薛 銳,彭長(zhǎng)根,田有亮

1.中國(guó)科學(xué)院 信息工程研究所 信息安全國(guó)家重點(diǎn)實(shí)驗(yàn)室,北京 100093

2.貴州大學(xué) 公共大數(shù)據(jù)國(guó)家重點(diǎn)實(shí)驗(yàn)室,貴陽(yáng) 550025

3.貴州大學(xué) 計(jì)算機(jī)科學(xué)與技術(shù)學(xué)院,貴陽(yáng) 550025

理性密碼協(xié)議是密碼學(xué)與博弈論交叉研究的新興方向,它擴(kuò)展了密碼協(xié)議和博弈理論的研究領(lǐng)域,已成為當(dāng)前密碼領(lǐng)域的研究熱點(diǎn).在基于密碼學(xué)的安全通信中,無(wú)論參與者是誠(chéng)實(shí)的還是惡意的,當(dāng)他們達(dá)到某種通信目的時(shí)都將付出一定代價(jià).而往往參與者會(huì)從最大化自身利益的角度出發(fā)選擇自己的行動(dòng)策略,密碼協(xié)議的這種理性參與者正好與博弈論中的理性局中人相符.密碼協(xié)議是使用密碼學(xué)完成某項(xiàng)特定的任務(wù)并滿足安全需求的協(xié)議,它偏重于協(xié)議的設(shè)計(jì)與實(shí)現(xiàn),注重協(xié)議的安全性和效率等方面;博弈理論側(cè)重于博弈策略及規(guī)則設(shè)計(jì),博弈中的各參與者更關(guān)心他們的最終收益問(wèn)題.因此,理性密碼協(xié)議從參與者的自利的角度出發(fā),為密碼協(xié)議的設(shè)計(jì)提供了新思路,尤其在當(dāng)前云計(jì)算、大數(shù)據(jù)背景下更是如此.

然而,在密碼協(xié)議研究方面,傳統(tǒng)信息安全中多數(shù)都是假設(shè)參與者是誠(chéng)實(shí)的或者惡意的,但實(shí)際中參與者往往是理性且自私的,在此眾多學(xué)者主要集中對(duì)理性秘密共享、理性安全多方計(jì)算、理性交換協(xié)議、理性認(rèn)證協(xié)議、理性門(mén)限簽名和理性委托計(jì)算等的研究.在信息安全攻防博弈研究方面,信息安全攻防策略的分析也是博弈論的重要應(yīng)用,主要也包括對(duì)入侵檢測(cè)系統(tǒng)、信息戰(zhàn)、容忍入侵系統(tǒng)等的研究.此外,研究者利用博弈論與密碼協(xié)議研究區(qū)塊鏈中激勵(lì)層的機(jī)制設(shè)計(jì)問(wèn)題,以提高區(qū)塊鏈的效率和實(shí)用性,并利用博弈論的思想,為云計(jì)算中的委托方設(shè)計(jì)了抵抗合謀的智能合約.在博弈論框架下應(yīng)用效用函數(shù)保證外包計(jì)算中計(jì)算結(jié)果的完整性,減少外包計(jì)算對(duì)計(jì)算結(jié)果的驗(yàn)證過(guò)程,提高外包計(jì)算的效率.通過(guò)對(duì)密碼協(xié)議中參與者的策略進(jìn)行分析與設(shè)計(jì),構(gòu)建電路計(jì)算概率模型,以保證通信網(wǎng)絡(luò)的安全.雖然對(duì)理性密碼協(xié)議的研究已取得若干研究成果,但理性密碼協(xié)議的發(fā)展仍然處于起步階段,存在一些重要問(wèn)題有待進(jìn)一步研究.

本次專刊共收集四篇質(zhì)量較高的論文,反映了我國(guó)學(xué)者近期對(duì)理性密碼協(xié)議的主要研究方向,希望對(duì)國(guó)內(nèi)理性密碼協(xié)議的研究者有所啟示.

第一篇題為《博弈論與密碼協(xié)議研究進(jìn)展》,針對(duì)博弈論在密碼協(xié)議研究中的應(yīng)用進(jìn)行了闡釋,分別介紹了完全信息靜態(tài)博弈、完全信息動(dòng)態(tài)博弈、不完全信息靜態(tài)博弈、不完全信息動(dòng)態(tài)博弈、隨機(jī)博弈、演化博弈在信息安全研究中的應(yīng)用.對(duì)密碼協(xié)議等信息安全問(wèn)題中的攻防對(duì)抗、防御策略選取、定量安全投資、防御者相互依賴、社會(huì)最優(yōu)達(dá)成等問(wèn)題的博弈論建模方法做了簡(jiǎn)要介紹,展示了行動(dòng)次序、不完全信息、系統(tǒng)狀態(tài)、有限理性等因素在博弈分析中的影響.

第二篇題為《博弈論在區(qū)塊鏈中的應(yīng)用研究》,針對(duì)博弈論、安全多方計(jì)算和比特幣(區(qū)塊鏈1.0)三者之間交叉的研究領(lǐng)域進(jìn)行了分析,其中包括理性安全多方計(jì)算,基于比特幣的安全多方計(jì)算以及基于博弈論的比特幣協(xié)議.將智能合約(區(qū)塊鏈2.0)應(yīng)用在可驗(yàn)證云計(jì)算中,使用博弈論為云計(jì)算中的委托人設(shè)計(jì)智能合約,該智能合約可以有效地防止云服務(wù)器合謀.在犯罪智能合約中引入隨機(jī)參數(shù),構(gòu)造了Random-PublicLeaks,通過(guò)驗(yàn)證智能合約有效性,發(fā)現(xiàn)隨機(jī)性的引入降低了犯罪智能合約的成功概率.

第三篇題為《理性外包計(jì)算的博弈論機(jī)制》,在博弈論框架下,基于納什均衡設(shè)計(jì)外包計(jì)算結(jié)果完整性策略規(guī)則.首先分析了外包計(jì)算中用戶和服務(wù)器的偏好,提出了外包計(jì)算擴(kuò)展式博弈模型,在該模型下定義了一個(gè)新的支付矩陣和效用函數(shù).其次,根據(jù)博弈論的納什均衡給出了理性外包計(jì)算模型的形式化定義.最后,通過(guò)實(shí)驗(yàn)仿真分析理性外包計(jì)算模型中的線性函數(shù)的選取條件,確保參與者達(dá)到納什均衡時(shí)用戶不要驗(yàn)證外包計(jì)算結(jié)果,也可以確保服務(wù)器誠(chéng)實(shí)計(jì)算是它的最優(yōu)策略.最為重要的是,該模型能最大限度地減少用戶的外包支付費(fèi)用.

第四篇題為《基于電路計(jì)算的理性安全多方求和協(xié)議》,結(jié)合博弈論和密碼算法,提出了一種基于電路計(jì)算的理性安全多方求和協(xié)議.首先對(duì)參與者在求和過(guò)程中的策略進(jìn)行了分析和設(shè)計(jì),構(gòu)建了電路計(jì)算的概率效用模型.然后利用偏向0的投幣協(xié)議對(duì)計(jì)算結(jié)果進(jìn)行了隱藏.最后參與者通過(guò)逐步釋放的方法揭示最后的結(jié)果.所設(shè)計(jì)的協(xié)議可以消除成員合謀的動(dòng)機(jī),保證了每個(gè)成員在標(biāo)準(zhǔn)點(diǎn)對(duì)點(diǎn)通信網(wǎng)絡(luò)下能夠公平地獲得求和結(jié)果.

Rational cryptographic protocol is a new research direction of cryptology and game theory.It expands the research field of cryptographic protocol and game theory,and has become a research hotspot in the field of cryptography.In secure communication based on cryptography,whether the participants are honest or malicious,they will take a cost when they achieve the purpose of communication.The rational participants in cryptographic protocols are just like the rational players in game theory.Cryptographic protocol is a protocol that uses cryptography to accomplish a specific task and satisfies the security requirements.It focuses on the design and implementation of the protocol,security,and efficiency of the protocol.Game theory focuses on game strategy and rules design,and the players in the game are more concerned about their final payoffs.Therefore,rational cryptographic protocols provide a new idea for the design of cryptographic protocols from the perspective of benefits of participants,especially in the context of cloud computing and big data.

In 2006,Anderson and Moore published“The economics of information security”inScience,which discussed the problems of information security from the perspective of economics.In the field of cryptography,many scholars research this issue.Especially since 2010,many important conferences in the field of computer,such as STOC,FOCS,CRYPTO,EUROCRYPT,ASIACRYPT,TCC,etc.,have paid attention to the international research progress of rational cryptographic protocols for many years.Two aspects are focused on mainly.One is the use of cryptographic protocols to solve some problems in game theory,such as the use of secure multi-party computing protocol to achieve the natural personin game theory.The other one is the game mechanism applied to cryptography,such as introducing rational participants into cryptographic protocols,using game equilibrium theory to construct cryptographic protocols satisfying different equilibrium results.There are many game methods that are applied to network attack and defense,security routing protocol,etc.In recent years,researchers in China have also paid greatly attention to this area,including the Chinese Academy of Sciences,the State Key Laboratory of Information Security,Xidian University,Shanghai Jiao Tong University,Shandong University,Beijing Jiaotong University,Central University of Finance and Economics,Beijing University of Technology,Fujian Normal University,Yunnan University,Henan Normal University,Guizhou University,etc.The authors of the above affiliations completed a lot of meaningful work in this respect.

However,in the research of cryptographic protocols,most of the traditional information security assume that the participants are honest or malicious,but in reality the participants are usually rational and selfish.Many scholars focus on the research of rational secret sharing,rational secure multiparty computation,rational exchange protocol,rational authentication protocol,rational threshold signature,rational delegating computation,etc.In the research of information security attack and defense game,the analysis of information security attack and defense strategy is the application of game theory,including intrusion detection system,information warfare,intrusion tolerance system,etc.In addition,the researchers use game theory and cryptographic protocol to study the mechanism design ofincentive layer in block chain,to improve the efficiency and practicability of block chain,and uses the thought of game theory to design smart contracts to resist collusion for the client in cloud computing.Under the frame of game theory,the utility function is applied to ensure the completeness of calculation results in outsourcing calculation,reduce the verification process of outsourcing calculation,and improve the efficiency of outsourcing calculation.Through the analysis and design of participants’strategies in cryptographic protocols,the circuit calculation probability model is constructed to ensure the security of communication networks.Although some research results have been obtained on rational cryptographic protocols,the development of rational cryptographic protocols is still in its infancy,and some important problems need to be further studied.

This special column has collected four high-quality papers,which reflect the main research directions of rational cryptographic protocols recently.Hoping to enlighten the researchers who research rational cryptographic protocols in China.

The first paper is“Progress in Research on Game Theory and Cryptographic Protocols”,which explains the application of game theory in the research of cryptographic protocols,and respectively introduces the application of complete information static game,complete information dynamic game,incomplete information static game,incomplete information dynamic game,random game,and evolutionary game in the research of information security.It briefly introduces the game theory modeling methods of attack and defense confrontation,defensive strategy selection,quantitative security investment,the defensors’mutual dependence,and social optimal achievement in information security issues such as cryptographic protocols,and demonstrates the influences of action order,incomplete information,system state,and bounded rationality on game analysis.

The second paper is“Applications of Game Theory in Blockchain”,which analyzes the crossresearch fields of game theory,secure multi-party computing,and Bitcoin(blockchain 1.0),including rational secure multiparty computing,secure multi-party computing based on Bitcoin and the Bitcoin protocol based on game theory.Applying smart contracts(blockchain 2.0)to verifiable cloud computing,using game theory to design smart contract for client in cloud computing,this smart contract can effectively prevent cloud server from collusion.Random parameters are introduced into in the criminal smart contract and Random-PublicLeaks are constructed.By verifying the validity of the smartcontract,it is found that the introduction of randomness reduces the success probability of criminal smart contracts.

The third paper is“Game-theoretic Mechanism for Rational Outsourcing Computation”.Under the frame of game theory,we design the strategy rule of integrity of outsourcing computing results based on Nash equilibrium.Firstly analyzed is the preference of the users and the servers in outsourcing computing,and an extended game model of outsourcing computing is proposed.Under this model it defines a new payoffmatrix and the utility function.Secondly,according to the Nash equilibrium of game theory,the formal definition of rational outsourcing computing model is given.Finally,the conditions of selecting the linear function in the rational outsourcing computing model are analyzed by experimental simulation to ensure that the users do not verify the outsourcing computing results when the participants reach the Nash equilibrium.It also ensures that the server’s honest calculation is its optimal strategy.Most importantly,this model can minimize the user’s outsourcing fee.

The fourth paper is entitled“Rational Secure Multiparty Sum Protocol Based on Circuit Computing”.Combining game theory and cryptographic algorithm,a rational secure multiparty sum protocol is proposed based on circuit computing.Firstly,the strategies of the participants in the summation process are analyzed and designed,and the probability utility model of circuit calculation is constructed.Then the result is hidden by using the coin-operated protocol which is biased towards 0.Finally,the participants reveal the final result by the method of gradual release.The designed protocol can eliminate the motivation of members’collusion and ensure that each member can obtain the sum result fairly in the standard point-to-point communication network.