理性信息交换密码协议若干模型及应用研究
|
摘要
理性信息交换密码协议结合了密码算法和博弈理论,针对经典秘密共享和安全多方计算协议不能预防参与者欺诈的问题进行了改进,为弥补经典密码学的缺陷提供了新的解决思路,是密码学领域的研究热点。目前对理性信息交换密码协议的研究方兴未艾,尚存在一些问题急需解决,诸如:在消除参与者欺诈动机的同时,分发者不能离线或需要诚实者参与的问题;成员合谋的问题;标准点对点通信网络的需求性问题;计算结果的不公平性问题;缺乏严格的安全性证明等问题。
针对上述问题,本文对理性信息交换密码协议的模型及应用进行了研究。首先研究了参与者遵守和背离协议的策略、效用和动机,然后对预防欺诈模型、预防合谋模型、标准点对点通信模型、理性的电路计算模型进行了构建,最后将所建立的模型和方法应用于具体的秘密共享和安全多方计算协议中,所设计的协议,可以预防成员欺诈和合谋,成员能在对点通信网络下,公平地得到计算结果,并且协议的安全性都经过了分析和证明。
本文的研究成果和创新点如下:
(1)提出了预防成员欺诈的策略和概率效用设计方法,构建了可预防参与者欺诈的博弈模型。对欺诈者进行了效用惩罚,使得参与者在执行协议时,没有欺骗的动机,达到了事先预防参与者欺诈的目的,解决了分发者无法离线的问题,弥补了固定有限轮博弈模型的缺陷。在设计的博弈模型中,也无需有诚实者或可信者参与的硬性条件。
(2)提出了可计算防合谋均衡的设计方法,构建了预防参与者合谋的博弈模型。分析了成员合谋行为及防范对策,使得参与者所采取的策略满足可计算防合谋均衡,合谋成员不清楚当前轮是真秘密所在轮,还是检验参与者诚实度的测试轮,参与者采取合谋策略的期望收益没有遵守算法的收益大,因此,理性的参与者没有动机合谋偏离策略。从而解决了参与者合谋问题。
(3)针对标准点对点通信网络提出了理性信息交换密码协议的博弈模型,模型摆脱了广播通信的束缚,不会出现单点崩溃,并且维护容易、具有良好的鲁棒性及较佳的并发处理能力,同时也达到了模拟广播通信的效果,解决了广播通信网络下所设计的理性密码协议不能在互联网络中实现的问题,从而更加符合实际。
(4)提出了电路计算模型和博弈论相融合的方法,构建了理性的电路计算模型。该模型可以在没有大多数诚实者参与前提下,使得参与者根据自己的利益得失,有动机发送正确数据。遵守电路计算的每一步都是其利益驱动的,最终达到计算公平性的目的。从而解决了传统的电路计算模型计算不公平的问题。
(5)将以上研究所建立的模型应用于秘密共享协议和安全多方计算协议中,以验证模型的正确性:首先,在标准点对点通信网络下,设计了一种可证明安全的理性多秘密共享协议,解决了理性单秘密共享协议效率低下问题,消除了参与者合谋动机,摆脱了广播通信的束缚;然后,设计了一种理性百万富翁协议,解决了传统百万富翁协议都建立在半诚实模型下的缺陷;最后,基于电路计算设计了一种理性安全多方求和协议,解决了参与者合谋问题,达到了计算公平的目的。
Rational information exchange cryptographic protocols, combined cryptographyand game theory, were developed to address the problems that classical secret sharingand secure multiparty computation protocols can not take precautions against cheating.These protocols provide a new ideal for solving the defect of classical cryptography,and have become a research focus of cryptography. At present the research aboutrational information exchange cryptographic protocols is in the ascendant, and someproblems need to be resolved urgently as follows: the demand of the on-line dealer orhonest parties, the threatening of the participants’ conspiracy, the demand of thestandard point-to-point communication networks, the unfairness of the calculations,and the lack of strict proof of security, etc.
To address the above problems, we study the models of rational informationexchange cryptographic protocols and applications in this dissertation. First andforemost, the game strategies, utilities, and motivations that participants deviate fromor abide by the protocol are analyzed. Besides, the fraud prevention model, thecoalition-proof model, the standard point-to-point communication model, and therational circuit computation model are designed. Last but not least, the models andmethods are applied to specific secret sharing protocols and secure multipartycomputation protocols. These protocols can prevent cheating and collusion of parties,and every party can learn the result of the computation fairly in point-to-pointcommunication networks. Furthermore, the security of these protocols has beenanalyzed and proved.
Specifically, the contributions and innovations of this dissertation are as follows.
(1) Design methods of strategies and probabilistic payoffs for preventingparticipants’ fraud are proposed, and the game model of fraud prevention is developed.In this model, cheaters will be punished, and every participant has no incentive tocheat, so that the purpose of preventing cheating is achieved. Moreover, the problemof the on-line dealer is addressed. Without the participation of the trusted party orhonest parties, this model, also makes up the defect of the fixed finite round gamemodel that is sensitive to reverse induction.
(2) Design methods of computational coalition-proof Nash equilibrium areproposed, and the game model of coalition-proof is developed. The coalition behaviorof participants and the countermeasures have been analyzed. The strategies of participants satisfy the computational coalition-proof Nash equilibrium, and themembers of coalition do not know whether the current round is a real round or a fakeround to test participants’ honesty. The payoff of abiding by the protocol is more thanthe expected payoff of conspiring to deviate from the protocol. As a result, rationalparticipants have no incentive to deviate from the protocol. Therefore, the problem ofcollusion is resolved.
(3) The game models of rational information exchange cryptographic protocolsare proposed in the standard point-to-point communication networks. With betterrobustness and concurrent processing capability, the models not only get rid of theshackles of broadcast communication but also simulate the effect of the broadcastcommunication. In addition, the models are easy to be implemented, and do notcollapse to a single point. Thus, the problem that the game models in the broadcastnetworks can not be implemented on the Internet is addressed, which makes theporposed models more practical and realistic.
(4) One integrated approach of circuit evaluation model and game theory isproposed,and the rational circuit calculation model is designed. In the model, thepremise that a majority of participants are honest does not need to be concerned, andthe participants have an incentive to send the correct data according to their ownpayoffs. Complying with every step of the circuit evaluation is to maximize theirbenefits. Therefore, the issue of the unfairness in traditional circuit evaluation modelis solved.
(5) The correctness of the models is investigated by applying these models to thesecret sharing and secure multiparty computation protocols. Firstly, a provably secureprotocol for rational multi-secret sharing in the standard point-to-pointcommunication networks is proposed, which is coalition-proof and avoids theinefficiency of the rational single secret sharing protocol. In addition, the defect of thesimultaneous broadcast communication mode has been successfully addressed. Then,a rational protocol to millionaire problem is proposed, and the problem that traditionalmillionaire protocols are designed in the semi-honest model has been resolved. Finally,based on circuit evaluation, a rational secure sum protocol is proposed, the problem ofcoalition is addressed and the purpose of fairness is achieved.
针对上述问题,本文对理性信息交换密码协议的模型及应用进行了研究。首先研究了参与者遵守和背离协议的策略、效用和动机,然后对预防欺诈模型、预防合谋模型、标准点对点通信模型、理性的电路计算模型进行了构建,最后将所建立的模型和方法应用于具体的秘密共享和安全多方计算协议中,所设计的协议,可以预防成员欺诈和合谋,成员能在对点通信网络下,公平地得到计算结果,并且协议的安全性都经过了分析和证明。
本文的研究成果和创新点如下:
(1)提出了预防成员欺诈的策略和概率效用设计方法,构建了可预防参与者欺诈的博弈模型。对欺诈者进行了效用惩罚,使得参与者在执行协议时,没有欺骗的动机,达到了事先预防参与者欺诈的目的,解决了分发者无法离线的问题,弥补了固定有限轮博弈模型的缺陷。在设计的博弈模型中,也无需有诚实者或可信者参与的硬性条件。
(2)提出了可计算防合谋均衡的设计方法,构建了预防参与者合谋的博弈模型。分析了成员合谋行为及防范对策,使得参与者所采取的策略满足可计算防合谋均衡,合谋成员不清楚当前轮是真秘密所在轮,还是检验参与者诚实度的测试轮,参与者采取合谋策略的期望收益没有遵守算法的收益大,因此,理性的参与者没有动机合谋偏离策略。从而解决了参与者合谋问题。
(3)针对标准点对点通信网络提出了理性信息交换密码协议的博弈模型,模型摆脱了广播通信的束缚,不会出现单点崩溃,并且维护容易、具有良好的鲁棒性及较佳的并发处理能力,同时也达到了模拟广播通信的效果,解决了广播通信网络下所设计的理性密码协议不能在互联网络中实现的问题,从而更加符合实际。
(4)提出了电路计算模型和博弈论相融合的方法,构建了理性的电路计算模型。该模型可以在没有大多数诚实者参与前提下,使得参与者根据自己的利益得失,有动机发送正确数据。遵守电路计算的每一步都是其利益驱动的,最终达到计算公平性的目的。从而解决了传统的电路计算模型计算不公平的问题。
(5)将以上研究所建立的模型应用于秘密共享协议和安全多方计算协议中,以验证模型的正确性:首先,在标准点对点通信网络下,设计了一种可证明安全的理性多秘密共享协议,解决了理性单秘密共享协议效率低下问题,消除了参与者合谋动机,摆脱了广播通信的束缚;然后,设计了一种理性百万富翁协议,解决了传统百万富翁协议都建立在半诚实模型下的缺陷;最后,基于电路计算设计了一种理性安全多方求和协议,解决了参与者合谋问题,达到了计算公平的目的。
Rational information exchange cryptographic protocols, combined cryptographyand game theory, were developed to address the problems that classical secret sharingand secure multiparty computation protocols can not take precautions against cheating.These protocols provide a new ideal for solving the defect of classical cryptography,and have become a research focus of cryptography. At present the research aboutrational information exchange cryptographic protocols is in the ascendant, and someproblems need to be resolved urgently as follows: the demand of the on-line dealer orhonest parties, the threatening of the participants’ conspiracy, the demand of thestandard point-to-point communication networks, the unfairness of the calculations,and the lack of strict proof of security, etc.
To address the above problems, we study the models of rational informationexchange cryptographic protocols and applications in this dissertation. First andforemost, the game strategies, utilities, and motivations that participants deviate fromor abide by the protocol are analyzed. Besides, the fraud prevention model, thecoalition-proof model, the standard point-to-point communication model, and therational circuit computation model are designed. Last but not least, the models andmethods are applied to specific secret sharing protocols and secure multipartycomputation protocols. These protocols can prevent cheating and collusion of parties,and every party can learn the result of the computation fairly in point-to-pointcommunication networks. Furthermore, the security of these protocols has beenanalyzed and proved.
Specifically, the contributions and innovations of this dissertation are as follows.
(1) Design methods of strategies and probabilistic payoffs for preventingparticipants’ fraud are proposed, and the game model of fraud prevention is developed.In this model, cheaters will be punished, and every participant has no incentive tocheat, so that the purpose of preventing cheating is achieved. Moreover, the problemof the on-line dealer is addressed. Without the participation of the trusted party orhonest parties, this model, also makes up the defect of the fixed finite round gamemodel that is sensitive to reverse induction.
(2) Design methods of computational coalition-proof Nash equilibrium areproposed, and the game model of coalition-proof is developed. The coalition behaviorof participants and the countermeasures have been analyzed. The strategies of participants satisfy the computational coalition-proof Nash equilibrium, and themembers of coalition do not know whether the current round is a real round or a fakeround to test participants’ honesty. The payoff of abiding by the protocol is more thanthe expected payoff of conspiring to deviate from the protocol. As a result, rationalparticipants have no incentive to deviate from the protocol. Therefore, the problem ofcollusion is resolved.
(3) The game models of rational information exchange cryptographic protocolsare proposed in the standard point-to-point communication networks. With betterrobustness and concurrent processing capability, the models not only get rid of theshackles of broadcast communication but also simulate the effect of the broadcastcommunication. In addition, the models are easy to be implemented, and do notcollapse to a single point. Thus, the problem that the game models in the broadcastnetworks can not be implemented on the Internet is addressed, which makes theporposed models more practical and realistic.
(4) One integrated approach of circuit evaluation model and game theory isproposed,and the rational circuit calculation model is designed. In the model, thepremise that a majority of participants are honest does not need to be concerned, andthe participants have an incentive to send the correct data according to their ownpayoffs. Complying with every step of the circuit evaluation is to maximize theirbenefits. Therefore, the issue of the unfairness in traditional circuit evaluation modelis solved.
(5) The correctness of the models is investigated by applying these models to thesecret sharing and secure multiparty computation protocols. Firstly, a provably secureprotocol for rational multi-secret sharing in the standard point-to-pointcommunication networks is proposed, which is coalition-proof and avoids theinefficiency of the rational single secret sharing protocol. In addition, the defect of thesimultaneous broadcast communication mode has been successfully addressed. Then,a rational protocol to millionaire problem is proposed, and the problem that traditionalmillionaire protocols are designed in the semi-honest model has been resolved. Finally,based on circuit evaluation, a rational secure sum protocol is proposed, the problem ofcoalition is addressed and the purpose of fairness is achieved.
引文
[1] Shamir A. How to share a secret. Communications of the ACM,1979,22(1):612-613
[2] Blakeley G R. Safeguarding cryptographic keys. Proceedings of the National ComputerConference, New York: AFIPS Press,1979:313-317
[3] Chor B, Goldwasser S, Micali S. Verifiable Secret Sharing and Achieving Simultaneity inthe Presence of Faults. Proceedings of the26th Annual Symposium on Foundations ofComputer Science, Washington, DC: IEEE Computer Society,1985:383-395
[4] Feldman P. A practical scheme for non-interactive verifiable secret sharing. Proceedings ofthe28th IEEE Symp. On Foundations of Comp, Science(FOCS’87), Los Angeles: IEEEComputer Society,1987:427-437
[5] Pedersen T P. Distributed provers with applications to undeniable signatures. Proceedingsof Eurocrypt’91, Lecture Notes in Computer Science, LNCS, Springer-Verlag547,1991:221-238
[6] Rabin T, Ben-Or M. Verifiable secret sharing and multi-party protocols with honestmajority, Proc. ACM STOC,1989:73-85
[7] Lin H Y, Harn L., Fair Reconstruction of a Secret. Information Processing Letters,1995,55(1):45-47
[8] Blundo C, De Santis A, Stinson D R. Vaccaro U. Graph Decomposition and Secret SharingSchemes. Journal of Cryptology,1995,8(1):39-64
[9] Sun H M. New construction of perfect secret sharing schemes for graph-based prohibitedstructures. Computers and Electrical Engineering,1999,25(4):267-278
[10]刘木兰,肖亮亮,张志芳.一类基于图上随机游动的密钥共享体制.中国科学E辑:信息科学,2007,37(2):199-208
[11] Naor M, Shamir A. Visual cryptography. In EUROCRYPT1994, LNCS950, Berlin:Springer,1994, pp.1-12
[12] Hou Y C, Quan Z Y Tsai C F, Tseng A Y. Block-based progressive visual secret sharing.Information Sciences,2013,233(1):290-304
[13] Wu X T, Sun W. Improving the visual quality of random grid-based visual secret sharing.Signal Processing,2013,93(5):988-955
[14]张志芳.密钥共享与安全多方计算.中国科学院数学与系统科学研究院博士论文,2007:2-26
[15]许静芳.秘密共享中理想的存取结构及秘密共享实施方案的研究.华中科技大学博士论文,2004:10-28
[16]庞辽军,王育民.基于RSA密码体制(t, n)门限秘密共享方案.通信学报,2005,26(6):70-73
[17]裴庆祺,马建峰,庞辽军,张红斌.基于身份自证实的秘密共享方案.计算机学报,2010,33(1):152-156
[18] Blundo C, Santis A D, Grescenzo G D, Gaggia A G, Vaccaro U. Multi-secret sharingschemes. In Advances in Cryptology-CRYPTO’94, LNCS, Springer-Verlag839,1994:150-163
[19] Blundo C, Santis A D, and Vaccaro U. Efficient sharing of many secrets In Proceedings of10th Symp. On Theoretical Aspects of Computer Science-STACS’93, LNCS,Springer-Verlag665,1993:692-703
[20] Chien H Y, Jan J K, Tseng Y M. A practical (t,n) multi-secret sharing scheme. IEICETransactions on Fundamentals,2000, E83-A (12):2762-2765
[21] Yang C C, Chang T Y, Hwang Min-Shiang. A (t, n) multi-secret sharing scheme. AppliedMathematics and Computation,2004,151(2):483-490
[22] Pang L J. Wang Y M. A new (t, n) multi-secret sharing scheme based on Shamir’s secretsharing. Applied Mathematics and Computation,2005,167(2):840-848
[23]庞辽军,裴庆祺,焦李成,王育民.基于ID的门限多重秘密共享方案.软件学报,2008,19(10):2739-2745
[24] Halpern J, Teague V. Rational Secret Sharing and Multiparty Computation. Proceedings ofthe36th Annual ACM Symposium on Theory of Computing(STOC), New York: ACMPress,2004:623-632
[25] Wang Yilei, Wang Hao, Xu Qiuliang. Rational secret sharing with semi–rational players.International Journal of Grid and Utility Computing,2012,3(1):59-87
[26] Tian Youliang, Ma Jianfeng, Peng Changgen. et.al. One-time rational secret sharingscheme based on bayesian game. Wuhan University Journal of Natural Sciences,2011,16(5):430-434
[27] Cai Yongquan, Peng Xiaoyu. Rational Secret Sharing Protocol with Fairness. ChineseJournal of Electronics.2012,21(1):149-152
[28]张恩,蔡永泉.基于双线性对的可验证的理性秘密共享方案.电子学报.2012,40(5):1050-1054
[29] Gordon S D, Katz J. Rational Secret Sharing, Revisited[C]. Proc. of the5th Security andCryptography for Networks(SCN),2006:229-241
[30] Abraham I, Dolev D, Gonen R, Halpern J. Distributed computing meets game theory:robust mechanisms for rational secret sharing and multiparty computation. Proc.25th ACMSymp. Principles of Distributed Computing(PODC),2006:53-62
[31] Maleka S, Amjed S, Rangan C P. Rational Secret Sharing with Repeated Games. In4thInformation Security Practice and Experience Conference, LNCS, Springer-Verlag4991,2008:334-346
[32] Maleka S, Amjed S, Rangan C P. The Deterministic Protocol for Rational Secret Sharing.In22th IEEE International Parallel and Distributed Processing Symposium, Miami, FL:IEEE Computer Society,2008:1-7
[33] Cai Yongquan, Luo Zhanhai, Yang Yi. Rational Multi-Secret Sharing Scheme Based OnBit Commitment Protocol. Journal of Networks,2012,7(4):738-745
[34] Zhang Z F, Liu M L. Rational secret sharing as extensive games. Scientia SinicaInformationis,2012,42(1):32-46
[35] Zhang E, Cai Y Q. A New Rational Secret Sharing. China Communications,2010,7(4):18-22
[36] Isshiki T, Wada K, Tanaka K. A Rational Secret-Sharing Scheme Based on RSA-OAEP.IEICE Transactions on Fundamentals,2010, E93-A(1):42-49
[37] Kol G, Naor M. Cryptography and Game Theory: Designing Protocols for ExchangingInformation. In the Proceedings of the5th Theory of Cryptography Conference (TCC).Springer-Verlag,2008:320-339
[38] Kol G, Naor M. Games for exchanging information. Proceedings of the40th Annual ACMSymposium on Theory of Computing(STOC), New York: ACM Press,2008:423-432
[39] Micali S, Shelat A. Purely Rational Secret Sharing. In6th Theory of CryptographyConference, LNCS, Springer-Verlag5444,2009:54-71
[40] One S J, Parkes D, Rosen A, Vadhan S. Fairness with an honest minority and a rationalmajority. Proc.6th Theory of Cryptography Conference (TCC),(LNCS,5444),2009:36-53
[41] Fuchsbauer G, Katz J, Naccache D. Eficient Rational Secret Sharing in the StandardCommunication Networks. Proc.7th Theory of Cryptography Conference (TCC),2010(LNCS,5978), pp.419-436
[42] Asharov G, Lindell Y. Utility Dependence in Correct and Fair Rational Secret Sharing.Journal of Cryptology,2011,24(1):157-202
[43] William K. MOses Jr, and C. Pandu Rangan. Rational Secret Sharing over anAsynchronous Broadcast Channel with Information Theoretic Security. InternationalJournal of Network Security&Its Applications (IJNSA),2011,3(6):1-18
[44] William K. MOses Jr, and C. Pandu Rangan. secret sharing with honest players over anasynchronous channel. Advances in Network Security and Applications-Communicationsin Computer and Information Science,2011,196(1):414-426
[45] Yao A. Protocols for secure computations. Proc23th IEEE Symposium on Foundationsof Computer Science(FOCS’82), IEEE Computer Society.1982:160-164
[46] Yao A. How to generate and exchange secrets. Proc27th IEEE Symposium onFoundations of Computer Science(FOCS’86), IEEE Computer Society,1986:162-167
[47] Goldreich O, Micali S, Wigderson A. How to play any mental game. Proc of the19thAnnual ACM Symposium on Theory of Computing, New York: ACM Press,1987:218-229
[48] Goldreich O. Foundations of cryptography–Volume2, Basic Applications. Cambridge:Cambridge University Press,2004:599-759
[49] Goldwasser S. Multi-party computations: past and present. Proc of the16th Annual ACMSymposium on Principles of Distributed Computing, New York: ACM Press,1997:1-6
[50] Chaum D, Crepeau C, Damgard I. Multiparty unconditionally secure protocols. Inproceedings of the twentieth annual ACM symposium on theory of computing, New York:ACM,1988:11-19
[51] Beaver D. Foundations of secure interactive computing. In CRYPTO’91, Springer-Verlag,1991:377-391
[52] Hirt M, Maurer U, Przydatek B. Efficient secure multi-party computation. In Advances incryptology-ASIACRYPT2000. Lecture Notes in Computer Science, Springer-Verlag,2000:143-161
[53] Hirt M, Maurer U. Robustness for Free in Unconditional Multi-party Computation. InProceedings of CRYPTO’01,2001:101-118
[54] Franklin M K, Yung M. Communication Complexity of Secure Computation (extendedabstract). In Proceedings of24th ACM symposium on the Theory of Computing (STOC),1992:699-710
[55] Asokan N, Shoup V, Waidner M. Asynchronous Protocols for Optimistic Fair Exchange. InProceedings of IEEE Symposium on Research in Security and Privacy,1998:86-99
[56] Blum M. How to Exchange (Secret) Keys. ACM Transactions on Computer Systems,1983,1(2):175-193
[57] Asokan N, Shoup V, Waidner M. Optimistic Fair Exchange of Digital Signatures. InProceedings of the Workshop on the Theory and Application of Cryptographic Techniques,Eurocrypt’98, Helsinki, Finland,1998:591-606
[58] Li M J, Juan J S, Tsai J H. Practical electronic auction scheme with stong anonymity andbidding privacy. Information sciences,2011,181(12):2576-2586
[59] Imamura Y, Matsumoto T, Imai H. Electronic Anonymous Bidding Scheme. TheSymposium on Cryptography and Information Security, IEEE, Australia,1994:152-156
[60] Xiong H, Chen Z, Li F G. Bidder-anonymous english auction protocol based on revocablering signature. Expert systems with applications.2012,39(15):7062-7066
[61] Sako K. An Auction Protocol which Hides Bids of Losers. In Proceedings of PKC’2000,LNCS1751,2000,:422-432
[62] Kikuchi H, Harkavy M, Tygar J D. Multi-round Anonymous Auction Protocols. InProceedings of the first IEEE workshop on dependable and real time E-commerce Systems,New York,1998:62-69
[63] Schuster A, Wolff R, Giburd B. Privacy-Preserving Association Rule Mining inLarge-scale distributed Systems. In Proceedings of CCGRID’04, IEEE,2004:411-418
[64] Oliveira S, Zaiane O, Saygin Y. Secure Association Rule Sharing. Advances in KnowledgeDiscovery and Data Mining, Lecture Notes in Computer Science, Spring-Verlag3056,2004:74-85
[65] Vaidya J, Clifton C. Privacy Preserving Association Rule Mining in Vertically PartitionedData. In Proceedings of SIGKDD02, Canada,2002:639-644
[66] Oliveria S, Zaiane O. Algorithms for Balancing Privacy and knowledge Discovery inAssociation Rule Mining. In proceedings of the Seventh International DatabasedEngineering and Applications symposium, IEEE,2003:54-63
[67]李顺东,司天歌,戴一奇.集合包含与几何包含的多方保密计算.计算机研究与发展.2005,42(10):1647-1653
[68]罗永龙,黄刘生,荆巍巍等.保护私有信息的叉积协议及其应用.计算机学报.2007,30(02):248-254
[69] Luo Y L, Huang L S, Chen G L, Shen H. Privacy-Preserving Distance Measurement and ItsApplications. Chinese Journal of Electronics,2006,15(2):237-241
[70]罗永龙,黄刘生,荆巍巍等.空间几何对象相对位置判定中的私有信息保护.计算机研究与发展.2006,43(3):410-416
[71] Atallah M, Du W L. Secure multi-party computational geometry, Lecture Notes inComputer Science2125, Spinger,2001:165-179
[72] Du W L. A Study of Several Specific Secure Two-party Computation Problems. Ph.D.dissertation. Purdue University, USA,2000:10-38
[73]罗文俊,李祥.多方安全矩阵乘积协议及应用.计算机学报,2005,28(7):1230-1235
[74]朱友文.分布式环境下的隐私保护技术及其应用研究.博士论文,中国科技大学,2012:6-21
[75]耿涛.安全多方计算若干问题及应用研究.博士论文,北京邮电大学,2012:8-19
[76] Cleve R. Limits on the security of Coin Flips when Half the Processors are Faulty. In18thSTOC,1986:364-369
[77] Beaver D. Secure Multi-Party Protocols and Zeor-Knowlede Proof Systems Tolerating aFaulty Minority. Journal of Cryptology,1991,4(2):75-22
[78] Bar-Ilan J, Beaver D. Non-cryptographic fault-tolerant computing in a constant number ofrounds. In Proc.8th ACM PODC,1989:201-209
[79] Ben-Or M, Goldwasser S, Wigderson A. Completeness Theorems for Non-CryptographicFault-Tolerant Distributed Computation. In20th STOC,1988:1-10
[80] Cramer R, Damgard I, Dziembowski S, Hirt M, and Rabin T. Efficient MultipartyComputations Secure Against an Adaptive Adversary. In Proc. Eurocrypt1999:311-326
[81] Cramer R. Damgard I, Maurer U. General secure multi-party computation from any linearsecure-sharing scheme. In EUROCRYPT2000:316-334
[82] Chaum D, Crepeau C, Damgard I. Multi-party Unconditionally Secure Protocols. In20thSTOC,1988:1-19
[83] Beame P, Huynh-Ngoc D T. Multiparty communication complexity and threshold circuitcomplexity of AC. In Proceedings of the50th Annual Ieee Symposium on Foundations ofComputer Science,2009:53-62
[84] Beaver D, Micali S, Rogaway P. The Round Complexity of Secure Protocols. In22ndSTOC,1990:503-513
[85] Cramer R, Damgard I, Nielsen J. Multiparty computation from threshold homomorphicencryption. In EUROCRYPT’01,2001:280-299
[86] Damgard I, Nielsen. Multiparty Computation from Threshold homomorphic Encryption.CRYPTO2003:247-264
[87] Garay J A, Mackenzie P D, Yang K. Efficient and Universally Composable CommittedOblivious Transfer and Appications. TCC2004:297-316
[88] Katz J, Ostrovsky R. Round-Optimal Secure Two-Party Computation. In CRYPTO2004:335-354
[89] Lindell Y. Parallel Coin-Tossing and Constant-Round Secure Two-Party Computation.Journal of Cryptology2003,16(3):143-184
[90] He L B, Huang L S, Yang W, Xu R. A protocol for the secure two-party quantum scalarproduct. Physics Letters A.2012,376(16):1323-1327
[91] Gordon S D, Hazay C, Katz J, and Lindell Y. Complete fairness in secure two-partycomputation. In40th ACM Synmposium on Theory of Computing (STOC),2008:413-422
[92] Moran T, Naor M, and Segev G. An optimally fair coin toss. In6th Theory ofCryptography Conference–TCC2009, volume5444of LNCS, Berlin: Springer,2009:1-18
[93] Pinkas B. Fair secure two-party computation. In Advances in Cryptology–Eurocrypt2003,volume2656of LNCS, Berlin: Springer,2003:87-105
[94] Luby M, Micali S, Rackoff C. How to Simultaneously Exchange a Secret Bit by Flipping aSymmetrically-Biased Coin. FOCS,1983:11-22
[95] Franz M, Deiseroth B, Hamacher K, Jha S, Katzenbeisser S, Schroder H. Securecomputations on non-integer values with applications to privacy-preserving sequenceanalysis. Information security technical reprot2013,17(3):117-128.
[96] Beaver D, Goldwasser S. Multiparty Computation with Faulty Majority. In Proc. of FOCS,1989:468-473
[97] Canetti R, Lindell Y, Ostrovsky R, Sahai A. Universally Secure Multi-Party Computation.In34th STOC,2002:494-503
[98] Goldwasser S, Levin L A. Fair Computation of general functions in presence of immoralmajority. In Advances in Crypto’90, volume537of LNCS, Berllin: Springer,1991:77-93
[99] Li Y B, Wen Q Y, Qin S J. Improved secure multiparty computation with a dishnoestmajority via quantum means. International jouranl of theoretical physics.2013,52(1):199-205.
[100] Katz J, Ostrovsky R, Smith A. Round Efficiency of Multi-party Computation with aDishonest Majority. In EUROCRYPT2003:578-595.
[101] Julien B, Herve C, Alain P. Privacy-preserving biometric identification using securemultiparty compuation. Ieee signal processing magazine.2013,30(2):42-52.
[102] Izmalkov S, Lepinski M, Micali S. Rational secure computation and ideal mechanismdesign. Proc.46th IEEE Symp. Foundations of Computer Science (FOCS),2004:623-632
[103] Izmalkov S, Lepinski M, Micali S. Veriably Secure Devices. In5th Theory ofCryptography Conference, LNCS, Springer-Verlag4948,2008:273-301
[104] Lepinksi M, Micali S, Shelat A. Collusion-free protocols. Proc.37th ACM Symp. Theoryof Computing(STOC),2005:543-552
[105] Lepinski M, Micali S, Peikert C, Shelat A. Completely fair SFE and coalition-safe cheaptalk. Proc.23th ACM Symp. Principles of Distributed Computing(PODC),2004:1-10
[106] Lysyanskaya A, Triandopoulos N. Rationality and adversarial behavior in multi-partycomputation. Advances in Cryptology,(LNCS,4117),2006:180-197
[107] Asharov G, Canetti R, Hazay C. Towards a game theoretic view of secure computation. InAdvances in Cryptology Eurocrypt, Springer,2011:426-445
[108] Groce A, Katz J. Fair computation with rational players. in Advances in CryptologyEurocrypt, Springer,2012:81-98
[109]李顺东,王道顺.现代密码学:理论、方法与研究前沿.北京:科学出版社,2009:19-38
[110] Michael Sipser著,唐常杰等人译.计算理论导引.机械工业出版社,2006:153-166
[111]冯登国.可证明安全性理论与方法研究.软件学报,2005,16(10):1743-1756
[112] Goldwasser S, Micali S. Probabilistic encryption. Journal of Computer and System Science,1984,28:270-299
[113] Bellare M, Rogaway P. Random oracles are practical: a paradigm for designing efficientprotocol. In Proc. of the1st CCCS, ACM Press, New York,1993:62-73
[114] Bellare M. Practice-Oriented Provable Security. Modern Cryptology in Theory and Practice.LNCS1561, Berlin, Spriner-Verlag,1999:1-15
[115] Pointcheval D, Stern J. Security proofs for signature schemes. Advances in Cryptology–Proceedings of EUROCRYPT’96, Springer-Verlag, LNCS1070,1996:387-398
[116] Pointcheval D, Stern J.Security Arguments for Digital Signatures and Blind Signatures.Journal of Cryptology,2000,13(3):361-396
[117] Coron J S. On the exact security of full domain hash. In advances in Cryptography–Crypto2000, volume LNCS1880,2000:229-235
[118] Rabin M O. How to exchange secrets by oblivious transfer. Technical Report TR-81, AikenComputation Laboratory, Harvard University,1981
[119] Goldreich O. Foundations of Cryptography: Basic Applications. London: CambridgeUniversity Press,2004:200-216
[120]毛文波.现代密码学理论与实践.电子工业出版社,2004:340-351
[121]刘木兰,张志芳.密钥共享体制和安全多方计算.电子工业出版社,2008:6-34
[122]李光久.博弈论基础-要点注释与题解精编.江苏大学出版社.2008:96-130
[123]谢识予.经济博弈论(第二版).复旦大学出版社,2002:138-158
[124] Osborne M J. An Introduction to Game Theory. Oxford University Press,2004:121-160
[125] Andres P. Epistemic game theory. Cambridge University press,2012:87-112
[126]张维迎.博弈论与信息经济学.上海人民出版社,2004:355-386
[127]刘庆财.博弈论:日常生活中的博弈策略.中国华侨出版社,2012:85-109
[128] Katz J. Bridging game theory and cryptography: Recent results and future directions. In5thTheory of Cryptography Conference-TCC2008, LNCS, Springer-Verlag4984,2008:251-272
[129] Dodis Y, Rabin T. Cryptography and game theory. Algorithmic Game Theory, CambridgUniversity Press,2007:181-207
[130] Dodis Y, Halevi S, Rabin T. A cryptographic solution to a game eheoretic problem. InAdvances in Cryptology,2006:3-130
[131] Bernheim B D, Peleg B, Whinston M D. Coalition-proof Nash equilibria: Ⅰ. Concepts.Journal of Economic Theory42,1987:1-12
[132] Bernheim B D, Peleg B, Whinston M D. Coalition-proof Nash equilibria: Ⅱ. Applications.Journal of Economic Theory42,1987:13-29
[133] Micali S, Rabin M, Vadhan S. Verifiable random functions. In Proceedings of the40thIEEE Symposium on Foundations of Computer Science. New York: IEEE press,1999:120-130
[134] Dodis Y. Efficient construction of (distributed) verifiable random functions. In proceedingsof6th International Workshop on Theory and Practice in Public Key Cryptography,2003:1-17
[135] Ysyanskaya A. Unique signatures and verifiable random functions from DH-DDHseparation. In Proceedings of the22th Annual International Cryptologh Conference onAdvances in Cryptology,2002:597-612
[136] Dodis Y, Yampolskiy A. A verifiable random function with short proof and keys. InPKC2005, LNCS, Springer-Verlag3386,2005:416-431
[137] Gordon S, Katz J. Complete fairness in multi-party computation without an honest majority.In6th Theory of Cryptography Conference, volume5444of LNCS, Springer,2009:19-35
[138] Lamport L, Shostak R, Pease M. The Byzantine Generals Problem. ACM transactions onProgramming Languages and Systems,1982,4(3):382-401
[139] Cox B, Tygar J. D, Sirbu M. NetBill security and transaction protocol. In Proceedings ofthe1st USENIX Workshop in Electronic Commerce,1995:77-88
[140] Rabin M. O. Transaction protection by beacons. Tech. Rep. Harvard Center for Research inOmputer Technology, Cambridge, Mass.,1981:29-91
[141] Kolata G. Gryptographers gather to dicuss research. Science,1981,214(6):646-647
[142] Peterson I. Whom do you trust. Science News,1981,120(13):205-206
[143] He J, Dawson E, Multistage secret sharing based on one-way function. Electron. Lett,1994,30(19):1591-1592
[144] Harn L. Efficient sharing (broadcasting) of multiple secrets. IEEE Proceedings-Computersand Digital Techniques.1995,142(3):237-240
[145]秦静,张振峰,冯登国等.无信息泄露的比较协议.软件学报.2004,15(3):421-427
[146]李顺东,戴一奇,游启友.姚氏百万富翁问题的高效解决方案.电子学报,2005,33(5):769-773
[147] Li Shundong, Wang Daoshun, Dai Yiqi, Luo Ping. Symmetric cryptographic solution toYao’s millionaires’ problem and an evaluation of secure multiparty computations.Information Sciences,2008,178(1):244-255
[148] Cachin C. Efficient private bidding and anctions with an oblivious third party. The6thACM Conference on Computer and Communications Security, Singapore,1999:120-127
[149] Li Ronghua, Wu Chuankun, and Zhang Yuqing. A fair and efficient protocol for themillionaires’ problem. Chinese Journal of Electronics.2009,18(2):249-254
[150] Garay J, MacKenzie P, Prabhakaran M, et al. Resource Fairness and Composability ofCryptographic Protocols. LNCS3876: Proc of the3rd Theory of Cryptography Conference(TCC), Berlin: Springer,2006:404-428
[151] Canetti R. Security and composition of multiparty cryptographic protocols. Journal ofCryptology,2000,13(1):143-202
[152] Clifton C, Kantarcioglu M, Vaidya J, Lin X, Zhu,M. Tools for privacy preservingdistributed data mining. ACM SIGKDD Explorations,2003,4(2):28-34
[153] Schneier B. Applied Cryptography John Wiley&Sons,2nd edition,1995:25-31
[154] Kantarcioglu M, Clifton C. Privacy-Preserving Distributed Mining of Association Rules onHorizontally Partitioned Data. IEEE Transactions on Knowledge and Data Engineering,2004,16(9):1026-1037
[155] Zhan J, Blosser G, Yang C, Singh L. Privacy-Preserving Collaborative Social Networks.Proc. of ISI2008International Workshops, Taipei, Taiwan, LNCS, Vol.5075, BerlinSpringer-Verlag,2008:114-125
[156] Shepard S, Kresman R, Dunning L. Data Mining and Collusion Resistance. Proc. Of WorldCongress on Engineering,2009:283-288
[157] Urabe S, Wang J, Kodama E, Takata T. A High Collusion-Resistant Approach toDistributed Privacy-preserving Data Mining. IJSP Transactions on Databases.2007:48(11):104-117
[158] Zhu Y W, Huang L S, Yang W, Yuan X. Efficient Collusion-Resisting Secure SumProtocol. Chinese Journal of Electronics,2011,20(3):407-413
[159] Yi X, Zhang Y C. Equally contributory privacy-preserving k-means clustering oververtically partitioned data. Information systems.2013,38(1):97-107
[160] Kargupta H, Das K, Liu K. A Game Theoretic Approach toward Multi-PartyPrivacy-Preserving Distributed Data Mining. Proc. Of11th European Conference onPrinciples and Practice of Knowledge Discovery in Databases, Berlin: Springer,2007:1-13.
[161] Alwen J, Shelat A, Visconti I. Collusion-Free Protocols in the Mediated Model. Advancesin Cryptology—Crypto2008, LNCS5157, Berlin: Springer,2008:497-514
[162] Katz J, LIndell Y. Collusion-Free Multiparty Computation in the Mediated Model.Advances in Cryptology—Crypto2009, LNCS5677, Berlin: Springer,2009:524-540
[2] Blakeley G R. Safeguarding cryptographic keys. Proceedings of the National ComputerConference, New York: AFIPS Press,1979:313-317
[3] Chor B, Goldwasser S, Micali S. Verifiable Secret Sharing and Achieving Simultaneity inthe Presence of Faults. Proceedings of the26th Annual Symposium on Foundations ofComputer Science, Washington, DC: IEEE Computer Society,1985:383-395
[4] Feldman P. A practical scheme for non-interactive verifiable secret sharing. Proceedings ofthe28th IEEE Symp. On Foundations of Comp, Science(FOCS’87), Los Angeles: IEEEComputer Society,1987:427-437
[5] Pedersen T P. Distributed provers with applications to undeniable signatures. Proceedingsof Eurocrypt’91, Lecture Notes in Computer Science, LNCS, Springer-Verlag547,1991:221-238
[6] Rabin T, Ben-Or M. Verifiable secret sharing and multi-party protocols with honestmajority, Proc. ACM STOC,1989:73-85
[7] Lin H Y, Harn L., Fair Reconstruction of a Secret. Information Processing Letters,1995,55(1):45-47
[8] Blundo C, De Santis A, Stinson D R. Vaccaro U. Graph Decomposition and Secret SharingSchemes. Journal of Cryptology,1995,8(1):39-64
[9] Sun H M. New construction of perfect secret sharing schemes for graph-based prohibitedstructures. Computers and Electrical Engineering,1999,25(4):267-278
[10]刘木兰,肖亮亮,张志芳.一类基于图上随机游动的密钥共享体制.中国科学E辑:信息科学,2007,37(2):199-208
[11] Naor M, Shamir A. Visual cryptography. In EUROCRYPT1994, LNCS950, Berlin:Springer,1994, pp.1-12
[12] Hou Y C, Quan Z Y Tsai C F, Tseng A Y. Block-based progressive visual secret sharing.Information Sciences,2013,233(1):290-304
[13] Wu X T, Sun W. Improving the visual quality of random grid-based visual secret sharing.Signal Processing,2013,93(5):988-955
[14]张志芳.密钥共享与安全多方计算.中国科学院数学与系统科学研究院博士论文,2007:2-26
[15]许静芳.秘密共享中理想的存取结构及秘密共享实施方案的研究.华中科技大学博士论文,2004:10-28
[16]庞辽军,王育民.基于RSA密码体制(t, n)门限秘密共享方案.通信学报,2005,26(6):70-73
[17]裴庆祺,马建峰,庞辽军,张红斌.基于身份自证实的秘密共享方案.计算机学报,2010,33(1):152-156
[18] Blundo C, Santis A D, Grescenzo G D, Gaggia A G, Vaccaro U. Multi-secret sharingschemes. In Advances in Cryptology-CRYPTO’94, LNCS, Springer-Verlag839,1994:150-163
[19] Blundo C, Santis A D, and Vaccaro U. Efficient sharing of many secrets In Proceedings of10th Symp. On Theoretical Aspects of Computer Science-STACS’93, LNCS,Springer-Verlag665,1993:692-703
[20] Chien H Y, Jan J K, Tseng Y M. A practical (t,n) multi-secret sharing scheme. IEICETransactions on Fundamentals,2000, E83-A (12):2762-2765
[21] Yang C C, Chang T Y, Hwang Min-Shiang. A (t, n) multi-secret sharing scheme. AppliedMathematics and Computation,2004,151(2):483-490
[22] Pang L J. Wang Y M. A new (t, n) multi-secret sharing scheme based on Shamir’s secretsharing. Applied Mathematics and Computation,2005,167(2):840-848
[23]庞辽军,裴庆祺,焦李成,王育民.基于ID的门限多重秘密共享方案.软件学报,2008,19(10):2739-2745
[24] Halpern J, Teague V. Rational Secret Sharing and Multiparty Computation. Proceedings ofthe36th Annual ACM Symposium on Theory of Computing(STOC), New York: ACMPress,2004:623-632
[25] Wang Yilei, Wang Hao, Xu Qiuliang. Rational secret sharing with semi–rational players.International Journal of Grid and Utility Computing,2012,3(1):59-87
[26] Tian Youliang, Ma Jianfeng, Peng Changgen. et.al. One-time rational secret sharingscheme based on bayesian game. Wuhan University Journal of Natural Sciences,2011,16(5):430-434
[27] Cai Yongquan, Peng Xiaoyu. Rational Secret Sharing Protocol with Fairness. ChineseJournal of Electronics.2012,21(1):149-152
[28]张恩,蔡永泉.基于双线性对的可验证的理性秘密共享方案.电子学报.2012,40(5):1050-1054
[29] Gordon S D, Katz J. Rational Secret Sharing, Revisited[C]. Proc. of the5th Security andCryptography for Networks(SCN),2006:229-241
[30] Abraham I, Dolev D, Gonen R, Halpern J. Distributed computing meets game theory:robust mechanisms for rational secret sharing and multiparty computation. Proc.25th ACMSymp. Principles of Distributed Computing(PODC),2006:53-62
[31] Maleka S, Amjed S, Rangan C P. Rational Secret Sharing with Repeated Games. In4thInformation Security Practice and Experience Conference, LNCS, Springer-Verlag4991,2008:334-346
[32] Maleka S, Amjed S, Rangan C P. The Deterministic Protocol for Rational Secret Sharing.In22th IEEE International Parallel and Distributed Processing Symposium, Miami, FL:IEEE Computer Society,2008:1-7
[33] Cai Yongquan, Luo Zhanhai, Yang Yi. Rational Multi-Secret Sharing Scheme Based OnBit Commitment Protocol. Journal of Networks,2012,7(4):738-745
[34] Zhang Z F, Liu M L. Rational secret sharing as extensive games. Scientia SinicaInformationis,2012,42(1):32-46
[35] Zhang E, Cai Y Q. A New Rational Secret Sharing. China Communications,2010,7(4):18-22
[36] Isshiki T, Wada K, Tanaka K. A Rational Secret-Sharing Scheme Based on RSA-OAEP.IEICE Transactions on Fundamentals,2010, E93-A(1):42-49
[37] Kol G, Naor M. Cryptography and Game Theory: Designing Protocols for ExchangingInformation. In the Proceedings of the5th Theory of Cryptography Conference (TCC).Springer-Verlag,2008:320-339
[38] Kol G, Naor M. Games for exchanging information. Proceedings of the40th Annual ACMSymposium on Theory of Computing(STOC), New York: ACM Press,2008:423-432
[39] Micali S, Shelat A. Purely Rational Secret Sharing. In6th Theory of CryptographyConference, LNCS, Springer-Verlag5444,2009:54-71
[40] One S J, Parkes D, Rosen A, Vadhan S. Fairness with an honest minority and a rationalmajority. Proc.6th Theory of Cryptography Conference (TCC),(LNCS,5444),2009:36-53
[41] Fuchsbauer G, Katz J, Naccache D. Eficient Rational Secret Sharing in the StandardCommunication Networks. Proc.7th Theory of Cryptography Conference (TCC),2010(LNCS,5978), pp.419-436
[42] Asharov G, Lindell Y. Utility Dependence in Correct and Fair Rational Secret Sharing.Journal of Cryptology,2011,24(1):157-202
[43] William K. MOses Jr, and C. Pandu Rangan. Rational Secret Sharing over anAsynchronous Broadcast Channel with Information Theoretic Security. InternationalJournal of Network Security&Its Applications (IJNSA),2011,3(6):1-18
[44] William K. MOses Jr, and C. Pandu Rangan. secret sharing with honest players over anasynchronous channel. Advances in Network Security and Applications-Communicationsin Computer and Information Science,2011,196(1):414-426
[45] Yao A. Protocols for secure computations. Proc23th IEEE Symposium on Foundationsof Computer Science(FOCS’82), IEEE Computer Society.1982:160-164
[46] Yao A. How to generate and exchange secrets. Proc27th IEEE Symposium onFoundations of Computer Science(FOCS’86), IEEE Computer Society,1986:162-167
[47] Goldreich O, Micali S, Wigderson A. How to play any mental game. Proc of the19thAnnual ACM Symposium on Theory of Computing, New York: ACM Press,1987:218-229
[48] Goldreich O. Foundations of cryptography–Volume2, Basic Applications. Cambridge:Cambridge University Press,2004:599-759
[49] Goldwasser S. Multi-party computations: past and present. Proc of the16th Annual ACMSymposium on Principles of Distributed Computing, New York: ACM Press,1997:1-6
[50] Chaum D, Crepeau C, Damgard I. Multiparty unconditionally secure protocols. Inproceedings of the twentieth annual ACM symposium on theory of computing, New York:ACM,1988:11-19
[51] Beaver D. Foundations of secure interactive computing. In CRYPTO’91, Springer-Verlag,1991:377-391
[52] Hirt M, Maurer U, Przydatek B. Efficient secure multi-party computation. In Advances incryptology-ASIACRYPT2000. Lecture Notes in Computer Science, Springer-Verlag,2000:143-161
[53] Hirt M, Maurer U. Robustness for Free in Unconditional Multi-party Computation. InProceedings of CRYPTO’01,2001:101-118
[54] Franklin M K, Yung M. Communication Complexity of Secure Computation (extendedabstract). In Proceedings of24th ACM symposium on the Theory of Computing (STOC),1992:699-710
[55] Asokan N, Shoup V, Waidner M. Asynchronous Protocols for Optimistic Fair Exchange. InProceedings of IEEE Symposium on Research in Security and Privacy,1998:86-99
[56] Blum M. How to Exchange (Secret) Keys. ACM Transactions on Computer Systems,1983,1(2):175-193
[57] Asokan N, Shoup V, Waidner M. Optimistic Fair Exchange of Digital Signatures. InProceedings of the Workshop on the Theory and Application of Cryptographic Techniques,Eurocrypt’98, Helsinki, Finland,1998:591-606
[58] Li M J, Juan J S, Tsai J H. Practical electronic auction scheme with stong anonymity andbidding privacy. Information sciences,2011,181(12):2576-2586
[59] Imamura Y, Matsumoto T, Imai H. Electronic Anonymous Bidding Scheme. TheSymposium on Cryptography and Information Security, IEEE, Australia,1994:152-156
[60] Xiong H, Chen Z, Li F G. Bidder-anonymous english auction protocol based on revocablering signature. Expert systems with applications.2012,39(15):7062-7066
[61] Sako K. An Auction Protocol which Hides Bids of Losers. In Proceedings of PKC’2000,LNCS1751,2000,:422-432
[62] Kikuchi H, Harkavy M, Tygar J D. Multi-round Anonymous Auction Protocols. InProceedings of the first IEEE workshop on dependable and real time E-commerce Systems,New York,1998:62-69
[63] Schuster A, Wolff R, Giburd B. Privacy-Preserving Association Rule Mining inLarge-scale distributed Systems. In Proceedings of CCGRID’04, IEEE,2004:411-418
[64] Oliveira S, Zaiane O, Saygin Y. Secure Association Rule Sharing. Advances in KnowledgeDiscovery and Data Mining, Lecture Notes in Computer Science, Spring-Verlag3056,2004:74-85
[65] Vaidya J, Clifton C. Privacy Preserving Association Rule Mining in Vertically PartitionedData. In Proceedings of SIGKDD02, Canada,2002:639-644
[66] Oliveria S, Zaiane O. Algorithms for Balancing Privacy and knowledge Discovery inAssociation Rule Mining. In proceedings of the Seventh International DatabasedEngineering and Applications symposium, IEEE,2003:54-63
[67]李顺东,司天歌,戴一奇.集合包含与几何包含的多方保密计算.计算机研究与发展.2005,42(10):1647-1653
[68]罗永龙,黄刘生,荆巍巍等.保护私有信息的叉积协议及其应用.计算机学报.2007,30(02):248-254
[69] Luo Y L, Huang L S, Chen G L, Shen H. Privacy-Preserving Distance Measurement and ItsApplications. Chinese Journal of Electronics,2006,15(2):237-241
[70]罗永龙,黄刘生,荆巍巍等.空间几何对象相对位置判定中的私有信息保护.计算机研究与发展.2006,43(3):410-416
[71] Atallah M, Du W L. Secure multi-party computational geometry, Lecture Notes inComputer Science2125, Spinger,2001:165-179
[72] Du W L. A Study of Several Specific Secure Two-party Computation Problems. Ph.D.dissertation. Purdue University, USA,2000:10-38
[73]罗文俊,李祥.多方安全矩阵乘积协议及应用.计算机学报,2005,28(7):1230-1235
[74]朱友文.分布式环境下的隐私保护技术及其应用研究.博士论文,中国科技大学,2012:6-21
[75]耿涛.安全多方计算若干问题及应用研究.博士论文,北京邮电大学,2012:8-19
[76] Cleve R. Limits on the security of Coin Flips when Half the Processors are Faulty. In18thSTOC,1986:364-369
[77] Beaver D. Secure Multi-Party Protocols and Zeor-Knowlede Proof Systems Tolerating aFaulty Minority. Journal of Cryptology,1991,4(2):75-22
[78] Bar-Ilan J, Beaver D. Non-cryptographic fault-tolerant computing in a constant number ofrounds. In Proc.8th ACM PODC,1989:201-209
[79] Ben-Or M, Goldwasser S, Wigderson A. Completeness Theorems for Non-CryptographicFault-Tolerant Distributed Computation. In20th STOC,1988:1-10
[80] Cramer R, Damgard I, Dziembowski S, Hirt M, and Rabin T. Efficient MultipartyComputations Secure Against an Adaptive Adversary. In Proc. Eurocrypt1999:311-326
[81] Cramer R. Damgard I, Maurer U. General secure multi-party computation from any linearsecure-sharing scheme. In EUROCRYPT2000:316-334
[82] Chaum D, Crepeau C, Damgard I. Multi-party Unconditionally Secure Protocols. In20thSTOC,1988:1-19
[83] Beame P, Huynh-Ngoc D T. Multiparty communication complexity and threshold circuitcomplexity of AC. In Proceedings of the50th Annual Ieee Symposium on Foundations ofComputer Science,2009:53-62
[84] Beaver D, Micali S, Rogaway P. The Round Complexity of Secure Protocols. In22ndSTOC,1990:503-513
[85] Cramer R, Damgard I, Nielsen J. Multiparty computation from threshold homomorphicencryption. In EUROCRYPT’01,2001:280-299
[86] Damgard I, Nielsen. Multiparty Computation from Threshold homomorphic Encryption.CRYPTO2003:247-264
[87] Garay J A, Mackenzie P D, Yang K. Efficient and Universally Composable CommittedOblivious Transfer and Appications. TCC2004:297-316
[88] Katz J, Ostrovsky R. Round-Optimal Secure Two-Party Computation. In CRYPTO2004:335-354
[89] Lindell Y. Parallel Coin-Tossing and Constant-Round Secure Two-Party Computation.Journal of Cryptology2003,16(3):143-184
[90] He L B, Huang L S, Yang W, Xu R. A protocol for the secure two-party quantum scalarproduct. Physics Letters A.2012,376(16):1323-1327
[91] Gordon S D, Hazay C, Katz J, and Lindell Y. Complete fairness in secure two-partycomputation. In40th ACM Synmposium on Theory of Computing (STOC),2008:413-422
[92] Moran T, Naor M, and Segev G. An optimally fair coin toss. In6th Theory ofCryptography Conference–TCC2009, volume5444of LNCS, Berlin: Springer,2009:1-18
[93] Pinkas B. Fair secure two-party computation. In Advances in Cryptology–Eurocrypt2003,volume2656of LNCS, Berlin: Springer,2003:87-105
[94] Luby M, Micali S, Rackoff C. How to Simultaneously Exchange a Secret Bit by Flipping aSymmetrically-Biased Coin. FOCS,1983:11-22
[95] Franz M, Deiseroth B, Hamacher K, Jha S, Katzenbeisser S, Schroder H. Securecomputations on non-integer values with applications to privacy-preserving sequenceanalysis. Information security technical reprot2013,17(3):117-128.
[96] Beaver D, Goldwasser S. Multiparty Computation with Faulty Majority. In Proc. of FOCS,1989:468-473
[97] Canetti R, Lindell Y, Ostrovsky R, Sahai A. Universally Secure Multi-Party Computation.In34th STOC,2002:494-503
[98] Goldwasser S, Levin L A. Fair Computation of general functions in presence of immoralmajority. In Advances in Crypto’90, volume537of LNCS, Berllin: Springer,1991:77-93
[99] Li Y B, Wen Q Y, Qin S J. Improved secure multiparty computation with a dishnoestmajority via quantum means. International jouranl of theoretical physics.2013,52(1):199-205.
[100] Katz J, Ostrovsky R, Smith A. Round Efficiency of Multi-party Computation with aDishonest Majority. In EUROCRYPT2003:578-595.
[101] Julien B, Herve C, Alain P. Privacy-preserving biometric identification using securemultiparty compuation. Ieee signal processing magazine.2013,30(2):42-52.
[102] Izmalkov S, Lepinski M, Micali S. Rational secure computation and ideal mechanismdesign. Proc.46th IEEE Symp. Foundations of Computer Science (FOCS),2004:623-632
[103] Izmalkov S, Lepinski M, Micali S. Veriably Secure Devices. In5th Theory ofCryptography Conference, LNCS, Springer-Verlag4948,2008:273-301
[104] Lepinksi M, Micali S, Shelat A. Collusion-free protocols. Proc.37th ACM Symp. Theoryof Computing(STOC),2005:543-552
[105] Lepinski M, Micali S, Peikert C, Shelat A. Completely fair SFE and coalition-safe cheaptalk. Proc.23th ACM Symp. Principles of Distributed Computing(PODC),2004:1-10
[106] Lysyanskaya A, Triandopoulos N. Rationality and adversarial behavior in multi-partycomputation. Advances in Cryptology,(LNCS,4117),2006:180-197
[107] Asharov G, Canetti R, Hazay C. Towards a game theoretic view of secure computation. InAdvances in Cryptology Eurocrypt, Springer,2011:426-445
[108] Groce A, Katz J. Fair computation with rational players. in Advances in CryptologyEurocrypt, Springer,2012:81-98
[109]李顺东,王道顺.现代密码学:理论、方法与研究前沿.北京:科学出版社,2009:19-38
[110] Michael Sipser著,唐常杰等人译.计算理论导引.机械工业出版社,2006:153-166
[111]冯登国.可证明安全性理论与方法研究.软件学报,2005,16(10):1743-1756
[112] Goldwasser S, Micali S. Probabilistic encryption. Journal of Computer and System Science,1984,28:270-299
[113] Bellare M, Rogaway P. Random oracles are practical: a paradigm for designing efficientprotocol. In Proc. of the1st CCCS, ACM Press, New York,1993:62-73
[114] Bellare M. Practice-Oriented Provable Security. Modern Cryptology in Theory and Practice.LNCS1561, Berlin, Spriner-Verlag,1999:1-15
[115] Pointcheval D, Stern J. Security proofs for signature schemes. Advances in Cryptology–Proceedings of EUROCRYPT’96, Springer-Verlag, LNCS1070,1996:387-398
[116] Pointcheval D, Stern J.Security Arguments for Digital Signatures and Blind Signatures.Journal of Cryptology,2000,13(3):361-396
[117] Coron J S. On the exact security of full domain hash. In advances in Cryptography–Crypto2000, volume LNCS1880,2000:229-235
[118] Rabin M O. How to exchange secrets by oblivious transfer. Technical Report TR-81, AikenComputation Laboratory, Harvard University,1981
[119] Goldreich O. Foundations of Cryptography: Basic Applications. London: CambridgeUniversity Press,2004:200-216
[120]毛文波.现代密码学理论与实践.电子工业出版社,2004:340-351
[121]刘木兰,张志芳.密钥共享体制和安全多方计算.电子工业出版社,2008:6-34
[122]李光久.博弈论基础-要点注释与题解精编.江苏大学出版社.2008:96-130
[123]谢识予.经济博弈论(第二版).复旦大学出版社,2002:138-158
[124] Osborne M J. An Introduction to Game Theory. Oxford University Press,2004:121-160
[125] Andres P. Epistemic game theory. Cambridge University press,2012:87-112
[126]张维迎.博弈论与信息经济学.上海人民出版社,2004:355-386
[127]刘庆财.博弈论:日常生活中的博弈策略.中国华侨出版社,2012:85-109
[128] Katz J. Bridging game theory and cryptography: Recent results and future directions. In5thTheory of Cryptography Conference-TCC2008, LNCS, Springer-Verlag4984,2008:251-272
[129] Dodis Y, Rabin T. Cryptography and game theory. Algorithmic Game Theory, CambridgUniversity Press,2007:181-207
[130] Dodis Y, Halevi S, Rabin T. A cryptographic solution to a game eheoretic problem. InAdvances in Cryptology,2006:3-130
[131] Bernheim B D, Peleg B, Whinston M D. Coalition-proof Nash equilibria: Ⅰ. Concepts.Journal of Economic Theory42,1987:1-12
[132] Bernheim B D, Peleg B, Whinston M D. Coalition-proof Nash equilibria: Ⅱ. Applications.Journal of Economic Theory42,1987:13-29
[133] Micali S, Rabin M, Vadhan S. Verifiable random functions. In Proceedings of the40thIEEE Symposium on Foundations of Computer Science. New York: IEEE press,1999:120-130
[134] Dodis Y. Efficient construction of (distributed) verifiable random functions. In proceedingsof6th International Workshop on Theory and Practice in Public Key Cryptography,2003:1-17
[135] Ysyanskaya A. Unique signatures and verifiable random functions from DH-DDHseparation. In Proceedings of the22th Annual International Cryptologh Conference onAdvances in Cryptology,2002:597-612
[136] Dodis Y, Yampolskiy A. A verifiable random function with short proof and keys. InPKC2005, LNCS, Springer-Verlag3386,2005:416-431
[137] Gordon S, Katz J. Complete fairness in multi-party computation without an honest majority.In6th Theory of Cryptography Conference, volume5444of LNCS, Springer,2009:19-35
[138] Lamport L, Shostak R, Pease M. The Byzantine Generals Problem. ACM transactions onProgramming Languages and Systems,1982,4(3):382-401
[139] Cox B, Tygar J. D, Sirbu M. NetBill security and transaction protocol. In Proceedings ofthe1st USENIX Workshop in Electronic Commerce,1995:77-88
[140] Rabin M. O. Transaction protection by beacons. Tech. Rep. Harvard Center for Research inOmputer Technology, Cambridge, Mass.,1981:29-91
[141] Kolata G. Gryptographers gather to dicuss research. Science,1981,214(6):646-647
[142] Peterson I. Whom do you trust. Science News,1981,120(13):205-206
[143] He J, Dawson E, Multistage secret sharing based on one-way function. Electron. Lett,1994,30(19):1591-1592
[144] Harn L. Efficient sharing (broadcasting) of multiple secrets. IEEE Proceedings-Computersand Digital Techniques.1995,142(3):237-240
[145]秦静,张振峰,冯登国等.无信息泄露的比较协议.软件学报.2004,15(3):421-427
[146]李顺东,戴一奇,游启友.姚氏百万富翁问题的高效解决方案.电子学报,2005,33(5):769-773
[147] Li Shundong, Wang Daoshun, Dai Yiqi, Luo Ping. Symmetric cryptographic solution toYao’s millionaires’ problem and an evaluation of secure multiparty computations.Information Sciences,2008,178(1):244-255
[148] Cachin C. Efficient private bidding and anctions with an oblivious third party. The6thACM Conference on Computer and Communications Security, Singapore,1999:120-127
[149] Li Ronghua, Wu Chuankun, and Zhang Yuqing. A fair and efficient protocol for themillionaires’ problem. Chinese Journal of Electronics.2009,18(2):249-254
[150] Garay J, MacKenzie P, Prabhakaran M, et al. Resource Fairness and Composability ofCryptographic Protocols. LNCS3876: Proc of the3rd Theory of Cryptography Conference(TCC), Berlin: Springer,2006:404-428
[151] Canetti R. Security and composition of multiparty cryptographic protocols. Journal ofCryptology,2000,13(1):143-202
[152] Clifton C, Kantarcioglu M, Vaidya J, Lin X, Zhu,M. Tools for privacy preservingdistributed data mining. ACM SIGKDD Explorations,2003,4(2):28-34
[153] Schneier B. Applied Cryptography John Wiley&Sons,2nd edition,1995:25-31
[154] Kantarcioglu M, Clifton C. Privacy-Preserving Distributed Mining of Association Rules onHorizontally Partitioned Data. IEEE Transactions on Knowledge and Data Engineering,2004,16(9):1026-1037
[155] Zhan J, Blosser G, Yang C, Singh L. Privacy-Preserving Collaborative Social Networks.Proc. of ISI2008International Workshops, Taipei, Taiwan, LNCS, Vol.5075, BerlinSpringer-Verlag,2008:114-125
[156] Shepard S, Kresman R, Dunning L. Data Mining and Collusion Resistance. Proc. Of WorldCongress on Engineering,2009:283-288
[157] Urabe S, Wang J, Kodama E, Takata T. A High Collusion-Resistant Approach toDistributed Privacy-preserving Data Mining. IJSP Transactions on Databases.2007:48(11):104-117
[158] Zhu Y W, Huang L S, Yang W, Yuan X. Efficient Collusion-Resisting Secure SumProtocol. Chinese Journal of Electronics,2011,20(3):407-413
[159] Yi X, Zhang Y C. Equally contributory privacy-preserving k-means clustering oververtically partitioned data. Information systems.2013,38(1):97-107
[160] Kargupta H, Das K, Liu K. A Game Theoretic Approach toward Multi-PartyPrivacy-Preserving Distributed Data Mining. Proc. Of11th European Conference onPrinciples and Practice of Knowledge Discovery in Databases, Berlin: Springer,2007:1-13.
[161] Alwen J, Shelat A, Visconti I. Collusion-Free Protocols in the Mediated Model. Advancesin Cryptology—Crypto2008, LNCS5157, Berlin: Springer,2008:497-514
[162] Katz J, LIndell Y. Collusion-Free Multiparty Computation in the Mediated Model.Advances in Cryptology—Crypto2009, LNCS5677, Berlin: Springer,2009:524-540