SSBAS-FA: A secure sealed-bid e-auction scheme with fair arbitration based on time-released blockchain
Introduction
e-Auctions play a significant part in various fields, which are generally a ubiquitous way to sell some rare commodities [1]. With the rapid development of the Internet in recent years, traditional offline auctions [2], [3] are gradually being transformed into online e-auctions. Relying on the advantages of low cost and time saving, electronic auctions are widely disseminated among users [4]. A good e-auction system allows bidders and auctioneers to trust each other and provides a good environment for both parties to transact.
In current market, e-auctions mainly include open ascending-bid auctions (English auctions) [5], open descending-bid auctions (Dutch auctions) [6], first-price sealed-bid auctions (FPSBA) [7] and other forms. English auctions are those where bidders bid openly and the highest bidder wins the auction. Dutch auctions are open auctions where the auctioneer bids from high to low until a bidder accepts the current price. FPSBAs are those where the bidder sends a sealed-bid envelope to the auctioneer, who opens the envelope after a period of time and announces the highest bidder. Compared with the previous two, sealed-bid auctions have higher confidentiality. Sealed-bid auctions provide excellent protection of the identity, time and cost of the bidder. However, trust in the auctioneer, who holds the envelope containing the sealed-bid data, becomes an issue. The auctioneer may open the envelopes in advance, or worse, sell the bid data inside to malicious bidders for profit. This is known as an auctioneer–bidder collusion attack [8]. How to protect the privacy of bidders has become a research hotspot.
Currently, sealed-bid e-auctions are generally combined with blockchain is a very vivid direction on research and application. Due to the excellent structure of blockchain such as decentralization, traceability, openness and transparency, the protocol being deployed on the blockchain can then achieve the purpose of removing third parties [9], [10]. That is, the bidders’ privacy is well protected and the correctness of the auction results can be verified after the auction ends by the bidders themselves in blockchain systems. In 2017, the Ministry of Justice of Ukraine [11] used blockchain technology for the first time to conduct auctions in order to improve the transparency of government transactions. The main purpose was to use the transparency and immutability of the blockchain [12] to make the auction process more transparent, so as to promote the modernization of state institutions and eliminate corruption. Galal et al. [13], [14] proposed the combination of sealed-bid auctions with the ethereum blockchain. The scheme used smart contracts and zero-knowledge proofs to guarantee confidentiality and fairness in sealed-bid auctions. However, the verification phase still needed to be performed by the auctioneer.
Due to the fact that the data on the blockchain is visible to all, there is no guarantee that the auctioneer will not decrypt the data before the auction closes, even if the bidders’ data is encrypted with some cryptographic protocol. The auctioneer may sell the data obtained in advance to malicious bidders for a profit. Therefore, we try to use timed-lock encryption to protect the privacy of bidders.
Time-lock encryption [15], also known as time-released encryption [16], is a method of sending a message to the “future” that allows the message to be released only after the deadline. For example, bob has a secret that he wants to announce in a few days, but he does not want others to know about it in the meantime. So he puts the secret in a box with a “time-lock” [17], [18]. The “time-lock” will only be automatically opened after the deadline and the secret will be released publicly. Time-lock encryption has a simple high-level definition: no key is required, and anyone who can prove that the scheduled time has passed can decrypt it. Liu et al. [19] proposed a scheme to build a time-lock encryption. They cleverly combined blockchain technology and witness encryption. Their scheme used the blockchain as a reference clock for computation and achieved no interaction with the trusted third party. Katz et al. [20] proved that accelerating a sequence square is as difficult as factoring a large integer .
In this work, we propose a sealed-bid e-auction scheme with fair arbitration that is based on the time-released blockchain system. Our contributions are listed as follows:
- 1.
We propose a time-released blockchain based sealed-bid e-auction scheme. In our solution, we deploy the protocol into a smart contract, which eliminates the need for a trusted third party to perform verification, achieving the openness and transparency of the auction can be achieved. Meanwhile, we employ time-released blockchain technology to ensure that no one can decrypt the bidding data in advance during the auction.
- 2.
We propose a fair arbitration mechanism. Unlike previous work, our scheme will require both the bidder and the auctioneer to upload a deposit to the smart contract, and if the bidder is found to be a malicious bidder, the deposit will be given to the auctioneer as a penalty.
- 3.
Our scheme allows bidders to verify the correctness of the auction results even after the auction has ended. In addition, we have conducted a security analysis of the scheme and the results analysis show that our scheme is secure.
The rest of this paper is organized as follows. Section 2 provides the related work associated with sealed-bid auctions and time-lock encryption. Section 3 introduces some preliminaries that will be used in this paper. In Section 4, we give the system model, threat model, and design goals of the scheme. In Section 5, we detail the construction our scheme, and i Section 6 we present the security analysis. In Section 7, we provide the performance evaluation and conclude the paper in Section 8.
Section snippets
Related work
To implement the privacy protection, Zhang et al. [21] deployed a trusted third-party agency to distribute keys, but this is vulnerable to single-point attacks. [22] suggested to employ a semi-honest cloud platform to protect the private data of all parties. Franklin et al. [23] gave a mechanism for the use of distributed services to implement sealed-bid auctions. Guo et al. [24] gave a secure first-price sealed-bid auction scheme, in which they combined the comparable encryption with
Preliminaries
In this section, we introduce the related properties of blockchain and time-released blockchain.
System model and problem statement
This section presents the system model, threat model, design goal, and notations of the time-released blockchain based sealed-bid e-auction scheme.
The construction of our scheme
This section describes our sealed-bid e-auction scheme with fair arbitration, namely SSBAS-FA, which is comprised of three parts: lots of bidders, a auctioneer and a time-released blockchain. The auctioneer initiates auction and bidders upload the encrypted bids to the blockchain, where the verification work is done in a smart contract. Our scheme consists of five sub-protocols: KeyGen, Register, Auction, Bidding and Verify that is show in Fig. 3.
- •
KeyGen: The key generation algorithm generates
Security analysis
In this section, we will comprehensively analyze the security in terms of data security, auction transparency and fair arbitration.
Theorem 1 The bidding data of SSBAS-FA scheme are secure in time-released encryption.
Proof In our SSBAS-FA scheme, the bidding data is encrypted by the public key set and put on the time-released blockchain. Suppose an external attacker wants to change the bidding data on the time-released blockchain, he needs to modify the contents of the existing blocks.
Performance evaluation
In this section, we will compare the features of our scheme with those of other time-released sealed-bid related schemes. Then we will analyze the computational complexity of the schemes and the communication overhead of the corresponding processes. We employ the python programming language to implement our solution. The environment in which we perform our experiments is Intel(R) Core(TM) i5-8400 CPU @ 2.80 GHz, 16.0 GB RAM, Windows 10.
Conclusion
In this paper, we propose a sealed-bid e-auction scheme that is based on the time-released blockchain. By combining time-lock encryption technology with blockchain, we employ time-released blockchain to guarantee the correctness and fairness of sealed-bid auctions. Our scheme can prevent untrustworthy auctioneers from tampering with sealed bids before the end of auction procedure. Meanwhile, we do not deploy a trusted third party to perform the validation of auction which obtain the full
Declaration of Competing Interest
The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.
Acknowledgments
This work is supported by the National Natural Science Foundation of China under grants 62072134 and U2001205, and the Key Research and Development Program of Hubei Province under Grant 2021BEA163.
Mingwu Zhang is a Professor with the School of Computers, Hubei University of Technology, Wuhan, China, and also the Director of the Hubei Engineering Research Centre for Industrial Big Data. He received the M.S. degree from Hubei Polytechnic University in 2000, and the Ph.D. degree from South China Agric University in 2009, respectively. From 2010 to 2012, he was a JSPS Postdoctoral Fellow with the Japan Society of Promotion Sciences, Institute of Mathematics for Industry, Kyushu University,
References (38)
- et al.
Truthful auctions for e-market logistics services procurement with quantity discounts
Transp. Res. B
(2020) - et al.
Behavioral models for first-price sealed-bid auctions with the one-shot decision theory
European J. Oper. Res.
(2017) - et al.
A survey on blockchain for information systems management and security
Inf. Process. Manage.
(2021) - et al.
System architecture for blockchain based transparency of supply chain social sustainability
Robot. Comput.-Integr. Manuf.
(2020) - et al.
PPDDS: A privacy-preserving disease diagnosis scheme based on the secure mahalanobis distance evaluation model
IEEE Syst. J.
(2021) - et al.
Decentralized transactive energy for flexible resources in distribution systems
IEEE Trans. Sustain. Energy
(2020) Quantum sealed-bid auction without a trusted third party
IEEE Trans. Circuits Syst. I. Regul. Pap.
(2021)- et al.
PP-VCA: A privacy-preserving and verifiable combinatorial auction mechanism
Wirel. Commun. Mob. Comput.
(2020) - et al.
Estimation in english auctions with unobserved heterogeneity
Rand J. Econ.
(2020) - et al.
Bidding behavior in dutch auctions: Insights from a structured literature review
Int. J. Electron. Commer.
(2017)
How to obtain full privacy in auctions
Int. J. Inf. Secur.
Ukrainian ministry carries out first blockchain transactions
Blockchain technology in finance
Computer
Succinctly verifiable sealed-bid auction smart contract
Verifiable sealed-bid auction on the ethereum blockchain
Time-Lock Puzzles and Timed-Release CryptoTechnical Report MIT/LCS/TR-684
Efficient and non-interactive timed-release encryption
Homomorphic time-lock puzzles and applications
Cited by (0)
Mingwu Zhang is a Professor with the School of Computers, Hubei University of Technology, Wuhan, China, and also the Director of the Hubei Engineering Research Centre for Industrial Big Data. He received the M.S. degree from Hubei Polytechnic University in 2000, and the Ph.D. degree from South China Agric University in 2009, respectively. From 2010 to 2012, he was a JSPS Postdoctoral Fellow with the Japan Society of Promotion Sciences, Institute of Mathematics for Industry, Kyushu University, Japan. From 2015 to 2016, he was a Senior Visiting Scholar with the School of Computing and Information Technology, University of Wollongong, Australia. His research interests include cryptography technology for networks and data security, secure computation, and privacy preservation in big-data and clouds. He has served as a Program Committee Member of several international conferences and published over 100 articles in international conferences and journals, such as ASIACRYPT, ACISP , ProvSec, ISPEC, Inscryp, the IEEE Transaction On Information Forensics and Security, the Theoretical Computer Science, and the IEEE Transaction on Dependable and Secure Computing, and Des Codes and Cryptography. Prof. Zhang received five Best Paper Awards in the international conference, such as ACISP’18 and Inscrypt’18, etc.
Mingxuan Yang is currently pursuing the master’s degree with the School of Computer Science, Hubei University of Technology, China. His current research interests include information security and privacy preservation in internet of things and blockchain.
Gang Shen received the B.S. degree in electrical automation from Wuhan Institute of Technology, China in 2002, and the M.S. degree in control theory and control engineering from Huazhong University of Science and Technology in 2009, and the Ph.D. degree in traffic information engineering and control from Wuhan University of Technology in 2019, respectively. He is currently a lecturer with the School of Computer Science, Hubei University of Technology. His current research interests include cryptography, network security and privacy preservation.