2084
Online Information Privacy
or membership of privacy Web seal programmes.
Alternatively, the mistrust may be directed toward
the Internet medium. Therefore, the solution may
lie within the education of Australian Internet
users toward the rights and resources available
to them, not only by privacy advocacy organisa-
tions, but on e-entrepreneurs’ Web sites and their
related industry organisations.
Given that the study found that there is a
relationship between information privacy and
certain demographic characteristics such as loca-
tion and gender, a sound approach for e-entrepre-
neurs would be to consider their target population
before developing data collection strategies. For
LQVWDQFHDVWKHVXUYH\¿QGVWKDWZRPHQDSSHDUHG
to be more pragmatic than their concerned male
counterparts, Web sites with a female target audi-
ence could emphasise the value of data disclosure
— what will individuals receive in return, while
one targeting men may want to accentuate how
consumer information privacy is upheld. Interest-
ingly, however, males had the highest reported
usage of privacy-enhancing tools (an average of
1.22 tools out of a possible 5, compared to 0.93
reported by females). In fact, over 10% more men
than women had used at least one tool.
Finally, the study also found an inverse cor-
UHODWLRQEHWZHHQWKHFRQVWUXFWV³H[SHULHQFH´
DQG³WRWDOSULYDF\´DVPHDVXUHGE\UHVSRQVHVWR

questions regarding the OECD Data Protection
Principles). Thus, inexperienced Internet users
KDGKLJKHU³WRWDOSULYDF\´YDOXHVWKDQWKHLUH[-
perienced counterparts, which is consistent with
WKH¿QGLQJVIURPDQXPEHURIVWXGLHV&XOQDQ
1993; Stone & Stone, 1990; NUA, 1998). The
LPSOLFDWLRQRIWKLV¿QGLQJLVWKDWHHQWUHSUHQHXUV
should give special consideration to new Internet
users by introducing them to privacy-enhancing
methods and technologies and reinforcing their
value.
CONCLUSION
This chapter reports and discusses the results of
an empirical study which aimed to identify and
model Australian Internet users’ online informa-
WLRQSULYDF\RULHQWDWLRQVE\FRPELQLQJVSHFL¿F
demographic and attitudinal measurements with
behavioural data. The resultant privacy-sophis-
tication index clearly illustrates the subjective-
ness of online information privacy and groups
Australian Internet users according to a range
of privacy-related characteristics, which could
assist e-entrepreneurs to further understand the
role of information privacy in cyberspace and
hence better interact with customers in e-busi-
ness operations.
$ U J XDEO\ W K HN H\ ¿ QG L QJ I U RP W KH VX U Y H \L V W K D W 
the majority of Australian Internet users appear
to be highly sensitive toward online information
privacy and suggests privacy management must

be an ongoing priority for e-entrepreneurs. This
VWXG\DOVR¿QGVWKDWWKHUHDUHGLIIHUHQFHVLQSUL-
vacy-related attitudes and behaviours between
the sexes, although there does not appear to be
D VLJQL¿FDQW FRUUHODWLRQ ZLWK DQ\ RWKHU GHPR-
graphic factor. Therefore, e-entrepreneurs who
run gender-oriented businesses should consider
WKHLPSOLFDWLRQVRIWKHVH¿QGLQJVLQUHODWLRQWR
their privacy protection strategies.
Although there are methodological limitations
which may affect the validity of the results, this
study provides e-entrepreneurs with an in-depth
insight into Australian Internet users’ attitudes
and behaviours toward online information privacy,
the knowledge from which, may be applicable
cross-culturally.
S o m e e - b u s i n e s s e s m a y c h o o s e t o u s e i n f o r m a -
tion privacy practices as a market segmentation
variable (Culnan & Bies, p. 162), and the PSI pro-
¿OHVPD\DVVLVWLQWKLVUHVSHFW7KHUHLVHYLGHQFH
to suggest that good privacy can actually result
in gains to e-commerce, therefore, a proactive
approach toward consumer privacy may not only
be socially responsible, but strategically sound.
2085
Online Information Privacy
REFERENCES
Allen, A. (2000). Gender and privacy in cyber-
space. Stanford Law Review, 52(5), 1175-1200.
Attaran, M. (2000). Managing legal liability of

the Net: A ten step guide for IT managers. In-
formation Management and Computer Security,
8(2), 98-100.
Bennett, C. (1992). Regulating privacy – Data
protection and public policy in Europe and the
United States. New York: Cornell University
Press.
Clarke, R. (1999). Introduction to dataveillance
DQG LQIRUPDWLRQ SULYDF\ DQG GH¿QLWLRQV RI
terms. Retrieved May 23, 2002, from www.anu.
edu/people/Roger.Clarke/DV/Intro.html
Clarke, R. (2001). Privacy as a means of engen-
dering trust in cyberspace. Retrieved June 9,
2001, from www.anu.edu/people/Roger.Clarke/
DV/eTrust.html
Cranor, L., Reagle, J., & Ackerman, M. (1999).
Beyond concern: Understanding Net users atti-
tudes about online privacy. AT&T Labs-Research
Technical Report TR 99.4.3. Retrieved April 14,
1999, from www.research.att.com/library/trs/
TRs/99/99.4/
Culnan, M. (1993). How did they get my name?
An exploratory investigation of consumer at-
titudes toward secondary information use. MIS
Quarterly, 17(3), 341-363.
Culnan, M. (1999). Information privacy concerns,
procedural fairness, and impersonal trust: An
empirical investigation. Organization Science: A
Journal of the Institute of Management Sciences,
10(1), 104-115.

Culnan, M., & Bies, R. (1999). Fair informa-
tion practices for marketing. In C. Bennett & R.
Grant (Eds.), Vi sion s of pr i va c y: Poli c y vo i c e s fo r
the digital age. Toronto: University of Toronto
Press.
Culnan, M., & Milne, G. (2001, December). The
Culnan-Milne survey on consumers and online
privacy notices: Summary of responses, joint
working paper. Bentley College, MA, and Isen-
berg School of Management.
Dembeck, C. (1999, April 8). Report: Online
shopping desire overrides privacy concerns. E-
Commerce Times.
The Economist Intelligence Unit. (2001). Private
investigations: Data privacy and the challenge to
business. Available online at www.eiu.com
Fried, C. (1996). In Z. Sardar & J. Ravetz (Eds.),
Cyberfutures: Culture & politics on the infor-
mation superhighway. New York: New York
University Press.
Fukuyama, F. (1999). Building trust online:
TRUSTe, privacy and self governance. Retrieved
February 5, 2001, from www.truste.org/about/
WUXVWHZKLWHSDSHU¿QDOGRF
Gindin, S. (1997). Lost and found in cyberspace.
San Diego Law Review, 1153, 24-79.
Harrison-McKnight, D. & Chervany, N. (2001).
What trust means in e-commerce customer
relationships: An interdisciplinary conceptual
typology. International Journal of Electronic

Commerce, 6(2), 35-39.
Hofstede, G. (2001). Cultures consequences (2
nd
ed.). CA: Sage Publications.
Lessig, L. (1999). Code and other laws of cyber-
space. New York: Basic Books.
Long, G., Hogg, M., Hartley, M., & Angold, S.
(1999). Relationship marketing and privacy: Ex-
ploring the thresholds. Journal of Marketing Prac-
tice: Applied Marketing Science, 5(1), 4-20.
Lyon, D., & Zureik, E. (Eds.). (1996). Computers,
surveillance & privacy. University of Minnesota
Press.
2086
Online Information Privacy
Maslow, A. (1987). Motivation & personality (3
rd
ed.) New York: Harper & Row.
Meridian Research. (2001). Regulatory compli-
ance: The tip of the privacy iceberg. Meridien
Research. Retrieved May 16, 2003, from www.
keepmedia.com/ShowItemDetails.do?itemID
=533026&extID=10030&oliID=226
Michael, J. (1994). Privacy & human rights.
UNESCO & Dartmouth, Aldershot.
Milberg, S., Burke, S., Smith, H., & Kallman, E.
(1995).Values, personal information privacy, and
regulatory approaches. Association for Comput-
ing Machinery. Communications of the AGM,
38(12), 65-74.

Milne, G., & Boza, M. (1999). Trust and concern
in consumers’ perceptions of marketing informa-
tion management practices, Journal of Interactive
Marketing, 13(1), 5-24.
Milne, G., & Gordon, M. (1993) Direct mail
SULYDF\HI¿FLHQF\WUDGHRIIVZLWKLQDQLPSOLHG
social contract framework.
Journal of Public
Policy and Marketing, 12(2), 206-215.
NUA. (1998). Shoppers still concerned about
privacy. Available online at www.nua.ie/sur-
veys/index
Papadopoulou, P., Andreou, A., Kanellis, P., &
Matrakos, D. (2001). Trust and relationship build-
ing in electronic commerce. Internet Research:
Electronic Networking Applications and Policy,
11(4), 322-332.
Perrolle, J. (1996). Privacy and surveillance in
computer-supported cooperative work. In D. Lyon
& E. Zuriek (Eds.), Computers, surveillance and
privacy (pp. 50-71). Minneapolis: University of
Minnesota Press.
Phelps, J., D’Souza, G., & Nowak, G. (2001). An-
tecedents and consequences of consumer privacy
concerns: An empirical investigation. Journal of
Interactive Marketing, 15(4), 2-17.
Phelps, J., Nowak, G., & Ferrell, E. (2000). Privacy
concerns and consumer willingness to provide
personal information. Journal of Public Policy
& Marketing, 19(1), 27-41.

Posch, R. (1993). Don’t take Lou Harris too seri-
ously. Direct Marketing, 56(8), 44-48.
Princeton Survey Research. (2002). A matter of
trust: What users want from Web sites. Princeton
Survey Research.
Rao, C., & Singhapakdi, S. (1997). Marketing
ethics: A comparison between services and other
marketing professionals. Journal of Services
Marketing, 11(6), 409-426.
Reder, A. (1995). ,QSXUVXLWRISULQFLSOHDQGSUR¿W
Business success through social responsibility.
New York: Putnam.
Scholtz (2001). Privacy@net. Consumers Inter-
national. Retrieved March 3, 2002, from www.
consumersinternational.org/news/pressreleases/
fprivreport.pdf
Sheehan, K. (1999). An investigation of gender
differences in on-line privacy concerns and resul-
tant behaviours. Journal of Interactive Marketing,
13(1), 24-38
S h e e h a n , K . (2 0 0 2) . To w a r d a t y p o l og y o f I n t e r n e t
users and online privacy concerns. The Informa-
tion Society, 18, 21-32.
Sheehan, K., & Grubbs Hoy, M. (1999). Flam-
ing, complaining, abstaining: How online users
respond to privacy concerns. Journal of Advertis-
ing, 28(3), 37-51.
Sheehan, K., & Grubbs Hoy, M. (2000). Dimen-
sions of privacy concern among online consum-
ers. Journal of Public Policy & Marketing, 19(1),

62-73.
Singhapakdi, A., Rawwas, M., Matra, J., &
Ahmed, M. (1999). A cross-cultural study of con-
sumer perceptions about marketing ethics. Journal
of Consumer Marketing, 16(3), 257-272.
2087
Online Information Privacy
Smith, H. (1994). Managing privacy. Chapel Hill:
University of North Carolina Press.
Smith, H., Milberg, S., & Burke, S. (1996). Infor-
mation privacy: Measuring individual’s concerns
about organisational practices. MIS Quarterly,
20(2), 167-196.
Smith, R. (1993). CEP’93 – The proper face of
privacy. Privacy Journal. Retrieved from July
1, 2002, from www.cpsr.org/conferences/cfp93/
smith.html
Taylor, H. (2003). Most people are ‘privacy prag-
matists’ who, while concerned about privacy,
ZLOOVRPHWLPHVWUDGHLWRIIIRURWKHUEHQH¿WV7KH
Harris Poll No. 17. Available online at www.har-
risinteractive.com/harris_poll
Westin, A. (1967). Privacy & freedom. New York:
Atheneum.
Wr ight , R. (1993). Overhear i ng t he Inter net. The New
Republic, September 13. Available online at www.
nua.com/surveys/index.cgi?f=VSandart_id=
905358552andrel=true
ENDNOTE
1

Many of the Westin-Harris survey reports
are available on the Privacy and American
Business Web site www.pandab.org.
This work was previously published in Entrepreneurship and Innovations in E-Business: An Integrative Perspective, edited by
F. Zhao, pp. 200-222, copyright 2006 by IGI Publishing (an imprint of IGI Global).
2088
Copyright © 2009, IGI Global, distributing in print or electronic forms without written permission of IGI Global is prohibited.
Chapter 7.8
Analyzing the Privacy of a
Vickrey Auction Mechanism
Ismael Rodríguez
Universidad Complutense de Madrid, Spain
Natalia López
Universidad Complutense de Madrid, Spain
ABSTRACT
This article studies the properties of a distributed
mechanism to perform the Vickrey auction. This
mechanism, which was originally presented in
López, Núñez, Rodríguez, and Rubio (2004), has
the main characteristic that most of the informa-
tion concerning the bids is kept private for both
bidders and the auctioneer without the necessity
of any trusted third party. In particular, after the
DXFWLRQLV¿QLVKHGRQO\WKHYDOXHRIWKHVHFRQG
highest bid and the identity of the highest bidder
are publicly revealed. However, in that paper,
several questions about the applicability of the
protocol were left unanswered. In particular,
no implementation was provided. Besides, the
analysis of the collusion risk was too brief. In

this paper, we address these issues in a deeper
way. Let us note that, as it is stated in Brandt
and Sandholm (2004), it is impossible to create
a completely private mechanism to perform the
Vickrey auction. In particular, we identify a gap
between the proposed protocol and the complete
privacy: If any n-2 bidders and the winning bid-
der collude, the privacy is lost. Besides, some
privacy properties can be broken by chance if some
VSHFL¿FVLWXDWLRQVDSSHDUWKRXJKWKHSUREDELOLW\
of this threat decreases as the number of bidders
increases. In addition, we present and analyze a
simple implementation of the protocol, and we
consider its practical applicability.
INTRODUCTION
Auctions are very effective ways to allocate re-
sources. There exist several auction mechanisms,
with the Vickrey auction (Vickrey, 1961) being
one of the mechanisms that has attracted more
interest from the computer science researchers.
This is a sealed bid where the bidder who submits
the highest bid gets the item, but he/she pays the
2089
Analyzing the Privacy of a Vickrey Auction Mechanism
amount submitted in the second highest bid. As
it is well known, the Vickrey auction has several
good properties. In particular, it removes any
incentive for bidders to bid strategically. This is
so because the dominant strategy of each agent
consists in submitting a bid for his or her reserve

price, that is, the maximum price that the agent
would pay for the auctioned item. Thus, the
Vickrey auction is a direct-revelation mechanism
since, in order to maximize their utility, agents
have to say the truth.
In a Vickrey auction, the difference between
WKH¿UVWDQGVHFRQGSULFHVLVWKHprice paid by
the auctioneer to guarantee that all the agents
tell the truth. However, as the revenue equiva-
lence theorem (RET) claims (Myerson, 1981),
this auction produces the same revenue for the
auctioneer as other standard auctions (English,
'XWFK¿UVWSULFHVHDOHGDXFWLRQWKRXJKLWLV
worth pointing out that in general, the auctioneer
GRHVQRWPD[LPL]HWKHSUR¿WZLWKUHVSHFWWRD
more ÀH[LEOH scheme.
1
Actually, note that if the
auctioneer found out in advance the reserve price
of the highest bid, he/she would prefer to sell
WKHLWHPZLWKD¿[HGSULFHDVtake-it-or-leave-it.
Besides, the Vickrey auction is usually assumed
to be a private-value auction, that is, reserve
S U L F H V D UH O RF D O O \D Q G L QG H S H QG H Q W O\ ¿ [H GE \H D FK 
agent. This property disallows an agent to get
more interested in an item because other agents
have higher bids.
Privacy issues may be a handicap in Vickrey
auctions. If the auctioneer has access to all the bids,
then he/she can use this information in subsequent

auctions of similar items (by using a take-it-or-
leave-it strategy). Thus, it is not desirable for the
agents that the auctioneer knows their reserve
prices. Moreover, if the bidders know all the bids,
they can also adapt their subsequent bids.
2
This
would imply that the auction is not with private
value anymore, so that reserve prices are not used
afterwards (Sandholm & Lesser, 1995).
Thus, a desirable characteristic to be included
in Vickrey auctions consists in keeping, as much
as possible, the privacy of the bids. In other words,
our goal is that at the end of the auction, each bid-
der is the only one who knows his/her own bid.
Moreover, it would also be very desirable that
neither the bidders nor the auctioneer know the
value of other bids. Obviously, there always exist
some mi nimal exceptions to complete privacy. In
particular, we need to know the second-highest bid
as well as the highest bidder. However, in order to
resolve the auction, we need to know neither the
highest bid nor the second-highest bidder.
Some protocols have been proposed to keep
the good properties of the Vickrey auction while
guaranteeing privacy (see, e.g., Lipmaa, Asokan,
& Niemi, 2002; López et al. 2004; Naor, Pinkas,
& Sumner, 1999). In Lipmaa et al. (2002), privacy
is partially lost: although the auction authority
cannot relate bids with bidders, he/she knows the

value of all the bids that have been submitted. In
the case of Naor et al. (1999), the collusion of the
auctioneer and the auction issuer allows them to
infer all the bids of the bidders. In López et al.
(2004), bidders do not communicate their real bid
to other agents (neither to other bidders nor to the
auctioneer), so that protocol does not depend on
a trusted third part as the previous protocols do.
However, in that paper, some topics concerning
its practical applicability were not addressed.
Besides, some scenarios of privacy threat were
WDFNOHGWRREULHÀ\,QSDUWLFXODUVRPHVLWXDWLRQV
concerning the collusion of bidders were not
properly discussed. Hence, a deeper analysis of
this protocol is still needed.
In this paper, we present a (simple) imple-
mentation of that protocol and analyze some of
its properties in a deeper way. In particular, we
show that the collusion of bidders cannot breach
the privacy with certainty unless n-2 bidders and
the winner (that is, n-1 bidders) collude, where n
is the number of bidders in the auction. Besides,
we show that other collusion threats may appear
by chance, though the probability of these situ-
ations decreases with the number of bidders. As
it is stated in Brandt and Sandholm (2004), it is
2090
Analyzing the Privacy of a Vickrey Auction Mechanism
LPSRVVLEOHWR¿QGDFRPSOHWHO\SULYDWHPHFKD-
nism to perform the Vickrey auction. This result

imposes an upper bound of privacy-preserving
HI¿FLHQF\ LQ WKDW IUDPHZRUN ,Q SDUWLFXODU LW
shows that it is not possible to eliminate all of
the previous collusion threats from the protocol.
However, to the best of our knowledge, this is the
protocol that provides the best privacy properties
for performing the Vickrey auction without the
necessity of any trusted third party.
The rest of the paper is organized as follows.
In the next section we sketch the main ideas of our
method. In spite that this section is self-contained,
explanations are brief because any interested
UHDGHUFDQ¿QGWKHRULJLQDOSUHVHQWDWLRQRIWKLV
protocol in López et al (2004). Afterwards, in the
next two sections, we discuss some properties that
are required in order to keep the privacy of the
protocol. First, our discussion focuses on study-
ing different ways in which a single bidder could
try to break the privacy of the protocol. Then, we
study how a group of bidders could collude to try
to break the privacy. Next, we present a simple
VLPXODWLRQRIRXU SURWRFRO DQG EULHÀ\GLVFXVV
a concrete experiment. Finally, we present our
conclusions and some lines for future work.
METHODOLOGY
,QWKLVVHFWLRQZHEULHÀ\VNHWFKWKHEDVLFLGHDV
underlying the protocol presented in López et al.
(2004). Basically, this protocol consists in apply-
ing some function to all bids. Then, the values
returned by the function are compared, and we

select the second-highest value. Next, we apply the
inverse function to that value, and we obtain the
second-highest bid. After this value is computed,
ZHSXEOLFO\DVN³:KRLVWKHELGGHUZKRZRXOG
pay this value for the item being auctioned?” Let
us remark that, since the Vickrey auction rules
promote that all bidders bid their reserve prices,
only the highest bidder wants to buy the item at
that price, as the second-highest bidder does not
care about purchasing the item at that price or
not. However, the utility of the highest bidder
improves if he/she buys the item at that price.
Hence, only the bidder who submitted the high-
est bid will claim to be the winner. The item is
assigned to that bidder, and the price is the value
of the second-highest bid.
3
Let f be the function used in the previous
VFKHPH7KLVIXQFWLRQPXVWIXO¿OOVRPHSURSHU-
ties. First, it must be strictly increasing, that is,
x,y: x<y o f(x)<f(y). This is required to guar-
antee that the second-highest transformed value
corresponds actually to the second-highest bid.
Another property of f is that it must be injective,
because we need to use f
-1
to decode the second
highest value. In addition, privacy will be achieved
only if we have that both f and f
-1

are unknown
WRDOOELGGHUV2WKHUZLVHDELGGHUFRXOG¿QGRXW
all bids by applying f
-1
to the values returned by
the function. To achieve that goal, each bidder
will know only a piece of the function called
local function, and f will be the composition of
all of them. Bidders will privately create their
local functions, and the encoding or decoding of
a bid will only be possible with the collaboration
of all bidders together. The composition of local
functions will work as follows: After some bid-
der receives a (partially) transformed bid from
another bidder, he/she applies his or her local
function and afterwards, he/she sends the result
to another bidder, and so on. Finally, we need
the global function dependent on at least three
parameters. After the auction is over, all bidders
know a pair (input,output) of the global function.
This pair consists of the second bid and the second-
transformed value. Moreover, the winner of the
auction knows another example, because he/she
knows his or her bid and its transformation, which
is the highest transformed value. Hence, function
f must be such that two examples of application
are not enough to infer it.
4
For example, a function
depending on three parameters is f(x) = (B · x

A
)
+ C. Clearly, two examples of inputs and outputs
2091
Analyzing the Privacy of a Vickrey Auction Mechanism
are not enough to infer the function. We will go
back to this idea in the next section.
In order to obtain the desired behavior in
WKHJOREDOIXQFWLRQORFDOIXQFWLRQVPXVWIXO¿OO
some properties (see López et al., 2004 for more
details):
• We need the global function to be strictly
LQFUHDVLQJ$VXI¿FLHQWFRQGLWLRQIRUDVVXU-
ing it is that all local functions are strictly
increasing.
• If the order of application of local functions
were the same for all bids, some bidder would
know all bids, because the bidder who owns
WKH¿UVWORFDOIXQFWLRQZRXOGUHFHLYHDOOELGV
EHIRUHWKH\DUHWUDQVIRUPHG,QVWHDGWKH¿UVW
local function to be applied to each bid will
be that of the owner of that bid. So, no bid
will be sent to another bidder.
• Once all bids are completely transformed
according to all local functions, we should
DYRLGDELGGHU¿QGLQJRXWZKLFKRQHLVWKH
transformed value of his or her bid, because
in this case he/she would know how many
bids are over and under his or her own. Note
that if the owner of a bid knows the order of

application of local functions, then he/she
can guess who will broadcast it once the last
local function is applied to his or her bid. In
order to avoid that, after a bidder receives a
(partially) transformed value and applies his
or her own local function, he/she will freely
(e.g., randomly) choose the next bidder in
the transformation of that value.
• A consequence of the previous conditions is
that the order of application of local functions
could be different for each bid. However,
we want the global function to be the same
LQDOOFDVHV$VXI¿FLHQWFRQGLWLRQIRUWKDW
is that the composition of local functions is
commutative, that is, for any local functions
f and g we have f(g(x))=g(f(x)).
• After all bids are transformed according to
all local functions, all transformed values
are broadcasted, and the second highest
transformed value is selected. We need this
value to be decoded in order to obtain the
second bid. The inverse transformation will
be computed by applying the inverse of each
local function. So, we need that each local
function is invertible. Besides, the order of
application of inverse local functions in the
decoding will not necessarily be the inverse
of the path we used in the encoding. Let us
note that if it were, then the identity of the
second bidder would be revealed because

the last bidder of the decoding would be
WKH¿UVWRIWKHHQFRGLQJ6LQFHZHQHHGWKH
global inverse function to be unique, the
composition of the inverse local functions
must also be commutative.
As we said before, the global function should
depend on at least three parameters. We will do it
by increasing the number of function parameters
iteratively.
We will illustrate this idea with an example.
Let us consider again the function F(x) = (x
A
+ B)
· C, which depends on three parameters. Clearly,
the composition of functions of this form is not
commutative, so local functions cannot be like
that. Instead, we can compose some commutative
local functions to achieve function F in several
stages,Q WKH¿UVWVWDJHDOOELGGHUVZLOODSSO\
local functions of the form f(x) = x
a
, where a is
privately chosen by each bidder. After all local
functions are applied to all bids, we have that all
bids are transformed according to a function f(x) =
x
A
, where A is the multiplication of each a chosen
privately by each bidder: then the second stage
begins. Let us note that transformed values are not

SXEOLFO\FRPPXQLFDWHGDIWHUWKH¿UVWVWDJHLVRYHU
Instead, any bidder that is the last one applying
his or her local function to some value sends the
new value only to the bidder that will begin the
transformation of that value in the second stage (in
particular, it could be itself). In the second stage,
functions follow the form f(x) = x + b. After this
2092
Analyzing the Privacy of a Vickrey Auction Mechanism
stage is carried out like the previous one, we have
that all bids have been transformed according to
a function f(x) = x
A
+ B, where B is the addition
of all b. Then the bidders who were the last in the
second stage send the values to some bidder to
begin the third stage. This time, local functions
follow the pattern f(x) = c · x. After the third stage
¿QLVKHVDOOYDOXHVDUHEURDGFDVWHG7KHUHODWLRQ
between these values and the original bids is given
by a function F(x) = (x
A
+ B) · C, where C is the
multiplication of each c.
Once the second highest transformed value
is selected, a similar process must be performed
WR¿QGRXWWKHELGFRUUHVSRQGLQJWRWKDWYDOXH
So, the inverse function will be applied to it. To
obtain the inverse function, the order of stages
has to be opposite to that which we had before.

,QWKH¿UVWVWDJHRIWKHEDFNZDUGVSDWKZHXVH
functions that follow the form f(x) = x · 1/c, in
the next one we use functions f(x) = x - b, and
¿QDOO\ZHWDNHIXQFWLRQVI[ [
1/a
. At the end,
the last bidder applying one of such functions
will broadcast the result, which is actually the
second highest bid.
According to the previous scheme, bidders
send each other some information in both the
FRGL¿FDWLRQ DQG WKH GHFRGLQJ SKDVHV $IWHU D
bidder applies his or her local function to some
value and he/she decides the next bidder in the
transformation, he/she has to send to him orher
two data: The (partially) transformed value and
the set of bidders who have already applied their
local functions to this value in the current stage.
The latter is needed by the next bidder to choose
the bidder after him. It is also needed to know
ZKHWKHUWKHWUDQVIRUPDWLRQLQWKLVVWDJHLV¿QLVKHG
and the next stage must begin.
KEEPING THE PRIVACY
If the global function depends on at least three
parameters, then two examples of application of
that function are not enough to infer the function.
For example, let us consider that the global func-
tion follows the same form as before, that is, F(x)
= (B · x
A

) + C. Besides, let us suppose that the
second highest bid is 2 and its transformation is
4, while the highest bid and its transformation are
DQGUHVSHFWLYHO\$IWHUWKHDXFWLRQ¿QLVKHV
all bidders know that 4 is the transformation of
2, and that there is a bid whose transformation
is 8. Besides, the winner (who is the bidder with
more information) knows also that 8 is the trans-
formation of 4. However, the winner is unable
WR¿QGRXWWKHJOREDOIXQFWLRQWKDWLVKHVKHLV
XQDEOHWR¿QGRXW$%DQG&$FFRUGLQJWRKLV
or her knowledge, these parameters could be (A,
B, C) = (1, 0, 2). However, (2, 8, 1/3) and (3, 48,
1/14) are other valid possibilities. Actually, there
DUHLQ¿QLWHSRVVLELOLWLHV6RWKHUHODWLYHGLVWDQFH
between transformed values (e.g., 8 is double 4, 8
is 4 plus 4) does not provide any information to
infer totally or partially the respective bids.
However, we must address some issues con-
cerning the use of several stages in our scheme.
In order to keep the privacy, some additional
conditions must be introduced. Let us consider
the backwards process where the second highest
bid is decoded. During this process, both the last
bidder who applies his or her local function in
some stage k and the ¿UVW bidder who applies it
in the next stage k+1 have privileged information.
We will illustrate this issue with an example. Let
us consider that the global function is F(x) = (x
A

+ B) · C, and let us suppose that it is composed
by using three stages as explained previously. Let
us note that a bidder located in the intermediate
of two stages knows the transformed value of the
second highest bid at this point. For example, both
the last bidder of the second decoding stage (i.e.,
the stage where functions are of the form f(x) =
[EDQGWKH¿UVWELGGHURIWKHODVWRQHZKHUH
functions of the form f(x) = x
1/a
are used) know the
transformed value of the second highest bid after
WKH¿UVWWZRVWDJHV/HWs be that value, and let B
1
and B
2
be the two previous bidders, respectively.
After the last stage, the true second highest bid is
2093
Analyzing the Privacy of a Vickrey Auction Mechanism
broadcasted (say b). Then, by taking into account s
and b, bidders B
1
and B
2
can easily infer the whole
function of the last stage, which follows the form
f(x) = x
1/A
for some A that is the multiplication of

the value a of each bidder. If either B
1
or B
2
is the
winner of the auction, he/she can use this function
to calculate the transformation of his or her own
bid before the last decoding stage. Let w be such
value. Let us note that the function governing the
composition of decoding stages 1 and 2 follows
the form f(x) = (x · 1/C) - B, which depends on
two parameters. So, the winner of the auction can
e a s i l y i n f e r t h i s f u n c t i o n b y t a k i n g i n t o a c c o u n t h i s
or her two examples of application. This function
provides the whole inverse global function, and
this one gives the global function. So, the win-
ner of the auction could have access to all bids.
Moreover, the winner is not the only bidder who
could infer the global function by being located
in the intermediate of stages. In particular, if
any bidder is located in the intermediate point of
stages 1 and 2 and, at the same time, in the point
between stages 2 and 3, then he/she can easily
infer the function governing each stage, which
gives him or her the global function.
In order to avoid this problem, we must impose
some additional conditions to ensure that no bid-
der can infer the global function. First, we must
avoid that some bidder is located in more than 2
intermediate points. During the decoding stage,

any bidder that is located in an intermediate point
will be included in a set. Besides, each time a bid-
der has to send a value to another, it will check
whether the next step is positioned in an intermedi-
ate point and, if it is, it will not send the value to a
bidder that is already included in that set. Second,
the problem of the privileged information of the
winner can be solved by using at least 4 stages.
The kinds of function used in each stage will be
iterated as follows: The three kinds of functions
commented before (exponentiation, addition,
multiplication) are ordered in some arbitrary way
K
0
, K
1
, K
2
. Then, each stage i uses the kind K
i
mod 3
. Let us consider that 4 stages are used. If the
ZLQQHULVORFDWHGLQWKH¿UVWLQWHUPHGLDWHSRLQW
then the function corresponding to the next three
steps depends on three parameters. The case is
similar if he/she is located in the third intermediate
point. If he/she is located in the second, then he/she
cannot transform his or her own bid according to
t he f u n ct io n us e d u p to t h is p oi nt . H en c e, he /s he is
unable to get at least 2 examples. So, the winner

cannot use his or her privileged information to
infer the global function.
RISKS OF COLLUSION
In spite that no single bidder can break the pri-
vacy by his or her own, we have to consider the
possibility that some bidders collude to share
their information in order to infer some bids or
the global function (which would give all bids).
To the best of our knowledge, the collusion of n-
1 bidders is needed to extract some information
with certainty, where the number of bidders is
n. In order to achieve this property, the protocol
described in the previous section has to be slightly
PRGL¿HG
Let us consider some collusion scenarios. Let
us suppose that functions of the form f(x) = x
a
DUHXVHGLQWKH¿UVWVWDJH%HVLGHVOHWXVVXSSRVH
WKDWGXULQJWKHWUDQVIRUPDWLRQRIDELGLQWKH¿UVW
stage, a bidder B
1
sends a partially transformed
value to bidder X. Then, X applies his or her
function and sends the result to B
2
. Meanwhile,
the bid of X, as well as the rest of bids, are col-
ODERUDWLYHO\FRGL¿HGLQSDUDOOHO/HWXVVXSSRVH
that the transformation of the bid of X is carried
out as follows: X applies his or her function to

his or her bid, and then he/she sends the result-
ing value to some bidder B
3
. In this case, B
1
, B
2
,
and B
3
can easily infer the bid of bidder X. They
can do it in the following way. First, bidders B
1
and B
2
¿QGRXWWKHH[SRQHQWXVHGE\ELGGHU;
in his or her local function. In order to do that, it
is enough that B
1
and B
2
compare the value sent
from B
1
to X and the value sent from X to B
2
.