Adaptively Secure Garbling with Near Optimal Online Complexity

We construct an adaptively secure garbling scheme with an online communication complexity of \(n+m+\mathsf {poly}(\log |C|, \lambda )\) where \(C: \{0,1\}^n \rightarrow \{0,1\}^{m}\) is the circuit being garbled, and \(\lambda \) is the security parameter. The security of our scheme can be based on (polynomial hardness of) the Computational Diffie-Hellman (CDH) assumption, or the Factoring assumption or the Learning with Errors assumption. This is nearly the best achievable in the standard model (i.e., without random oracles) as the online communication complexity must be larger than both n and m. The online computational complexity of our scheme is \(O(n+m)+\mathsf {poly}(\log |C|, \lambda )\). Previously known standard model adaptively secure garbling schemes had asymptotically worse online cost or relied on exponentially hard computational assumptions.

[1]  Rafail Ostrovsky,et al.  Garbled RAM From One-Way Functions , 2015, STOC.

[2]  Daniel Wichs,et al.  Adaptive Security of Yao's Garbled Circuits , 2016, TCC.

[3]  Sanjam Garg,et al.  Single-Key to Multi-Key Functional Encryption with Polynomial Loss , 2016, TCC.

[4]  Mark Zhandry,et al.  Breaking the Sub-Exponential Barrier in Obfustopia , 2017, EUROCRYPT.

[5]  Yehuda Lindell,et al.  A Proof of Security of Yao’s Protocol for Two-Party Computation , 2009, Journal of Cryptology.

[6]  Vinod Vaikuntanathan,et al.  Functional Encryption with Bounded Collusions via Multi-party Computation , 2012, CRYPTO.

[7]  Mihir Bellare,et al.  Adaptively Secure Garbling with Applications to One-Time Programs and Secure Outsourcing , 2012, ASIACRYPT.

[8]  Daniele Micciancio,et al.  Compactness vs Collusion Resistance in Functional Encryption , 2016, IACR Cryptol. ePrint Arch..

[9]  Yael Tauman Kalai,et al.  One-Time Programs , 2008, CRYPTO.

[10]  Daniel Wichs,et al.  Adaptively Indistinguishable Garbled Circuits , 2017, TCC.

[11]  Mihir Bellare,et al.  Foundations of garbled circuits , 2012, CCS.

[12]  Martín Abadi,et al.  Secure circuit evaluation , 1990, Journal of Cryptology.

[13]  Benny Pinkas,et al.  Fairplay - Secure Two-Party Computation System (Awarded Best Student Paper!) , 2004 .

[14]  Yuval Ishai,et al.  Cryptography in NC0 , 2004, FOCS.

[15]  Yuval Ishai,et al.  Cryptography in NC0 , 2004, SIAM J. Comput..

[16]  Amit Sahai,et al.  Worry-free encryption: functional encryption with public keys , 2010, CCS '10.

[17]  Amit Sahai,et al.  Functional Encryption for Turing Machines , 2016, TCC.

[18]  Nico Döttling,et al.  Laconic Oblivious Transfer and Its Applications , 2017, CRYPTO.

[19]  Benny Applebaum,et al.  Bootstrapping Obfuscators via Fast Pseudorandom Functions , 2014, ASIACRYPT.

[20]  Silvio Micali,et al.  The Round Complexity of Secure Protocols (Extended Abstract) , 1990, STOC 1990.

[21]  Rafail Ostrovsky,et al.  Black-Box Garbled RAM , 2015, 2015 IEEE 56th Annual Symposium on Foundations of Computer Science.

[22]  Benny Pinkas,et al.  Fairplay - Secure Two-Party Computation System , 2004, USENIX Security Symposium.

[23]  Robert E. Tarjan,et al.  Space bounds for a game on graphs , 1976, STOC '76.

[24]  Claudio Orlandi,et al.  Privacy-Free Garbled Circuits with Applications To Efficient Zero-Knowledge , 2015, IACR Cryptol. ePrint Arch..

[25]  Florian Kerschbaum,et al.  Zero-knowledge using garbled circuits: how to prove non-algebraic statements efficiently , 2013, IACR Cryptol. ePrint Arch..

[26]  Rafail Ostrovsky,et al.  Adaptively Secure Garbled Circuits from One-Way Functions , 2016, CRYPTO.

[27]  Yuval Ishai,et al.  Computationally Private Randomizing Polynomials and Their Applications , 2005, Computational Complexity Conference.

[28]  Andrew Chi-Chih Yao,et al.  How to generate and exchange secrets , 1986, 27th Annual Symposium on Foundations of Computer Science (sfcs 1986).

[29]  Nico Döttling,et al.  Identity-Based Encryption from the Diffie-Hellman Assumption , 2017, CRYPTO.

[30]  Craig Gentry,et al.  Non-interactive Verifiable Computing: Outsourcing Computation to Untrusted Workers , 2010, CRYPTO.

[31]  Rafail Ostrovsky,et al.  How to Garble RAM Programs , 2013, EUROCRYPT.

[32]  Ilan Komargodski,et al.  Be Adaptive, Avoid Overcommitting , 2017, CRYPTO.

[33]  Andrew Chi-Chih Yao,et al.  Protocols for Secure Computations (Extended Abstract) , 1982, FOCS.

[34]  Brent Waters,et al.  Encoding Functions with Constant Online Rate or How to Compress Garbled Circuits Keys , 2013, CRYPTO.

[35]  Vinod Vaikuntanathan,et al.  Indistinguishability Obfuscation from DDH-Like Assumptions on Constant-Degree Graded Encodings , 2016, 2016 IEEE 57th Annual Symposium on Foundations of Computer Science (FOCS).

[36]  Rafail Ostrovsky,et al.  Garbled RAM Revisited , 2014, EUROCRYPT.

[37]  Vinod Vaikuntanathan,et al.  Anonymous IBE, Leakage Resilience and Circular Security from New Assumptions , 2018, IACR Cryptol. ePrint Arch..

[38]  Yael Tauman Kalai,et al.  Reusable garbled circuits and succinct functional encryption , 2013, STOC '13.

[39]  Jesper Buus Nielsen,et al.  Separating Random Oracle Proofs from Complexity Theoretic Proofs: The Non-committing Encryption Case , 2002, CRYPTO.

[40]  Charles H. Bennett Time/Space Trade-Offs for Reversible Computation , 1989, SIAM J. Comput..

[41]  Craig Gentry,et al.  Fully Key-Homomorphic Encryption, Arithmetic Circuit ABE and Compact Garbled Circuits , 2014, EUROCRYPT.

[42]  Vinod Vaikuntanathan,et al.  From Selective to Adaptive Security in Functional Encryption , 2015, CRYPTO.

[43]  Nico Döttling,et al.  New Constructions of Identity-Based and Key-Dependent Message Secure Encryption Schemes , 2018, Public Key Cryptography.

[44]  Yuval Ishai,et al.  From Secrecy to Soundness: Efficient Verification via Secure Computation , 2010, ICALP.