Fast garbling of circuits under standard assumptions

Shay Gueron, Yehuda Lindell, Ariel Nof, Benny Pinkasy

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

Protocols for secure computation enable mutually distrustful parties to jointly compute on their private inputs without revealing anything but the result. Over recent years, secure computation has become practical and considerable effort has been made to make it more and more efficient. A highly important tool in the design of two-party protocols is Yao's garbled circuit construction (Yao 1986), and multiple optimizations on this primitive have led to performance improvements of orders of magnitude over the last years. However, many of these improvements come at the price of making very strong assumptions on the underlying cryptographic primitives being used (e.g., that AES is secure for related keys, that it is circular secure, and even that it behaves like a random permutation when keyed with a public fixed key). The justification behind making these strong assumptions has been that otherwise it is not possible to achieve fast garbling and thus fast secure computation. In this paper, we take a step back and examine whether it is really the case that such strong assumptions are needed. We provide new methods for garbling that are secure solely under the assumption that the primitive used (e.g., AES) is a pseudorandom function. Our results show that in many cases, the penalty incurred is not significant, and so a more conservative approach to the assumptions being used can be adopted.

Original languageEnglish
Title of host publicationCCS 2015 - Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security
PublisherAssociation for Computing Machinery
Pages567-578
Number of pages12
ISBN (Electronic)9781450338325
DOIs
StatePublished - 12 Oct 2015
Event22nd ACM SIGSAC Conference on Computer and Communications Security, CCS 2015 - Denver, United States
Duration: 12 Oct 201516 Oct 2015

Publication series

NameProceedings of the ACM Conference on Computer and Communications Security
Volume2015-October
ISSN (Print)1543-7221

Conference

Conference22nd ACM SIGSAC Conference on Computer and Communications Security, CCS 2015
Country/TerritoryUnited States
CityDenver
Period12/10/1516/10/15

Bibliographical note

Funding Information:
Supported by the PQCRYPTO project, which was partially funded by the European Commission Horizon 2020 research Programme, grant #645622. Supported by the European Research Council under the ERC consolidators grant agreement n. 615172 (HIPS) and under the European Union''s Seventh Framework Program (FP7/2007-2013) grant agreement n. 609611 (PRACTICE), and by the BIU Center for Research in Applied Cryptography and Cyber Security in conjunction with the Israel National Cyber Bureau in the Prime Minster''s Office. We express our deepest gratitudes to Meital Levy for her great efforts in implementing the different methods and running the experiments.

Publisher Copyright:
© 2015 ACM.

ASJC Scopus subject areas

  • Software
  • Computer Networks and Communications

Fingerprint

Dive into the research topics of 'Fast garbling of circuits under standard assumptions'. Together they form a unique fingerprint.

Cite this