

Implementing e-Auctions with Sharemind

November 12, 2008

Au

ctio

n e

-Au

ctio

n P

rop

osed

Solu

tion

C

on

clu

sio

ns

• No time constraint

• No geographical constraint

• Potentially large number of sellers and buyers

Advantages

Implementing e-Auctions with Sharemind

November 12, 2008

Au

ctio

n e

-Au

ctio

n P

rop

osed

Solu

tion

C

on

clu

sio

ns

• Mode of payment

• Fraudulancy

• Posting

• Dependable & Security

• Guarding against problems of traditional auctions

Challenges

Implementing e-Auctions with Sharemind

November 12, 2008

Au

ctio

n e

-Au

ctio

n P

rop

osed

Solu

tion

C

on

clu

sio

ns

• Initialization

• Registration

• Bidding

• Winner determination

Auction steps

Implementing e-Auctions with Sharemind

November 12, 2008

Au

ctio

n e

-Au

ctio

n P

rop

osed

Solu

tion

C

on

clu

sio

ns • Unforgeability

• Non-repudiation

• Anonymity

• Public verfiability

• Robustness

• Efficiency

• Fairness

Security considerations

Implementing e-Auctions with Sharemind

November 12, 2008

Au

ctio

n e

-Au

ctio

n P

rop

osed

Solu

tion

C

on

clu

sio

ns

• Trust issues

• Anonymity issues

• Bid authentication issue

Design Issues

Implementing e-Auctions with Sharemind

November 12, 2008

Au

ctio

n e

-Au

ctio

n P

rop

osed

Solu

tion

C

on

clu

sio

ns

Sharemind

•A framework for secure computation based on secret sharing.•In secret sharing, a secret value is divided among several values known as shares•Origianal secret can be reconstructed only if all the shares are known.

•In Sharemind, there are miner nodes and controller node.•Controller divides the secret into share and sends them to the miners, miners perform operations on those shared values.•Currently add or multiply two shared values, multiply a shared value by a constant, extract bits from shared value, determine if the two shared values are equal and if not, which one is greater.

Implementing e-Auctions with Sharemind

November 12, 2008

Au

ctio

n e

-Au

ctio

n P

rop

osed

Solu

tion

C

on

clu

sio

ns

Sharemind with Group Signature SchemeAuction type: Sealed bid

Proposed solution

Implementing e-Auctions with Sharemind

November 12, 2008

Au

ctio

n e

-Au

ctio

n P

rop

osed

Solu

tion

C

on

clu

sio

ns

• Auctioneer• Bidder• Registrar• Miners• Controller

List of parties

Implementing e-Auctions with Sharemind

November 12, 2008

Au

ctio

n e

-Au

ctio

n P

rop

osed

Solu

tion

C

on

clu

sio

ns

• Auctioneer sets up an auction and advertises it to the public.

• Registrar sets up the group certificate.

Auction Steps

Initialization:

Implementing e-Auctions with Sharemind

November 12, 2008

Au

ctio

n e

-Au

ctio

n P

rop

osed

Solu

tion

C

on

clu

sio

ns

Auction Steps

Registration•Bidder creates a pair of public and private key.•Sends a message to the auctioneer.•Auctioneer provides a token.

•Bidder sends this token and his public key to the registrar.•Registrar issues a group certificate and identifier for him.

Implementing e-Auctions with Sharemind

November 12, 2008

Au

ctio

n e

-Au

ctio

n P

rop

osed

Solu

tion

C

on

clu

sio

ns

Auction Steps

Bidding•Bid is sent to the controller.•Controller signs them using private key, and then divides into three share, signs them again using group certificate and sends them to the miners.

•The signature with private key adds veriability & group signature adds anonymity.

•Miners verify the bid using group public key and stores them in their local databases.

•When bid ends, the miners determine the highest bid & send that bid and the signature to the auctioneer.

Implementing e-Auctions with Sharemind

November 12, 2008

Au

ctio

n e

-Au

ctio

n P

rop

osed

Solu

tion

C

on

clu

sio

ns

Auction Steps

Winner determination•The auctioneer publishes thewinning bid.•The winning bidder contactswith his identifier and signature

•The auctioneer contacts theregistrar to get back the publickey and the token associatedwith that id and receives them.•The auctioneer comapres thetwo signatures, if it matches,the winner’s id is published.

•If more than one winner found,a second phase of auction maytake place.

Implementing e-Auctions with Sharemind

November 12, 2008

Au

ctio

n e

-Au

ctio

n P

rop

osed

Solu

tion

C

on

clu

sio

ns

• Trust issues• Anonymity issue• Bid authentication issue

Design issues of the architecture

Implementing e-Auctions with Sharemind

November 12, 2008

Au

ctio

n e

-Au

ctio

n P

rop

osed

Solu

tion

C

on

clu

sio

ns

• Multiple controllers• Simultanenous

connections• Hybrid database

Enhancements of Sharemind

Implementing e-Auctions with Sharemind

November 12, 2008

Au

ctio

n e

-Au

ctio

n P

rop

osed

Solu

tion

C

on

clu

sio

ns

This talk has:• described various types of auction and

different exploitation methods in auction,• provided an overview on advantages,

security considerations and design issues in e-Auction,

• presented a novel approach on how to integrate Sharemind for e-Auction using group signature scheme, and

• suggested a few enhancements based on the proposal.

Conclusions

Implementing e-Auctions with Sharemind

November 12, 2008

Au

ctio

n e

-Au

ctio

n P

rop

osed

Solu

tion

C

on

clu

sio

ns

Thank you.Questions or comments?