SECURE
SIMPLE
EFFICIENT
Jakob I. Pagter
USING MARKET DESIGN
AND CRYPTOGRAPHY TO
ENABLE NEW BUSINESS
Cryptography meets Economy
Economists
looking for a
”social planner”
HEUREKA!
Cryptographers
looking for a
problem
5 (five!) years later
• 
Three PC’s on LAN computes
clearing price based on apx.
2400 encrypted bids which
are never decrypted.
• 
Finally – a market clearing
price and the amount of quota
that each farmer must sell/
buy – the result is decrypted
• 
Following, the production
rights (quota) for 25000 tons
of sugar changes hands
Public-key cryptography
!  "#$%#&'($%'&#)#*+#&',(-'.#/'0(*&1'2$#'
32&'#$)&/04$5'($%'2$#'32&'%#)&/04$5'
!  671'0(%82).'
6+#&/92%/')($'-,:;';,#'82).'<#$)&/0;='
9:;'2$8/';,#',28%#&'23';,#'>(;),*$5'.#/'
)($'20#$';,#'82).'<%#)&/0;='
“Shallow” confidentiality
*$0:;?'
60.<*$0:;?='
?F  G#)&/0;'
@F  H2>0:;#'
*$0:;@' 60.<*$0:;@='
*$0:;A'
60.<*$0:;A='
D&:-;#%'D,*&%'E(&;/'
60.<*$0:;B='
*$0:;B'
*$0:;C'
60.<*$0:;C='
&#-:8;'
“Deep” confidentiality
*$0:;?'
*$0:;@'
*$0:;A'
60.<*$0:;?='
60.<&#-:8;(;='
60.<*$0:;@='
60.<*$0:;A='
DDE?'
DDE@'
60.<*$0:;B='
*$0:;B'
60.<*$0:;C='
DDEA'
*$0:;C'
DDEC'
&#-:8;'
DDEB'
Back to the sugar beets
• 
Grown and sold to Danisch based
on EU quotas (like fish, milk, etc.)
• 
• 
Untill 2007/2008 trading of quotas
has been done by bilateral trades
facilitated through paper ads,
personal connections etc.
One out three factories shut down
and guaranteed prices lowered =>
a lot of growers near shut down
factory who wishes to sell
• 
Theoretical analysis indicate that a
central exchange could
–  Increase turnover with as much as
400%
–  Ensure almost full use of entire
national quota (less than 50% use
without re-allocation)
An exchange (double auction)
•  All growers submit one or more bids on the form
–  Buy (maxprice, volume)
–  Sell (minprice, volume)
•  Aggregated demand (supply):
Total volume bought (sold) at given
price
•  Market Clearing Price: the price
where supply equals demand
•  This auction design and market size makes it optimal to bid
truthfully, which ensures that all preferred trades are realised.
Tillidsproblem
• 
Optimalt for dyrkerne at byde
”sandfærdigt” i henhold til deres
indtjeningsevne
• 
Danisco kan potentielt udnytte
viden om dyrkernes
indtjeningsevne
• 
Danisco ønsker samtidigt at
kontrollere handlen med kvoter,
pga. udestående gæld mv.
Modstridende interesser!!
–  Dyrkerne ønsker ikke at
Danisco kan se bud
–  Danisco har behov for at
kontrollere budene
• 
Hvordan kan gevinsterne ved en
central børs realiseres?!
Trust problem
Growers do
not want
Danisco to
see bids
How can
market
potential be
realised?!
Danisco
needs to
see and
verify bids
Systems architecture
Us
Danisco
SIMAP webserver
session
DB
DB
LAN
log-in
Java-applet
DB
Grower representative
Encrypted bid(s)
grower
bidding
Danisco
DB
clearing
Enabling new business with SMC
Shallow
confidentiality
Deep
confidentiality
Small
administrative
overhead
Every decrypted
by
TTP
Insider access =
>
problems
No insider threat
No confidential
data decrypted
In practice
used to
realise “good
enough”
security
Cloud computing
Cloud Computing
•  Cheap (economies of
scale/pay-by-the-drink)
•  Elastic
•  Innovation catalyst
•  Maybe more secure…?
Types (NIST)
•  IaaS – Infrastructure-as-aService
•  Amazon Web Services
•  PaaS – Platform-as-aService
•  Microsoft Azure
•  SaaS – Software-as-aService
•  Google Apps
Auctions-as-a-Service (“SaaS”)
Cloud A
2. Submit bids
1. Define
auction
Cloud C
Cloud B
4. Make the deal
3. Find
winner
Cloud D
Mechanism design with SMC
Security
•  Confidential data
never decrypted
•  “Good enough”security
Simplicity
•  Security policy
reduced to
“protect your key”
•  Small TCB!
Efficiency
•  Manuel
procedures
replaced by
computers
•  Cloud-enabled
Cloud brokering (a CFEM-topic?)
Cloud
Provider A
Cloud
Provider B
Cloud
Provider C
properties
properties
properties
Cloud Broker
preferences
recommendation
Job
Security,
price,
performanc
e, stability,
…
Questions?
[email protected]
www.partisia.com