To view the accompanying paper, visit doi.acm.org/10.1145/2896386
Alice and Bob have a pleasant dinner together, and want to randomly choose who will have to wash the dishes afterward. How can they fairly choose? One time-honored method is for Alice to flip a coin (hiding it from Bob). Bob calls his guess, and then Alice can reveal the coin, revealing who is stuck washing dishes. Both can verify for themselves whether the procedure was fair.
What if Alice and Bob are on opposite sides of the globe, able to communicate only via the Internet? Over three decades ago, cryptographers designed a clever scheme for solving this coin-tossing problem: roughly, Alice flips a coin and sends Bob a cryptographic hash of the outcome; Bob sends Alice his guess; and then Alice can reveal the coin toss outcome, allowing both Alice and Bob to verify who won and who lost. This protocol is useful in distributed settings where multiple parties who do not trust each other want to jointly generate random values that no one can influence or bias.
No entries found