-
Trustworthy Reputation Games and Applications to Proof-of-Reputation Blockchains
Authors:
Petros Drineas,
Rohit Nema,
Rafail Ostrovsky,
Vassilis Zikas
Abstract:
Reputation systems play an essential role in the Internet era, as they enable people to decide whom to trust, by collecting and aggregating data about users' behavior. Recently, several works proposed the use of reputation for the design and scalability improvement of decentralized (blockchain) ledgers; however, such systems are prone to manipulation and to our knowledge no game-theoretic treatmen…
▽ More
Reputation systems play an essential role in the Internet era, as they enable people to decide whom to trust, by collecting and aggregating data about users' behavior. Recently, several works proposed the use of reputation for the design and scalability improvement of decentralized (blockchain) ledgers; however, such systems are prone to manipulation and to our knowledge no game-theoretic treatment exists that can support their economic robustness.
In this work we put forth a new model for the design of what we call, {\em trustworthy reputation systems}. Concretely, we describe a class of games, which we term {\em trustworthy reputation games}, that enable a set of users to report a function of their beliefs about the trustworthiness of each server in a set -- i.e., their estimate of the probability that this server will behave according to its specified strategy -- in a way that satisfies the following properties:
1. It is $(ε$-)best response for any rational user in the game to play a prescribed (truthful) strategy according to their true belief.
2. Assuming that the users' beliefs are not too far from the {\em true} trustworthiness of the servers, playing the above ($ε-$)Nash equilibrium allows anyone who observes the users' strategies to estimate the relative trustworthiness of any two servers.
Our utilities and decoding function build on a connection between the well known PageRank algorithm and the problem of trustworthiness discovery, which can be of independent interest. Finally, we show how the above games are motivated by and can be leveraged in proof-of-reputation (PoR) blockchains.
△ Less
Submitted 20 May, 2025;
originally announced May 2025.
-
General-Purpose $f$-DP Estimation and Auditing in a Black-Box Setting
Authors:
Önder Askin,
Holger Dette,
Martin Dunsche,
Tim Kutta,
Yun Lu,
Yu Wei,
Vassilis Zikas
Abstract:
In this paper we propose new methods to statistically assess $f$-Differential Privacy ($f$-DP), a recent refinement of differential privacy (DP) that remedies certain weaknesses of standard DP (including tightness under algorithmic composition). A challenge when deploying differentially private mechanisms is that DP is hard to validate, especially in the black-box setting. This has led to numerous…
▽ More
In this paper we propose new methods to statistically assess $f$-Differential Privacy ($f$-DP), a recent refinement of differential privacy (DP) that remedies certain weaknesses of standard DP (including tightness under algorithmic composition). A challenge when deploying differentially private mechanisms is that DP is hard to validate, especially in the black-box setting. This has led to numerous empirical methods for auditing standard DP, while $f$-DP remains less explored. We introduce new black-box methods for $f$-DP that, unlike existing approaches for this privacy notion, do not require prior knowledge of the investigated algorithm. Our procedure yields a complete estimate of the $f$-DP trade-off curve, with theoretical guarantees of convergence. Additionally, we propose an efficient auditing method that empirically detects $f$-DP violations with statistical certainty, merging techniques from non-parametric estimation and optimal classification theory. Through experiments on a range of DP mechanisms, we demonstrate the effectiveness of our estimation and auditing procedures.
△ Less
Submitted 13 June, 2025; v1 submitted 10 February, 2025;
originally announced February 2025.
-
Near-Optimal Communication Byzantine Reliable Broadcast under a Message Adversary
Authors:
Timothé Albouy,
Davide Frey,
Ran Gelles,
Carmit Hazay,
Michel Raynal,
Elad Michael Schiller,
François Taïani,
Vassilis Zikas
Abstract:
We address the problem of Reliable Broadcast in asynchronous message-passing systems with $n$ nodes, of which up to $t$ are malicious (faulty), in addition to a message adversary that can drop some of the messages sent by correct (non-faulty) nodes. We present a Message-Adversary-Tolerant Byzantine Reliable Broadcast (MBRB) algorithm that communicates ${\cal O}(|m|+nκ)$ bits per node, where $|m|$…
▽ More
We address the problem of Reliable Broadcast in asynchronous message-passing systems with $n$ nodes, of which up to $t$ are malicious (faulty), in addition to a message adversary that can drop some of the messages sent by correct (non-faulty) nodes. We present a Message-Adversary-Tolerant Byzantine Reliable Broadcast (MBRB) algorithm that communicates ${\cal O}(|m|+nκ)$ bits per node, where $|m|$ represents the length of the application message and $κ=Ω(\log n)$ is a security parameter. This communication complexity is optimal up to the parameter $κ$. This significantly improves upon the state-of-the-art MBRB solution (Albouy, Frey, Raynal, and Taïani, TCS 2023), which incurs communication of ${\cal O}(n|m|+n^2κ)$ bits per node. Our solution sends at most $4n^2$ messages overall, which is asymptotically optimal. Reduced communication is achieved by employing coding techniques that replace the need for all nodes to (re-)broadcast the entire application message $m$. Instead, nodes forward authenticated fragments of the encoding of $m$ using an erasure-correcting code. Under the cryptographic assumptions of threshold signatures and vector commitments, and assuming $n > 3t+2d$, where the adversary drops at most $d$ messages per broadcast, our algorithm allows at least $\ell = n - t - (1 + ε)d$ (for any arbitrarily low $ε> 0$) correct nodes to reconstruct $m$, despite missing fragments caused by the malicious nodes and the message adversary.
△ Less
Submitted 14 October, 2024; v1 submitted 25 December, 2023;
originally announced December 2023.
-
Concurrent Asynchronous Byzantine Agreement in Expected-Constant Rounds, Revisited
Authors:
Ran Cohen,
Pouyan Forghani,
Juan Garay,
Rutvik Patel,
Vassilis Zikas
Abstract:
It is well known that without randomization, Byzantine agreement (BA) requires a linear number of rounds in the synchronous setting, while it is flat out impossible in the asynchronous setting. The primitive which allows to bypass the above limitation is known as oblivious common coin (OCC). It allows parties to agree with constant probability on a random coin, where agreement is oblivious, i.e.,…
▽ More
It is well known that without randomization, Byzantine agreement (BA) requires a linear number of rounds in the synchronous setting, while it is flat out impossible in the asynchronous setting. The primitive which allows to bypass the above limitation is known as oblivious common coin (OCC). It allows parties to agree with constant probability on a random coin, where agreement is oblivious, i.e., players are not aware whether or not agreement has been achieved.
The starting point of our work is the observation that no known protocol exists for information-theoretic multi-valued OCC with optimal resiliency in the asynchronous setting (with eventual message delivery). This apparent hole in the literature is particularly problematic, as multi-valued OCC is implicitly or explicitly used in several constructions.
In this paper, we present the first information-theoretic multi-valued OCC protocol in the asynchronous setting with optimal resiliency, i.e., tolerating $t < n/3$ corruptions, thereby filling this important gap. Further, our protocol efficiently implements OCC with an exponential-size domain, a property which is not even achieved by known constructions in the simpler, synchronous setting.
We then turn to the problem of round-preserving parallel composition of asynchronous BA. A protocol for this task was proposed by Ben-Or and El-Yaniv [Distributed Computing '03]. Their construction, however, is flawed in several ways. Thus, as a second contribution, we provide a simpler, more modular protocol for the above task. Finally, and as a contribution of independent interest, we provide proofs in Canetti's Universal Composability framework; this makes our work the first one offering composability guarantees, which are important as BA is a core building block of secure multi-party computation protocols.
△ Less
Submitted 22 December, 2023;
originally announced December 2023.
-
The Normal Distributions Indistinguishability Spectrum and its Application to Privacy-Preserving Machine Learning
Authors:
Yun Lu,
Malik Magdon-Ismail,
Yu Wei,
Vassilis Zikas
Abstract:
Differential Privacy (DP) (and its variants) is the most common method for machine learning (ML) on privacy-sensitive data. In big data analytics, one often uses randomized sketching/aggregation algorithms to make processing high-dimensional data tractable. Intuitively, such ML algorithms should provide some inherent privacy, yet most existing DP mechanisms do not leverage or under-utilize this in…
▽ More
Differential Privacy (DP) (and its variants) is the most common method for machine learning (ML) on privacy-sensitive data. In big data analytics, one often uses randomized sketching/aggregation algorithms to make processing high-dimensional data tractable. Intuitively, such ML algorithms should provide some inherent privacy, yet most existing DP mechanisms do not leverage or under-utilize this inherent randomness, resulting in potentially redundant noising. The motivating question of our work is: (How) can we improve the utility of DP mechanisms for randomized ML queries, by leveraging the randomness of the query itself?
Towards a (positive) answer, our key contribution is (proving) what we call the NDIS theorem, a theoretical result with several practical implications. In a nutshell, NDIS is a closed-form analytic computation for the (varepsilon,delta)-indistinguishability-spectrum (IS) of two arbitrary normal distributions N1 and N2, i.e., the optimal delta (for any given varepsilon) such that N1 and N2 are (varepsilon,delta)-close according to the DP distance. The importance of the NDIS theorem lies in that (1) it yields efficient estimators for IS, and (2) it allows us to analyze DP-mechanism with normally-distributed outputs, as well as more general mechanisms by leveraging their behavior on large inputs. We apply the NDIS theorem to derive DP mechanisms for queries with normally-distributed outputs--i.e., Gaussian Random Projections (RP)--and for more general queries--i.e., Ordinary Least Squares (OLS). Compared to existing techniques, our new DP mechanisms achieve superior privacy/utility trade-offs by leveraging the randomness of the underlying algorithms. We then apply the NDIS theorem to a data-driven DP notion--in particular relative DP introduced by Lu et al. [S&P 2024]. Our method identifies the range of (varepsilon,delta) for which no additional noising is needed.
△ Less
Submitted 21 June, 2024; v1 submitted 3 September, 2023;
originally announced September 2023.
-
Synchrony/Asynchrony vs. Stationary/Mobile? The Latter is Superior...in Theory
Authors:
Eli Gafni,
Vasileios Zikas
Abstract:
Like Asynchrony, Mobility of faults precludes consensus. Yet, a model M in which Consensus is solvable, has an analogue relaxed model in which Consensus is not solvable and for which we can ask, whether Consensus is solvable if the system initially behaves like the relaxed analogue model, but eventually morphs into M. We consider two relaxed analogues of M. The first is the traditional Asynchronou…
▽ More
Like Asynchrony, Mobility of faults precludes consensus. Yet, a model M in which Consensus is solvable, has an analogue relaxed model in which Consensus is not solvable and for which we can ask, whether Consensus is solvable if the system initially behaves like the relaxed analogue model, but eventually morphs into M. We consider two relaxed analogues of M. The first is the traditional Asynchronous model, and the second to be defined, the Mobile analogue. While for some M we show that Consensus is not solvable in the Asynchronous analogue, it is solvable in all the Mobile analogues. Hence, from this perspective Mobility is superior to Asynchrony.
The pie in the sky relationship we envision is: Consensus is solvable in M, if and only if binary Commit-Adopt is solvable in the mobile analogue.
The ``only if'' is easy. Here we show case by case that the ``if'' holds for all the common faults types.
△ Less
Submitted 10 February, 2023;
originally announced February 2023.
-
PD-ML-Lite: Private Distributed Machine Learning from Lighweight Cryptography
Authors:
Maksim Tsikhanovich,
Malik Magdon-Ismail,
Muhammad Ishaq,
Vassilis Zikas
Abstract:
Privacy is a major issue in learning from distributed data. Recently the cryptographic literature has provided several tools for this task. However, these tools either reduce the quality/accuracy of the learning algorithm---e.g., by adding noise---or they incur a high performance penalty and/or involve trusting external authorities.
We propose a methodology for {\sl private distributed machine l…
▽ More
Privacy is a major issue in learning from distributed data. Recently the cryptographic literature has provided several tools for this task. However, these tools either reduce the quality/accuracy of the learning algorithm---e.g., by adding noise---or they incur a high performance penalty and/or involve trusting external authorities.
We propose a methodology for {\sl private distributed machine learning from light-weight cryptography} (in short, PD-ML-Lite). We apply our methodology to two major ML algorithms, namely non-negative matrix factorization (NMF) and singular value decomposition (SVD). Our resulting protocols are communication optimal, achieve the same accuracy as their non-private counterparts, and satisfy a notion of privacy---which we define---that is both intuitive and measurable. Our approach is to use lightweight cryptographic protocols (secure sum and normalized secure sum) to build learning algorithms rather than wrap complex learning algorithms in a heavy-cost MPC framework.
We showcase our algorithms' utility and privacy on several applications: for NMF we consider topic modeling and recommender systems, and for SVD, principal component regression, and low rank approximation.
△ Less
Submitted 10 April, 2019; v1 submitted 23 January, 2019;
originally announced January 2019.
-
How Private Are Commonly-Used Voting Rules?
Authors:
Ao Liu,
Yun Lu,
Lirong Xia,
Vassilis Zikas
Abstract:
Differential privacy has been widely applied to provide privacy guarantees by adding random noise to the function output. However, it inevitably fails in many high-stakes voting scenarios, where voting rules are required to be deterministic. In this work, we present the first framework for answering the question: "How private are commonly-used voting rules?" Our answers are two-fold. First, we sho…
▽ More
Differential privacy has been widely applied to provide privacy guarantees by adding random noise to the function output. However, it inevitably fails in many high-stakes voting scenarios, where voting rules are required to be deterministic. In this work, we present the first framework for answering the question: "How private are commonly-used voting rules?" Our answers are two-fold. First, we show that deterministic voting rules provide sufficient privacy in the sense of distributional differential privacy (DDP). We show that assuming the adversarial observer has uncertainty about individual votes, even publishing the histogram of votes achieves good DDP. Second, we introduce the notion of exact privacy to compare the privacy preserved in various commonly-studied voting rules, and obtain dichotomy theorems of exact DDP within a large subset of voting rules called generalized scoring rules.
△ Less
Submitted 23 March, 2021; v1 submitted 15 May, 2018;
originally announced May 2018.
