SSBAS-FA: A secure sealed-bid e-auction scheme with fair arbitration based on time-released blockchain

Abstract

Electronic auctions are becoming more and more popular in business activities, which provide the professionals with competitive prices for their products, pitching the suppliers directly against each other to allow suppliers to bid online against a published specification. In sealed-bid e-auctions, bidders send sealed-bid envelopes to auctioneer and auctioneer only can open them after a certain period of time to announce the highest bidder. In order to solve the issue of the opacity of whole sealed-bid auction process, researchers try to solve this problem by incorporating the blockchain technique into the e-auction systems with the properties of unforgeable transaction and public ledger of the blockchain. However, since the auctioneer might open the bid envelope before the deadline of the auction, it can tamper the bid price by colluding with malicious bidders for personal profit. In this paper, we propose a time-released blockchain-based sealed-bid e-auction scheme. We use time-lock encryption to ensure that the bidders’ bid data will not be available to anyone until a specified time, thus guaranteeing the security of the bidders’ data. At the same time, we use smart contracts for auction verification, which further improves the security of the scheme and avoids tampering by malicious auctioneers. In addition, we propose a secure sealed-bid e-auction scheme with fair arbitration (namely, SSBAS-FA), that is based on time-released blockchain to provide a fair arbitration mechanism in punishing malicious bidders. We give the deployment of a time-released blockchain that eliminates the demand of the trusted third party to perform the validation of the smart contract. We provide the fair arbitration for the bidder and auctioneer. The security analysis and performance evaluation indicate that our scheme is secure, fair and efficient in sealed-bid e-auction system.

Introduction

e-Auctions play a significant part in various fields, which are generally a ubiquitous way to sell some rare commodities [1]. With the rapid development of the Internet in recent years, traditional offline auctions [2], [3] are gradually being transformed into online e-auctions. Relying on the advantages of low cost and time saving, electronic auctions are widely disseminated among users [4]. A good e-auction system allows bidders and auctioneers to trust each other and provides a good environment for both parties to transact.

In current market, e-auctions mainly include open ascending-bid auctions (English auctions) [5], open descending-bid auctions (Dutch auctions) [6], first-price sealed-bid auctions (FPSBA) [7] and other forms. English auctions are those where bidders bid openly and the highest bidder wins the auction. Dutch auctions are open auctions where the auctioneer bids from high to low until a bidder accepts the current price. FPSBAs are those where the bidder sends a sealed-bid envelope to the auctioneer, who opens the envelope after a period of time and announces the highest bidder. Compared with the previous two, sealed-bid auctions have higher confidentiality. Sealed-bid auctions provide excellent protection of the identity, time and cost of the bidder. However, trust in the auctioneer, who holds the envelope containing the sealed-bid data, becomes an issue. The auctioneer may open the envelopes in advance, or worse, sell the bid data inside to malicious bidders for profit. This is known as an auctioneer–bidder collusion attack [8]. How to protect the privacy of bidders has become a research hotspot.

Currently, sealed-bid e-auctions are generally combined with blockchain is a very vivid direction on research and application. Due to the excellent structure of blockchain such as decentralization, traceability, openness and transparency, the protocol being deployed on the blockchain can then achieve the purpose of removing third parties [9], [10]. That is, the bidders’ privacy is well protected and the correctness of the auction results can be verified after the auction ends by the bidders themselves in blockchain systems. In 2017, the Ministry of Justice of Ukraine [11] used blockchain technology for the first time to conduct auctions in order to improve the transparency of government transactions. The main purpose was to use the transparency and immutability of the blockchain [12] to make the auction process more transparent, so as to promote the modernization of state institutions and eliminate corruption. Galal et al. [13], [14] proposed the combination of sealed-bid auctions with the ethereum blockchain. The scheme used smart contracts and zero-knowledge proofs to guarantee confidentiality and fairness in sealed-bid auctions. However, the verification phase still needed to be performed by the auctioneer.

Due to the fact that the data on the blockchain is visible to all, there is no guarantee that the auctioneer will not decrypt the data before the auction closes, even if the bidders’ data is encrypted with some cryptographic protocol. The auctioneer may sell the data obtained in advance to malicious bidders for a profit. Therefore, we try to use timed-lock encryption to protect the privacy of bidders.

Time-lock encryption [15], also known as time-released encryption [16], is a method of sending a message to the “future” that allows the message to be released only after the deadline. For example, bob has a secret that he wants to announce in a few days, but he does not want others to know about it in the meantime. So he puts the secret in a box with a “time-lock” [17], [18]. The “time-lock” will only be automatically opened after the deadline and the secret will be released publicly. Time-lock encryption has a simple high-level definition: no key is required, and anyone who can prove that the scheduled time has passed can decrypt it. Liu et al. [19] proposed a scheme to build a time-lock encryption. They cleverly combined blockchain technology and witness encryption. Their scheme used the blockchain as a reference clock for computation and achieved no interaction with the trusted third party. Katz et al. [20] proved that accelerating a sequence square is as difficult as factoring a large integer $N$.

In this work, we propose a sealed-bid e-auction scheme with fair arbitration that is based on the time-released blockchain system. Our contributions are listed as follows:

• We propose a time-released blockchain based sealed-bid e-auction scheme. In our solution, we deploy the protocol into a smart contract, which eliminates the need for a trusted third party to perform verification, achieving the openness and transparency of the auction can be achieved. Meanwhile, we employ time-released blockchain technology to ensure that no one can decrypt the bidding data in advance during the auction.

• We propose a fair arbitration mechanism. Unlike previous work, our scheme will require both the bidder and the auctioneer to upload a deposit to the smart contract, and if the bidder is found to be a malicious bidder, the deposit will be given to the auctioneer as a penalty.

• Our scheme allows bidders to verify the correctness of the auction results even after the auction has ended. In addition, we have conducted a security analysis of the scheme and the results analysis show that our scheme is secure.

The rest of this paper is organized as follows. Section 2 provides the related work associated with sealed-bid auctions and time-lock encryption. Section 3 introduces some preliminaries that will be used in this paper. In Section 4, we give the system model, threat model, and design goals of the scheme. In Section 5, we detail the construction our scheme, and i Section 6 we present the security analysis. In Section 7, we provide the performance evaluation and conclude the paper in Section 8.