Rational Threshold Cryptosystems
This addresses security in decentralized systems for applications like blockchain, though it is incremental as it builds on existing threshold cryptosystem concepts.
The paper tackles the problem of collusion in threshold cryptosystems under a permissionless-economic model by proposing a framework that uses an escrow service to incentivize honest behavior through slashing and redistributing deposits, showing that colluding parties are placed in a prisoner's dilemma where framing becomes the dominant strategy.
We propose a framework for threshold cryptosystems under a permissionless-economic model in which the participants are rational profit-maximizing entities. To date, threshold cryptosystems have been considered under permissioned settings with a limited adversary. Our framework relies on an escrow service that slashes and redistributes deposits to incentivize participants to adhere desired behaviors. Today, more than ever, sophisticated escrow services can be implemented over public blockchains like Ethereum, without additional trust assumptions. The key threat to rational threshold cryptosystems is collusion---by cooperating `illegally', a subset of participants can reveal the cryptosystem's secret, which, in turn is translated to unfair profit. Our countermeasure to collusion is framing. If the escrow is notified of collusion, it rewards the framer and slashes the deposits of all other participants. We show that colluding parties find themselves in the prisoner's dilemma, where the dominant strategy is framing.