报告时间：2018年8月16日8:30-10:00

报告地点：文津楼三段628报告厅

主办单位：太阳集团tcy8722网站网络信息安全团队

报告人： 董长宇

董长宇是英国Newcastle大学的高级讲师。他于2009获得伦敦帝国理工大学博士学位。他的研究领域为网络空间安全，尤其是应用密码学。2006年以来，他已经在重要的国际期刊与很高声誉的国际会议如ACM CCS, ESORICS，Journal of Computer Security, IEEE Transactions on Dependable and Secure Computing and IEEE Transactions on Information Forensics and Security等发表学术论文30多篇。还担任几个国际会议和论坛的主持和Journal of Computer Security, IEEE Transactions on Dependable and Secure Computing and IEEE Transactions on Information Forensics and Security期刊的评阅人. 2011年以来, 开始研究有效的安全计算。他的研究已经在保密计算集合的交集和保密信息检索方面已经获得一些突破，并把这些研究运用到保密数据挖掘领域。

报告题目：背叛，不信任，理性：通过抗共谋智能合约来实现可验证云计算

Betrayal, Distrust, and Rationality: Smart Counter-Collusion Contracts for Verifiable Cloud Computing

 

摘要：

    云计算已成为一个不可逆的潮流。云计算迫切需要可验证性：云服务提供商不同于用户，他们的利益可能指向不同，用户不可能完全信任云。出于各种原因，客户往往有验证计算结果正确性的需求。可是现有技术开销巨大，这就意味着如果客户使用这些技术，云计算将变得比使用自有数据中心更昂贵，这就背离了多数客户为削减成本而使用云计算的初衷。

    在本报告中，我将介绍如何通过博弈论以及智能合约（一种基于区块链的新技术）来在合理的成本的前提下实现可验证云计算。简而言之，客户使用两个云来计算相同的任务，并用智能合约来实现经济激励机制，在两个云之间产生利益矛盾以及不信任感，结果就是在理性选择下两个云不会共谋来欺骗客户。没有了共谋，计算的正确性可以通过简单的检验结果是否一致来验证。我们对合约产生的博弈进行了形式化的分析，并证明在合理的假设下这些合约的有效性。通过博弈论和智能合约，我们可以避免使用昂贵的密码协议。客户只需要付两个云明文计算的费用以及使用智能合约带来的少量交易费。我们还进行了一些可行性研究，包括在以太坊平台上实现以及运行了我们的智能合约。

Cloud computing has become an irreversible trend. There is a pressing need for verifiability: the cloud providers are external parties whose interests may not fully align with those of its clients, therefore they cannot be fully trusted. To exercise due diligence and gain greater confidence in computation outsourced to the cloud, clients need to be able to verify the correctness of the results returned. However, existing verifiable computation techniques all have a high overhead, thus if being deployed in the clouds, would render cloud computing more expensive than the on-premises counterpart, and would diminish the motivation for using the clouds.

In this talk, I will present our recent attempt to achieve verifiability at a reasonable cost, by leveraging game theory and smart contracts, which is a newly developed paradigm on top of the block chain technology. In a nutshell, a client lets two clouds compute the same task, and uses smart contracts to stimulate tension, betrayal and distrust between the clouds, so that rational clouds will not collude and cheat. In the absence of collusion, verification of correctness can be done easily by cross checking the results from the two clouds. We provide a formal analysis of the games induced by the contracts, and prove that the contracts will be effective under certain reasonable assumptions. By resorting to game theory and smart contracts, we are able to avoid heavy cryptographic protocols. The client only needs to pay two clouds to compute in the clear, and a small transaction fee to use the smart contracts. We also conducted a feasibility study that involves implementing the contracts in Solidity and running them on the official Ethereum network.