Byzantine Agreement with a Rational AdversaryByzantine Agreement • July 9th, 2012
Contract Type FiledJuly 9th, 2012Abstract. Traditionally, cryptographers assume a “worst-case” adver- sary who can act arbitrarily. More recently, they have begun to consider rational adversaries who can be expected to act in a utility-maximizing way. Here we apply this model for the first time to the problem of Byzan- tine agreement (BA) and the closely related problem of broadcast, for natural classes of utilities. Surprisingly, we show that many known re- sults (e.g., equivalence of these problems, or the impossibility of toler- ating t ≥ n/2 corruptions) do not hold in the rational model. We study the feasibility of information-theoretic (both perfect and statistical) BA assuming complete or partial knowledge of the adversary’s preferences. We show that perfectly secure BA is possible for t < n corruptions given complete knowledge of the adversary’s preferences, and charac- terize when statistical security is possible with only partial knowledge. Our protocols have the added advantage of being more efficient than