GAME THEORETIC MODELS OF COMPUTATION
By Devang Thakkar
SUBMITTED IN PARTIAL FULFILLMENT OF THE REQUIREMENTS FOR THE DEGREE OF MASTER OF SCIENCE AT COLUMBIA UNIVERSITY NEW YORK, NY DECEMBER 2004
c Copyright by Devang Thakkar, 2004
COLUMBIA UNIVERSITY DEPARTMENT OF COMPUTER SCIENCE The undersigned hereby certify that they have read and recommend to the Faculty of Graduate Studies for acceptance a thesis entitled “Game
Theoretic
Models
of
Computation”
by Devang Thakkar in partial fulfillment of the requirements for the degree of Master of Science.
Dated: December 2004
Supervisors: Lisa K. Fleischer, Tal G. Malkin, Sal J. Stolfo
Supervisors: Lisa K. Fleischer, Tal G. Malkin, Sal J. Stolfo
Reader:
ii
COLUMBIA UNIVERSITY Date: December 2004 Author:
Devang Thakkar
Title:
Game Theoretic Models of Computation
Department: Computer Science Degree: M.Sc.
Convocation: May
Year: 2004
Permission is herewith granted to Columbia University to circulate and to have copied for non-commercial purposes, at its discretion, the above title upon the request of individuals or institutions.
Signature of Author THE AUTHOR RESERVES OTHER PUBLICATION RIGHTS, AND NEITHER THE THESIS NOR EXTENSIVE EXTRACTS FROM IT MAY BE PRINTED OR OTHERWISE REPRODUCED WITHOUT THE AUTHOR’S WRITTEN PERMISSION. THE AUTHOR ATTESTS THAT PERMISSION HAS BEEN OBTAINED FOR THE USE OF ANY COPYRIGHTED MATERIAL APPEARING IN THIS THESIS (OTHER THAN BRIEF EXCERPTS REQUIRING ONLY PROPER ACKNOWLEDGEMENT IN SCHOLARLY WRITING) AND THAT ALL SUCH USE IS CLEARLY ACKNOWLEDGED.
iii
To Family
iv
Table of Contents Table of Contents
v
Abstract
vii
Acknowledgements
viii
Introduction
1
1 Games People Play 1.1 Introduction . . . . . . . . . . . . . . . . . 1.2 Quick Primer on Game Theory . . . . . . 1.2.1 Representation of Games . . . . . . 1.2.2 A Beautiful Mind:Nash Equilibrium 1.2.3 Other Equilibriums . . . . . . . . . 1.3 Important Algorithms . . . . . . . . . . . 1.4 Mechanism Design . . . . . . . . . . . . . 1.4.1 Mechanisms . . . . . . . . . . . . .
. . . . . . . .
2 2 3 4 5 5 6 6 6
. . . . .
8 8 9 10 10 10
3 Game Theoretic IDS 3.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3.2 The Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3.2.1 Training . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
12 12 13 13
2 Games Computers Play 2.1 Introduction and Motivation . . . . . . . . 2.2 Fault Tolerant and Distributed Computing 2.3 Cryptography . . . . . . . . . . . . . . . . 2.4 Complexity . . . . . . . . . . . . . . . . . 2.5 Intrusion Detection . . . . . . . . . . . . .
v
. . . . . . . .
. . . . .
. . . . . . . .
. . . . .
. . . . . . . .
. . . . .
. . . . . . . .
. . . . .
. . . . . . . .
. . . . .
. . . . . . . .
. . . . .
. . . . . . . .
. . . . .
. . . . . . . .
. . . . .
. . . . . . . .
. . . . .
. . . . . . . .
. . . . .
. . . . . . . .
. . . . .
. . . . . . . .
. . . . .
. . . . . . . .
. . . . .
. . . . . . . .
. . . . .
3.2.2 3.2.3 3.2.4 3.2.5 3.2.6 3.2.7 3.2.8
The Game . . . . . . . . . . . . . . . Testing . . . . . . . . . . . . . . . . . Extensions and Implementation Ideas Ideas for Model Storage . . . . . . . Ideas for Maliciousness Score . . . . Auto-nice . . . . . . . . . . . . . . . Future Work . . . . . . . . . . . . . .
4 Rational Secret Sharing 4.1 Background . . . . . . . . . . . . . . . . . 4.1.1 Secret Sharing . . . . . . . . . . . . 4.2 Rationality and the class of NCC functions 4.3 The problem and survey of results . . . . . 4.4 The Market Model . . . . . . . . . . . . . 4.4.1 Introduction . . . . . . . . . . . . . 4.4.2 Market Equilibrium . . . . . . . . . 4.4.3 Intuition . . . . . . . . . . . . . . . 4.5 Conclusion . . . . . . . . . . . . . . . . . . 5 Turing Games 5.1 Background . . . . . . . . . . . . . . 5.1.1 Machine Games . . . . . . . . 5.1.2 Equilibria in Machine Games 5.2 Turing Games . . . . . . . . . . . . . 5.2.1 Introduction . . . . . . . . . . 5.2.2 Automata and Games . . . . 5.2.3 Transforms . . . . . . . . . . 5.2.4 Conclusion . . . . . . . . . . . 5.3 Conclusions and Future Work . . . . Bibliography
. . . . . . . . .
. . . . . . . . .
. . . . . . . . .
. . . . . . . . .
. . . . . . . . .
. . . . . . .
. . . . . . . . .
. . . . . . . . .
. . . . . . .
. . . . . . . . .
. . . . . . . . .
. . . . . . .
. . . . . . . . .
. . . . . . . . .
. . . . . . .
. . . . . . . . .
. . . . . . . . .
. . . . . . .
. . . . . . . . .
. . . . . . . . .
. . . . . . .
. . . . . . . . .
. . . . . . . . .
. . . . . . .
. . . . . . . . .
. . . . . . . . .
. . . . . . .
. . . . . . . . .
. . . . . . . . .
. . . . . . .
. . . . . . . . .
. . . . . . . . .
. . . . . . .
. . . . . . . . .
. . . . . . . . .
. . . . . . .
. . . . . . . . .
. . . . . . . . .
. . . . . . .
. . . . . . . . .
. . . . . . . . .
. . . . . . .
. . . . . . . . .
. . . . . . . . .
. . . . . . .
14 14 16 16 16 17 17
. . . . . . . . .
18 18 18 20 21 23 23 23 23 24
. . . . . . . . .
26 27 27 29 30 30 32 32 34 35 36
vi
Abstract The main aim of this work is to study the overlap between two rich mathematical fields viz. game theory and computer science.
vii
Acknowledgements I would like to thank my advisors Tal Malkin, Sal Stolfo and Lisa Fleischer for their many suggestions and constant support during this research. I am thankful to Prof. M. Yanakakis for his interest in my work and supplying me with the preprints of some of his unpublished work. Of course, I am grateful to my parents for their patience and love. Without them this work would never have come into existence (literally). I would also like to thank my sister for always being there for me. Finally, I wish to thank the following: Nick Edwards (for listing to my ideas ... he has suffered the most); Daniel Peng (for hosting me in Princeton where i actually started typing ); Greg Chapman (for encouraging me during my summer at Microsoft) and Abhishek Surana(for all the good and bad times we had together). New York, NY December 15, 2004
Devang Thakkar
viii
Introduction
1
Chapter 1 Games People Play 1.1
Introduction
At each and every point of our lives we make choices. We thus make calculated decisions in order make gains(or maybe just carry on with life). Many times people are involved in conflicts i.e. there is a clash among peoples interests. These are interesting scenarios and game theory can be defined as a bag of mathematical tools which helps in analyzing the interaction of rational decision makers. I use the term rational here since people generally do things which is good for them. Game theory was introduced by von Neumann and O. Morgensten [24] in the 40’s to systematically study social behavior. Though the main application of Game Theory in its early stages was strategy design for the purpose of warfare it has been studied by people from different fields; from mathematicians to economists and lately by computer scientists. The sections that follow though not aimed to make you a game theorist give a solid foundation in the basics of game theory and presents concepts which would be used in later chapters.
2
3
1.2
Quick Primer on Game Theory
As mentioned earlier a game can be defined as follows
Definition 1.2.1. A Game can be defined as interaction between rational decision makers. Game theory provides us with a bag of analytical tools designed to help us understand the phenomenon we observe when decision makers interact. [?]A game could be anything from a talk between two people to a negotiation between two or more nations. Each player in the game wants to maximize his or her payoff at the end of the game. Thus Game theory deals with ”rational behavior” There are different kinds of games. Here are a list of the more important categories of games: 1. Non-random vs. Random - Random games include some randomizing element: dice, a spinner, dealing of cards. Non-random games are pure strategy: Chess, Checkers, tic-tac-toe, etc. 2. Perfect Knowledge vs. Non-perfect Knowledge - Perfect knowledge games are those where all the components of the game are visible to all players: Chess, Checkers, Monopoly, etc. Non-perfect have hidden aspects, such as card games, Battleship etc. 3. One Player, Two Player, n - Player games - Solitary games (mazes, puzzles, etc.) can also include cooperative games where everyone is trying to solve the same thing without competition. Two players are those that only involve two, no less no more, players (chess, Battleship, etc.) or teams (sports for example).
4
n - player games involve two or more, such as Monopoly, poker, the lottery, or the stock market. 4. Zero Sum vs. Non-Zero Sum - In zero sum games, the total value of the game stays the same or goes down. Chess is a zero sum game, because the number of chess pieces available never goes up. Non-zero sum games are those where values can and do rise. Go is a non-zero sum board games where pieces are added to the board as the game progresses
1.2.1
Representation of Games
[rep] A game is generally represented as hN, (Ai ), (�i )i where N is the number of players, A is the strategy space and � is the preference relation over the set of actions. Simple games are often represented in tabular format as follows: Consider the classical example of Prisoners Dilemma. Say Alice and Bob are two suspects in a crime. They are put into two separate cells. If both confess each gets 10 year imprisonment, if none confess each gets 1 year imprisonment. However if only one confesses he/she stands witness against the other and gets no penalty while the other one gets 20 years of imprisonment.
Graphically : Alice/Bob
Don’t Confess
Confess
Don’t Confess
(10,10)
(20,0)
Confess
(0,20)
(1,1)
Here the rows stand for the action space of Alice and the columns for the action space of Bob. The entries in the table stand for the payoffs to each player as per their
5
selected action.
1.2.2
A Beautiful Mind:Nash Equilibrium
The most commonly used solution concept in game theory is that of Nash Equilibrium. It captures the steady state of play of a strategic game; however it does not describe the process that lead to this steady state. Definition 1.2.2. A Nash equilibrium of a strategic game hN, (Ai ), (�i )i is a profile a∗ ∈ A of actions with the property that for every player i ∈ N we have (a∗−i , a∗i ) �i (a∗−i , ai )∀ai ∈ Ai
Nash equilibrium is thus a point in the game where no player has any incentive to do better.
In our Prisoners Dilemma of section ?? the Nash Equilibria is (10,10), because at this point no player has any incentive to change his/her strategy.
1.2.3
Other Equilibriums
Though Nash equilibrium is an elegant concept the problem with it is that not every game has a pure strategy Nash equilibrium and even if there exists one it is difficult to find. Hence other steady state concepts were developed and used to study the properties of the game. 1. Mixed Strategy Nash equilibrium Using Kakutani’s fixed point theorem John Nash Jr [13] proved the following theorem
6
Theorem 1.2.1. Every finite strategic game has a mixed strategy Nash equilibrium. Nash was able to prove that, if we allow mixed strategies (players choose strategies randomly according to preassigned probabilities), then every n-player game in which every player can choose from finitely many strategies admits at least one Nash equilibrium of mixed strategies. 2. Correlated Nash Equilibrium
1.3
Important Algorithms
Lemke Graphical Games
1.4
Mechanism Design
Mechanism design or Implementation theory as it is often called it the reverse of what we have discussed so far. Here a planner is assumed to set the rules of the interaction, and the individuals, when confronted with these rules are assumed to abide by them. Thus planner makes the rules but does not dictate the actions or preferences.
1.4.1
Mechanisms
A mechanism m = (o,p) is composed of two elements: 1. An output function o(), and
7
2. A n-tuple of payments p1 ()...pn () Specifically : The mechanism defines for each agent i a family of strategies Ai . The agent can chose to perform any And gives the output function and the payments to each player. The basic idea of using mechanism design is to build a mechanism wherein the best strategy for any player is to act truthfully i.e. not cheat. This can be done by making the payoffs such that you get the best result if you act correctly.
Chapter 2 Games Computers Play 2.1
Introduction and Motivation
This section gives a birds eye view of areas where game theory and computer science overlap. It serves as a survey of problems where each of these fields could aid the other. The main sources for this section are works of N. Linial [6],C. Papadimitriou [15], M. Yanakakis [10] and J. Halpern [4]. The central concept involved is that computers interact in may ways and the rationality involved in this interaction is human rationality since humans are the ones who make these machines interact. Hence it is quiet logical to apply techniques learned in game theory to these problems. This would thus mean to device protocols in such a manner that complex systems can continue their interaction despite the failure of a certain fraction of their members. N. Linial [6] summarizes the areas of overlap between game theory and computer science are as follows 1. Exploring the relation between the computational power of players and the outcome of the games. 2. Classifying the various game theoretic parameters based on their computational 8
9
complexity and developing algorithms for them. 3. Using game theoretic techniques in fault tolerant computing to carry on the task in spite of failure of certain components. 4. Using game theoretic principles in distributed computing to solve issues concerning efficient co-operation between computers. 5. Analysis of algorithms uses the idea of an opponent providing the worst case input to find bounds on the running time. In addition to these various other interesting areas have also been explored over the years such as application of game theory to computational genomics, learning theory and testing and verification of reactive systems [?].
2.2
Fault Tolerant and Distributed Computing
In large complex computing systems the main problem to cope with is reliability. Components may malfunction, communication channels might operate at varying speeds, precision faults may accumulate and may more such cases may cause the result to differ. This kind of functioning is unacceptable when the complex system in question supports critical systems such as medical diagnosis, life support, military and space operations.
This scenario can be regarded as a game between the correctly functioning parts and the malfunctioning parts. The good parts are expected to drive the computation to the correct result without knowing how many or which of the other parts have
10
failed provided the number of failing parts is not too large.
The basic question of this form is generally called ”Byzantine agreement” and can be naturally defined in game theoretic terms as the problem of establishing common knowledge in the absence of reliable message passing. There has been a lot of research in this area and most of the work is focused finding the bound of the number of bad players and the effect of the amount of information available to bad players. Timing is also a key parameter in the study of Byzantine agreement. A number of solutions to the Byzantine agreement protocol exist. Unfortunately, the fundamental impossibility result of [3] demonstrates that there is no deterministic algorithm for achieving agreement in the asynchronous setting even against benign failures. One solution which overcomes this problem, first introduced by Rabin [17] and Ben-Or [1], is to use randomization. A randomized protocol uses random assignment, for example electronic coin tossing, and its termination is therefore probabilistic.[2] gives a good account of various models in this scenario.
2.3
Cryptography
2.4
Complexity
2.5
Intrusion Detection
Intrusion detection is the process of detecting anomalous behavior in the network. The most intuitive thing to do in order to detect anomalous behavior is to use machine
11
learning techniques to train the algorithm with the profiles of good and bad data and then the algorithm would term a new data item as good or bad depending on whether it is close to a good profile or a bad one. This is nothing but a classification problem in machine learning. The main problem in this approach are the availability of training data. A classic example of the classification technique is the one of Spam detection. The idea is to collect samples of spam and non-spam email and train a model which is nothing but a classifier. Then to differentiate whether a new email is spam or not we just have to find which profile it is closest to. The simplest possible solution is to maintain a count of each word in the emails and hence the probability of words. This would then facilitate in calculating the likelihood of a new document falling into a particular category based on these probabilities. From this simple Bag of Words model to the recent and complicated results of Boosting Intrusion detection largely relies on techniques offered by machine learning.
Chapter 3 Game Theoretic IDS 3.1
Introduction
In this paper we consider the problem of detecting intrusion based on process histories. The model that we propose is based on the principles of game theory. Two key areas of interest in security are intrusion detection and intrusion prevention [5]. Our model is built to handle the first problem but we believe that it can be easily extended to handle the latter problem as well.Intrusion in networks takes many forms including denial of service attacks, viruses introduced into networks etc. Typically in an intrusion problem, the intruder attempts to gain access to a particular file server or website (we term this as the ”host” machine) in the network. In order to gain access to a host the intruder has to make the host do something for it i.e gain some resources from the host. For this purpose the intruder has to run a malicious process on the host. Hence we can view this as a game for resources between the host and the malicious process planted by the intruder. In Section ?? we give a brief background on game theory and intrusion detection. 12
13
In Section 3.2 we describe the main ideas of our model. Finally in Section 3.2.4 we present extensions of the model and implementation ideas.
3.2
The Model
Our Model is a very simple based on the the ideas discussed in section ??. This section is divided into 3 parts. In the first one we give an idea of how the model is trained and the parameters of the model. In part 2 we discuss the resource game and finally in part 3 we discuss the testing phase or the solution of our game.
3.2.1
Training
We propose that host based intrusion detection can be carried out using process history as the decision metric. Now every process running on the host machine performs certain tasks from the time it begins(start of process) to the time it has been termed as killed (end of process). Now these tasks could be simple memory or I/O read writes or more complex CPU or bandwidth usage. These are the tasks that the process requests from the host. For this prototype game of ours we propose tuples hCP U, M emory, Bandwidthi or for short hci , mi , bi i at step i as the parameters for our model. Now we define the path of a process as follows Definition 3.2.1 (Path). The path of a process is the set of discrete tuples i.e. steps of the form hci , mi , bi i that the process takes during its lifetime. For the purpose of training we collect process profiles over a period of time and find all possible paths that a process could follow from start to end. Training implies that we have profiles of both normal and abnormal or malicious processes. Thus at the
14
end of training we have a labeled set of paths. This is a good basis for classification.
3.2.2
The Game
Form the model described above the process requests services from the host in the form of resources and the host allocates resources to various processes as per its resource allocation algorithm. Now let us consider the point of view of the a malicious process designer. His main goal is to maximize damage and minimize the probability of getting caught. Similarly the objective of the host is to minimize damage and maximize the probability of catching the malicious process. This is thus a simple 2-player zero sum game and can be represented mathematically as follows:
Goal of intruder : min(max(Pr[catching the malicious process]))
Goal of Host : max(min(Pr[catching the malicious process]))
Our Goal is to find the Nash Equilibria of this game and then to design a mechanism for the host to detect intrusion.
3.2.3
Testing
Now we make an assumption that the malicious process designer is very intelligent and knows that the host has a profile of malicious processes. Hence the designer designs the process in such a manner that it would avoid following a malicious path as far as possible and hence avoid being caught. Now at each step of the process the
15
host calculated a score which indicates how near is the process to a malicious process. Logically if say for l consecutive steps the score of maliciousness for a process is above a particular threshold then we can term the process malicious and the host can start taking action. Now totally cutting off the process involves legal issues because machine learning always involves false positives. Now to give the host more time to analyze the process we propose that the hosts strategy should be to reduce the recourse allocation to the process based on the maliciousness score of the process collected at each step of the process [16]. Mathematically : Let α, βandγ be the resource allocation rates for CPU(c), Memory(m) and Bandwidth(b) then
1 αi α score
Let C be the threshold for maliciousness in the CPU domain. Then score of maliciousness at step i is given by d(C − ci )
Hence
1 αi α d(C−c i)
1 Similarly βi α d(M 1−mi ) and γi α d(B−b i)
This strategy would come into effect only if the process has shown signs of maliciousness i.e. its score has come above a particular threshold for say k consecutive steps.
16
3.2.4
Extensions and Implementation Ideas
3.2.5
Ideas for Model Storage
The model in our case is a collection of discrete paths from the start of the process to the end of the process. These paths are labeled to help us distinguish in the training phase between malicious and non-malicious paths. We can store this model on a file in simple matrix format as follows: Process/Step
1
2
3
4
Label
P1
(1,2,3)
(7,5,4)
End
-
0
P2
(6,7,8)
(12,2,0)
(0,0,0)
End
0
P3
(0,0,22)
(0,0,22)
(0,0,22)
End
1
P4
(50,50,50)
(50,50,50)
(50,50,50)
(50,50,50)
1
. . . . . . Where the value in each column is the discrete tuple of (c,m,b) at that step and the last step stands for the label to that process. Here ’0’ stands for normal process and ’1’ stands for malicious process.
3.2.6
Ideas for Maliciousness Score
Once the model has been trained the next step is to find the maliciousness score for a process at each step of its life. This score is nothing but how close is the process is to maliciousness. We can calculate this score by using any suitable distance metric such as least squares, absolute etc. The choice of the distance depends on the minimization of training error.
17
3.2.7
Auto-nice
We could extend our model for the purpose of efficient bandwidth utilization in a network. Consider the problem wherein people purchase bandwidth as per their requirements. Now sometimes they may require more bandwidth as compared to other times. Once solution to the problem could be pay per use kind of package wherein every user is billed dependant on usage. This has issues with what bracket a user falls into and fixed pricing of that bracket. However we believe that we could have a system running on a LAN which would learn from user profiles and then automatically allocate pricing and bandwidth as and when demanded by the user. This would thus handle selfish users and also protect the interests of genuine users. [19]
3.2.8
Future Work
The following could be future work in this area. • Real time virus and worm detection and distributed denial of service. [8] • Incremental strategies using different machine learning techniques. [23] • Reducing training error by using the ideas of boosting from machine learning. • Comparing the accuracy of this model to current intrusion detection systems.
Chapter 4 Rational Secret Sharing Introduction Classical cryptography concerns itself mostly with parties that are either wholly good or wholly bad. Unfortunately this is often not an accurate reflection of the real world. Game theory provides a way to consider participants who are willing to be malicious as and when it suits their needs. In this paper we explore this rational model of cryptography.
4.1
Background
This section provides the necessary background material.
4.1.1
Secret Sharing
In [7], Liu considers the following problem:
18
19
Eleven scientists are working on a secret project. They wish to lock up the documents in a cabinet so that the cabinet can be opened if and only if six or more of the scientists are present. What is the smallest number of locks needed? What is the smallest number of keys to the locks each scientist must carry?
It is not hard to show that the minimal solution uses 462 locks and 252 keys per scientist. These numbers are clearly impractical, and they become exponentially worse when the number of scientists increases.
In [20], Shamir provides an general approach to the problem summarized as follows: Let the secret is some data D (e.g., the safe combination) and in which nonmechanical solutions (which manipulate this data) are also allowed. Our goal is to divide D into n pieces D1 , ..., Dn in such a way that:
(1) knowledge of any k or more Di pieces makes D easily computable;
(2) knowledge of any k - 1 or fewer Di pieces leaves D completely undetermined (in the sense that all its possible values are equally likely).
Such a scheme is called a (k, n) threshold scheme.
20
4.2
Rationality and the class of NCC functions
As stated earlier everyone involved in this protocol is rational. Each person wants the best out of the transaction. We can categorize the preferences of rational players as follows: 1. Correctness: This stands for every rational players preference for the correct result. 2. Exclusivity: This stands for the preference for a case where minimum number of other players can get the correct result. 3. Privacy: This stands for the players wish that no other players know his/her private input. 4. Voyeurism: This stands for the players wish to get hold of someone else’s private input. Shoham, Porter, McGrew [?] classified functions which can be used in a non cooperative computing environment. Fig ?? gives the summary of the classification of NCC functions as per the ordering of the preferences of players. A function is said to be dominated by a single party if that party can control the value of the output of the function and it is said to be reversible if it is possible to compute the value of the input based on the output of the function. A function which is reversible or dominated is ruled out of the NCC class. Intuitively there are conflicts between the preferences of various players. For example voyeurism for me conflicts with someone else’s privacy preference, similarly my own exclusivity and correctness preferences might clash at times. Thus all functions which rank exclusivity over correctness have
21
been ruled out of the NCC class of functions. For having privacy over correctness it is necessary that there is no partial privacy violation and for voyeurism over correctness there should be a voyeurism tie for all agents. For details [?].
4.3
The problem and survey of results
The problem in the secret sharing scheme is that there is no incentive for rational users to act correctly. If each player assumes that other (n-1) players would submit their secret then he/she doesn’t have any incentive to send in the secret. Thus not sending the secret weakly dominated sharing it. Teague and Halpern [22]provide an analysis of this rational model and give a randomized mechanism for secret sharing. They give the following result Theorem 4.3.1. Impossibility Result There is no practical mechanism with commonly known bound on its running time for rational secret sharing. From the impossibility result we know that any protocol built to perform rational secret sharing must be able to generate an infinite game tree. This requires a protocol whose end state depends on some randomness. Consider a protocol between three clients where the issuer has distributed unique secret shares to all parties. At the beginning of every round participants flip a coin in such a way that the result of the coin toss is revealed to all participants at the end of the round. If a player’s coin is heads then they are expected to reveal their share of the secret, if it is tails they are expected to do nothing. If a player’s actions deviant from what is dictated by their coin toss then the protocol is halted, otherwise the protocol continues with the issuer refreshing the secret shares at the beginning of
22
each round until all coins come up heads and all secrets shares are exchanged. This protocol, while rather simple and naive, gives some insight into what a successful rational protocol might look like. A participant who follows the protocol has a very high, though, as we shall see, a less than certain, chance to receive the total secret. A participant whose coin is heads and chooses to withhold his secret does have a chance, 1/4, to learn the total secret while depriving the other parties of learning it but also runs a high risk, 3/4, of ending the protocol and not learning the secret. As a result any participants who value learning the secret more than three times as much as they value learning it exclusively will follow this protocol. However, this protocol has some significant flaws. Even if all parties behave correctly there is a 3/8 chance that one party will flip a tail while the other two flip heads, which leads one party to learn the secret while the others don’t. The lucky who has learn the secret then has no incentive to continue with the protocol, having effectively achieved its best cast scenario. In light of this problem, Teague et al proposes the following protocol for rational secret sharing. 1. The issuer creates and sends a signed share of the secret to each participant. 2. Each player i chooses a biased random bit ci such that ci = 1 with probability α and ci = 0 with probability 1 − α, and a uniformly random bit c(i,+) . We choose c(i,−) = ci ⊕ c(i,+) . c(i,+) is then send by player i to player i+ and c(i,−) to player i− . 3. Each player i sends c(i,−) ⊕ ci to player i− . 4. Each player can now compute p = c(i+ ,+) ⊕ c(i− ,−) ⊕ ci+ ⊕ ci = ci− ⊕ ci+ ⊕ ci =
23
c1 ⊕ c2 ⊕ c3 . If p = ci = 1 then player i sends its signed share. 5. If p = 0 and i received no shares, or if p = 1 and i received exactly one share (this can include a share sent by itself) then the protocol is restarted from step one. Otherwise i halts the protocol, as either everyone has learnt the joint secret, or someone has been caught cheating.
4.4
The Market Model
4.4.1
Introduction
In this section I introduce a new model for rational secret sharing.
4.4.2
Market Equilibrium
Details on Arrow-Debreu Market market equilibrium. The idea is that there is always a price such that the market settles and they give an existential proof for that. I try to extend it and create a repeated market.
4.4.3
Intuition
Consider this scenario from the point of view of a market. Every player wants to sell a good in the market. This good is nothing but that players secret. Sketch of the protocol 1. Each players splits the secret ... I have various thoughts on this a) By committing to two selected random numbers b) Splitting based on sealed bids
24
2. a part of each players secret goes to his neighbor by means of this barter ... thus the neighbors theoretically have all of the players secret ... but cannot collude since the randomization isn’t opened and hence the way of combining the results isn’t known 3. once a player gets a part of his neighbors secret ... it gets added on to the inventory and then is sold ... my intuition is that at one point everyone will have everything ... but no one knows when ... i also think everyone would have the full secret at the same time and hence no one could cheat and get away 4. once each player thinks that he/she has the full secret then the process of reconstruction can be started by using the initial randomness ...
4.5
Conclusion
I think its a better model because 1. here no one has an incentive to sit idle since you cant buy anything without paying the price. 2. there is no need for a third party as required by the Teague paper unless we would like to verify the shares ... in which case its still stronger. My problems with this model 1. the issue of sharing the commitment or randomness to regroup the keys reduces to the secret sharing problem ... maybe i am wrong some place and could use some help
25
2. i am not sure how to go about analyzing the security of this protocol.
Chapter 5 Turing Games Introduction Game Theory [24] and Computer Science are both rich fields of mathematics which have evolved over the last five decades. The goals of both these fields are somewhat similar - to solve problems for humans. Game Theory studies the interaction of rational decision makers and gives a bunch of tools that would help in improving decisions. Computer Science on the other hand studies the art of solving problems using a computing machine. Both fields have been running in parallel since their induction (by the likes of von Neumann, Godel, Turing and others) and now they fields seem to be coming closer than before as computer scientists start taking a more rational approach to things(pun intended). Yanakakis and Papadimitriou explored the similarities between bounded rationality and computational complexity [10], Kearns et al [9] studied the use of properties of graph to give simpler algorithms to find important Game Theoretic parameters and there are many more such works. Standing on the shoulders of these giants the idea that I try to explore here is 26
27
that of the analogies between a computation and a game and whether it is possible to our expertise in one field to simplify problems in the other. In section 5.1 I provide the background material and survey of related results. In section 5.2 I provide the intuition for this work and some toy examples.
5.1
Background
This section provides the necessary background material.
5.1.1
Machine Games
The line between the concepts of computational power and decision making power is a very thin one and a key step in relating computer science and game theory. The theory of games is sometimes considered flawed predicting rational behavior. Prisoners Dilemma is an example of this. This is where computer scientists step in. We can give a better view of strategy selection by attaching a complexity parameter to it. This was first pointed out by Papadimitriou[14]. The main ideas of these works is to bound the strategy representing capacity of players and hence induce co-operation. They achieve this bound by representing players as finite automaton and then restricting the number of states the automata can have. Thus in general we could say we have machine playing games for players and we restrict the computational power of there machines and hence the decision making power of the players. Rubinstein and Osborne [11] give the following definitions for a machine and machine game.
28
Definition 5.1.1. Let G = h(1, 2), (Ai ), (ui )i be a game A Machine of player i is defined as a four-tuple hQi , qi0 , fi , τi i in which - Qi is a set of states - qi0 ∈ Qi is the initial state - fi : Qi → Ai is the output function - τi : Qi × Ai → Qi is the transition function. Definition 5.1.2. A Machine Game of the δ-discounted infinitely repeated game h(1, 2), (Mi ), (�i )i in which for each player i 1) Mi is the set of all finite machines for player i in the infinitely repeated game. 2) �i is a preference ordering that is increasing in player i’s payoff in the repeated game and decreasing in the complexity of his machine: (M1 , M2 ) �i (M10 , M20 ) whenever either Ui (M1 , M2 ) > Ui (M10 , M20 ) and c(Mi ) = c(Mi0 ) or Ui (M1 , M2 ) > Ui (M10 , M20 ) and c(Mi ) < c(Mi0 ).
Where U is the utility function which in case of δ-discounted game is Ui (M1 , M2 ) = (t−1) (1 − δ)Σ∞ ui (at (M1 , M2 )) where at (M1 , M2 ) is the sequence induced by the t=1 δ
machine game and c(Mi ) denotes the complexity of machine i. In order to give complexity criterion for games Papadimitriou and Yanakakis [10] represent a game as a polynomial computable function g(z,x,y) with 3 parameters: z is the string that encodes the game, and x and y encode the strategies. The value of g is a pair of integers - the payoffs. They prove the following interesting results. Theorem 5.1.1. (a)The class of all languages of the form (z: there is a strategy y for II with payoff ≥ 0 against strategy x=e of I) is precisely NP. (b)The class of languages of the form (z:there is a pure equilibrium in game z) is
29
precisely Σp2 . (c)The class of all languages of the form (z:zero-sum game z has an equilibrium with payoff to I at least 0) is precisely EXP. (d)The class of languages of the form (z: game z has an equilibrium with payoff at least 0 to both I and II) is precisely NEXP.
For a detailed proof of the above theorem refer [10]
5.1.2
Equilibria in Machine Games
In this section I provide a survey of results obtained in the quest of finding an equilibria in repeated games. The importance of using automata to analyze repeated games is emphasized in the previous section. The question is how easy or hard is it to find equilibria in such repeated games. The ideas used in the study of equilibria in repeated games are termed as ”folk theorems” and they make use of trigger strategies to take punitive actions against players who deviate. The idea is that the notion of threats can stabilize a wide range of payoff profiles in repeated games.
For infinitely repeated games Aumann and Hart [18] provide a general definition for The Folk Theorem
Definition 5.1.3. The Folk Theorem In the infinitely repeated game all points in the mixed individually rational region are equlibria.
30
Building on this Papadimitriou and Yanakakis[10] provide a definition for The Folk Theorem for Automata where automata is used to play games.
Definition 5.1.4. Folk Theorem for Automata The following are equivalent: a)The infinitely repeated game has a pure equilibrium in automata. b)The infinitely repeated game has a finite mixed equilibrium in automata. c)The pure individually rational region is non-empty. Based on the ideas of the folk theorem Littman and Stone [12] provide an polynomial time algorithm for finding a Nash Equilibrium in a repeated game with average payoff criterion.
5.2 5.2.1
Turing Games Introduction
As seen in the previous sections most work done so far deals with the use of automata to understand, represent and analyze repeated games. But is it possible to go the other way round and harness the power of game theory to solve problems in automata. In this section I survey certain results in this area and give my perspective on the idea. I begin by giving a formal definition of the Turing machine introduced by A. Turing in his 1936 paper [21]. A modified definition is as follows Definition 5.2.1. Turing Machine We can describe a Turing Machine(TM) by a 7-tuple
31
M = (Q, Σ, Γ, δ, q0 , B, F ) whose components have the following meanings: Q: The finite set of states of the finite control. Σ: The finite set of input symbols. Γ: The complete set of tape symbols,Σ is always a subset of Γ. δ: The transition function. The arguments of δ(q, X) are a state q and a tape symbol X. The value of δ(q, X), if it is defined, is a triple (p,Y,D), where : 1. p is the next state in Q. 2. Y is the symbol, in Γ, written in the cell being scanned, replacing whatever symbol was there. 3. D is a direction, either L or R, standing for ”left” or ”right”,respectively, and telling us the direction in which the head moves.
q0 : The start state, a member of Q, in which the finite control is found initially.
B: The blank symbol. This symbol is in Γ but not in Σ; i.e., it is not an input symbol. The blank appears initially in all but the finite number of initial cells that hold input symbols.
F: The set of final or accepting states, a subset of Q.
32
5.2.2
Automata and Games
We can consider automata to be game between two players A and B such that A selects the states of the automata and B selects the input symbols. Thus A is nothing but the transition function of the automata. A strategy can be called a winning strategy for the automata if it is in one of the accepting states. Here we take into account the fact that halting problem is undecidable. The game can go on forever and we might never be able to say for a particular game whether there is a winning strategy for the automata. Thus we have set up a game between the transition function of the Turing machine say A and the input structure (or tape in case of a TM) M and we denote the game as G(A,M). For the example shown above Q0 is the initial state and the sample run of the game is (Q0 , a, Q1 , b, Q0 , a, Q1 , c, Q2 ) at the end of which the automata is in an accepting state and hence it is a winning strategy for the automata.
Similar ideas are introduced by Gurevich and Harrington [25] where they use game techniques to analyze the Rabin tree automata and Buchi automata.
5.2.3
Transforms
In this section I provide the sketch of the requirements of the transforms. Proposition 5.2.1. Game to Turing Machine As discussed in the preceding sections a repeated game can be easily represented as an automata by taking into account the threat points in the game. A turing machine which is nothing but automata can thus be a useful tool in game analysis. The requirements of this transform would be
33
two functions 1 - which maps players actions to states. 2 - which maps opponents actions to the transition function based on threats.
Remark 5.2.1. Littman and Stone [12] give an alternate efficient representation for a repeated game by introducing the concept of counting nodes which allows representation of strategies of the form 2n tit-for-tat, where n is the number of states to wait to activate a threat. Proposition 5.2.2. Turing Machine to Game In order to represent a turing machine as a game we need three functions 1- which maps states of the turing machine to actions of player A. 2- which maps the transition function to actions of player B. 3- which maps action pairs to utilities for each player.
Remark 5.2.2. The third function in the above proposition would give not the exact payoffs but a relation between payoffs based on which we can classify games. The following are the basic games 1. (a,b)
(c,c)
(c,c)
(b,a)
Here a > b > c and (a,b) and (b,a) are the two NE.
2. (a,a)
(c,c)
(c,c)
(b,b)
Here a > b > c and (a,a) and (b,b) are the two NE with (a,a) prefered.
34
3. (a,a)
(c,d)
Here d > a > b > c and (b,b) is the NE .
(d,c) (b,b) 4. (a,a)
(c,d)
Here d > a > c > b and (d,c),(c,d) are the NE .
(d,c) (b,b) 5. (a,b)
(b,a)
(b,a)
(a,b)
Here a = −b there is no NE .
The difficult part in transforming a turing machine to a game is calculating the utilities of players. In order to simplify the problem I assume that the Turing machine in question represents the strategies of both the players. In other words both players are using the same Turing machine to make their strategies. Now to calculate the payoff we need to predict what could be threat points. This could be a hard problem. A possible solution is to make generic structures for the standard games and look for their occurance in automata.
5.2.4
Conclusion
The ideas suggested in the preceding sections point towards a game theoretic model for computation. The interesting areas to explore are the payoff calculations and better representations for games using automata.
35
5.3
Conclusions and Future Work
We suggest that further research in this direction is likely going to reveal additional properties
Bibliography [1] Michael Ben-Or, Another advantage of free choice: Completely asynchronous agreement protocols, Proceedings of the Second Annual ACM Symposium on Principles of Distributed Computing (PODC’83) (Canada), August 1983, pp. 27– 30. [2] Benny Chor and Cynthia Dwork, Randomization in Byzantine Agreement, Advances in Computing Research 5 (1989), 443–497. [3] Michael J. Fischer, Nancy A. Lynch, and Michael S. Paterson, Impossibility of distributed consensus with one faulty process, Symposium on Principles of Database Systems, 1983, pp. 1–7. [4] J. Halpern, A computer scientist looks at game theory, Games and Economic Behavior (2003), no. 45:1, 114–131. [5] M. Kodialam and T.V. Lakshman, Detecting network intrusions via sampling : A game theoretic approach, IEEE INFOCOM (2003). [6] N. Linial, Game-theoretic aspects of computer science, Handbook of Game Theory with Economic Applications II (1994), 1340–1395. [7] C.L. Liu, Introduction to combinatorial mathematics, McGraw-Hill, New York, 1968.
36
37
[8] F. Menczer M . Jakobsson, Untraceable email cluster bombs: On agent-based distributed denial of service, (2002). [9] M. Littman M. Kearns, S. Singh, Graphical models for games, UAI’01. [10] C.Papadimitriou M. Yanakakis, On complexity as bounded rationality, STOC’94, 1994. [11] A. Rubinstein M.J.Osborne, A course in game theory, The MIT Press, Cambridge, 1994. [12] P. Stone M.L.Littman, A polynomial-time nash equilibrium algorithm for repeated games, EC’03 (2003). [13] J.F. Nash, Equilibrium points in n-person games, Proceedings of the National Academy of Sciences of the United States of America 36 (1950), no. 48-49, [29,30,51]. [14] C. Papadimitriou, On players with bounded number of states, games and economic behaviour ed., 1992. , Algorithms, games, and the internet, STOC (2001).
[15]
[16] V. Khurana R. Garg, A. Kamra, A game theoretic approach towards congestion control in communication networks, ACM SIGCOMM 32 (2002), no. 3. [17] Michael O. Rabin, Randomized Byzantine Generals, Proceedings of the 24th Annual IEEE Symposium on Foundations of Computer Science, 1983, pp. 403– 409. [18] S. Hart R.J.Aumann (ed.), Handbook of game theory with economic applications, vol1 ed., North Holland, 1982. [19] T. Roughgarden, Designing networks for selfish users is hard.
38
[20] Adi Shamir, How to share a secret, Communications of the ACM 22 (1979), no. 11. [21] A.M. Turing, On computable numbers, with an application to the entscheidungsproblem, (1936). [22] J. Halpern V. Teague, Rational secret sharing and multiparty computation, STOC (2004). [23] J. M. Vidal, Learning in multiagent systems: An introduction from a game theoretic perspective, Springer Verlag (2003). [24] von Neumann and Oskar Morgensten, Theory of games and economic behaviour, New York:John Wiely and Sons, New York, 1944. [25] Leo Harrington Yuri Gurevich, Trees, automata and games, ACM (1982).
