Garbled Circuits as Randomized Encodings of Functions: a Primer

Yao’s garbled circuit (GC) construction is a central cryptographic tool with numerous applications. In this tutorial, we study garbled circuits from a foundational point of view under the framework of randomized encoding (RE) of functions. We review old and new constructions of REs, present some lower bounds, and describe some applications. We also discuss new directions and open problems in the foundations of REs.

[1]  Benny Pinkas,et al.  Fairplay - Secure Two-Party Computation System , 2004, USENIX Security Symposium.

[2]  Yuval Ishai,et al.  Distribution Design , 2016, ITCS.

[3]  Mihir Bellare,et al.  Efficient Garbling from a Fixed-Key Blockcipher , 2013, 2013 IEEE Symposium on Security and Privacy.

[4]  Yuval Ishai,et al.  Cryptography with Constant Input Locality , 2007, Journal of Cryptology.

[5]  Anat Paskin-Cherniavsky,et al.  Statistical Randomized Encodings: A Complexity Theoretic View , 2015, ICALP.

[6]  Yael Tauman Kalai,et al.  Black-Box Circular-Secure Encryption beyond Affine Functions , 2011, TCC.

[7]  Benny Pinkas,et al.  Secure Two-Party Computation is Practical , 2009, IACR Cryptol. ePrint Arch..

[8]  Yuval Ishai,et al.  Partial Garbling Schemes and Their Applications , 2014, ICALP.

[9]  Yuval Ishai,et al.  Cryptography by Cellular Automata or How Fast Can Complexity Emerge in Nature? , 2010, ICS.

[10]  Moni Naor,et al.  Privacy preserving auctions and mechanism design , 1999, EC '99.

[11]  Yuval Ishai,et al.  From Secrecy to Soundness: Efficient Verification via Secure Computation , 2010, ICALP.

[12]  Rafail Ostrovsky,et al.  Adaptively Secure Garbled Circuits from One-Way Functions , 2016, CRYPTO.

[13]  Yuval Ishai,et al.  Founding Cryptography on Tamper-Proof Hardware Tokens , 2010, IACR Cryptol. ePrint Arch..

[14]  Vinod Vaikuntanathan,et al.  Functional Encryption with Bounded Collusions via Multi-party Computation , 2012, CRYPTO.

[15]  Mihir Bellare,et al.  Adaptively Secure Garbling with Applications to One-Time Programs and Secure Outsourcing , 2012, ASIACRYPT.

[16]  Ran Canetti,et al.  Obfuscation of Probabilistic Circuits and Applications , 2015, TCC.

[17]  Yael Tauman Kalai,et al.  One-Time Programs , 2008, CRYPTO.

[18]  Rafael Pass,et al.  Output-Compressing Randomized Encodings and Applications , 2016, TCC.

[19]  John Black,et al.  Encryption-Scheme Security in the Presence of Key-Dependent Messages , 2002, Selected Areas in Cryptography.

[20]  Benny Applebaum Randomly Encoding Functions: A New Cryptographic Paradigm - (Invited Talk) , 2011, ICITS.

[21]  Mihir Bellare,et al.  Foundations of garbled circuits , 2012, CCS.

[22]  Rafail Ostrovsky,et al.  Circular-Secure Encryption from Decision Diffie-Hellman , 2008, CRYPTO.

[23]  Yuval Ishai,et al.  On the Cryptographic Complexity of the Worst Functions , 2014, TCC.

[24]  Yehuda Lindell,et al.  An Efficient Protocol for Secure Two-Party Computation in the Presence of Malicious Adversaries , 2007, Journal of Cryptology.

[25]  Rafail Ostrovsky,et al.  How to Garble RAM Programs , 2013, EUROCRYPT.

[26]  Avi Wigderson,et al.  Completeness Theorems for Non-Cryptographic Fault-Tolerant Distributed Computation (Extended Abstract) , 1988, STOC.

[27]  Benny Applebaum,et al.  Cryptography in Constant Parallel Time , 2013, Information Security and Cryptography.

[28]  Jonathan Katz,et al.  Faster Secure Two-Party Computation Using Garbled Circuits , 2011, USENIX Security Symposium.

[29]  Yuval Ishai,et al.  How to Garble Arithmetic Circuits , 2011, FOCS.

[30]  Jan Camenisch,et al.  An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation , 2001, IACR Cryptol. ePrint Arch..

[31]  Benny Applebaum,et al.  Key-Dependent Message Security: Generic Amplification and Completeness , 2011, Journal of Cryptology.

[32]  Amit Sahai,et al.  Worry-free encryption: functional encryption with public keys , 2010, CCS '10.

[33]  Vladimir Kolesnikov,et al.  FleXOR: Flexible garbling for XOR gates that beats free-XOR , 2014, IACR Cryptol. ePrint Arch..

[34]  Yael Tauman Kalai,et al.  How to Run Turing Machines on Encrypted Data , 2013, CRYPTO.

[35]  Zvika Brakerski,et al.  Circular and Leakage Resilient Public-Key Encryption Under Subgroup Indistinguishability (or: Quadratic Residuosity Strikes Back) , 2010, IACR Cryptol. ePrint Arch..

[36]  Yuval Ishai,et al.  Perfect Constant-Round Secure Computation via Perfect Randomizing Polynomials , 2002, ICALP.

[37]  Guy N. Rothblum,et al.  A (de)constructive approach to program checking , 2008, STOC.

[38]  Silvio Micali,et al.  A Completeness Theorem for Protocols with Honest Majority , 1987, STOC 1987.

[39]  Guang Yang,et al.  Incompressible Functions, Relative-Error Extractors, and the Power of Nondeterministic Reductions (Extended Abstract) , 2015, Computational Complexity Conference.

[40]  Yehuda Lindell,et al.  Implementing Two-Party Computation Efficiently with Security Against Malicious Adversaries , 2008, SCN.

[41]  Benny Applebaum,et al.  From Private Simultaneous Messages to Zero-Information Arthur-Merlin Protocols and Back , 2016, TCC.

[42]  Joe Kilian,et al.  Founding crytpography on oblivious transfer , 1988, STOC '88.

[43]  Omer Reingold,et al.  Efficiency improvements in constructing pseudorandom generators from one-way functions , 2010, STOC '10.

[44]  Craig Gentry,et al.  Fully homomorphic encryption using ideal lattices , 2009, STOC '09.

[45]  Benny Applebaum,et al.  Arithmetic Cryptography: Extended Abstract , 2015, ITCS.

[46]  Silvio Micali,et al.  The Round Complexity of Secure Protocols (Extended Abstract) , 1990, STOC 1990.

[47]  Vladimir Kolesnikov,et al.  Improved Garbled Circuit: Free XOR Gates and Applications , 2008, ICALP.

[48]  B. Applebaum Cryptography in NC0 , 2014 .

[49]  Andrew Chi-Chih Yao,et al.  Protocols for Secure Computations (Extended Abstract) , 1982, FOCS.

[50]  Yuval Ishai,et al.  Randomizing polynomials: A new representation with applications to round-efficient secure computation , 2000, Proceedings 41st Annual Symposium on Foundations of Computer Science.

[51]  Craig Gentry,et al.  Fully Key-Homomorphic Encryption, Arithmetic Circuit ABE and Compact Garbled Circuits , 2014, EUROCRYPT.

[52]  Yuval Ishai,et al.  Scalable Secure Multiparty Computation , 2006, CRYPTO.

[53]  Craig Gentry,et al.  Succinct Randomized Encodings and their Applications. , 2014 .

[54]  Yehuda Lindell,et al.  A Proof of Security of Yao’s Protocol for Two-Party Computation , 2009, Journal of Cryptology.

[55]  David Chaum,et al.  Multiparty Unconditionally Secure Protocols (Extended Abstract) , 1988, STOC.

[56]  Benny Applebaum Garbling XOR Gates "For Free" in the Standard Model , 2013, TCC.

[57]  Benny Applebaum,et al.  Bootstrapping Obfuscators via Fast Pseudorandom Functions , 2014, ASIACRYPT.

[58]  Benny Applebaum,et al.  From Private Simultaneous Messages to Zero-Information Arthur–Merlin Protocols and Back , 2016, Journal of Cryptology.

[59]  Vinod Vaikuntanathan,et al.  Attribute-based encryption for circuits , 2013, STOC '13.

[60]  Allison Bishop,et al.  Indistinguishability Obfuscation for Turing Machines with Unbounded Memory , 2015, IACR Cryptol. ePrint Arch..

[61]  Yuval Ishai,et al.  Computationally Private Randomizing Polynomials and Their Applications , 2005, Computational Complexity Conference.

[62]  Leonid A. Levin,et al.  A Pseudorandom Generator from any One-way Function , 1999, SIAM J. Comput..

[63]  Yuval Ishai,et al.  Bounded Key-Dependent Message Security , 2010, IACR Cryptol. ePrint Arch..

[64]  Craig Gentry,et al.  i-Hop Homomorphic Encryption and Rerandomizable Yao Circuits , 2010, IACR Cryptol. ePrint Arch..

[65]  Moni Naor,et al.  A minimal model for secure computation (extended abstract) , 1994, STOC '94.

[66]  Yuval Ishai,et al.  Private simultaneous messages protocols with applications , 1997, Proceedings of the Fifth Israeli Symposium on Theory of Computing and Systems.

[67]  Amit Sahai,et al.  Concurrent Non-Malleable Zero Knowledge , 2006, 2006 47th Annual IEEE Symposium on Foundations of Computer Science (FOCS'06).

[68]  David Cash,et al.  Fast Cryptographic Primitives and Circular-Secure Encryption Based on Hard Learning Problems , 2009, CRYPTO.

[69]  Rafail Ostrovsky,et al.  Garbled RAM From One-Way Functions , 2015, STOC.

[70]  Hoeteck Wee,et al.  Communication Complexity of Conditional Disclosure of Secrets and Attribute-Based Encryption , 2015, CRYPTO.

[71]  Craig Gentry,et al.  Non-interactive Verifiable Computing: Outsourcing Computation to Untrusted Workers , 2010, CRYPTO.

[72]  David Evans,et al.  Two Halves Make a Whole - Reducing Data Transfer in Garbled Circuits Using Half Gates , 2015, EUROCRYPT.

[73]  Guy N. Rothblum,et al.  On Approximating the Entropy of Polynomial Mappings , 2011, ICS.

[74]  Moni Naor,et al.  On the Compressibility of NP Instances and Cryptographic Applications , 2006, 2006 47th Annual IEEE Symposium on Foundations of Computer Science (FOCS'06).

[75]  Yuval Ishai,et al.  Founding Cryptography on Oblivious Transfer - Efficiently , 2008, CRYPTO.

[76]  Moti Yung,et al.  Non-interactive cryptocomputing for NC/sup 1/ , 1999, 40th Annual Symposium on Foundations of Computer Science (Cat. No.99CB37039).

[77]  Brent Waters,et al.  Encoding Functions with Constant Online Rate or How to Compress Garbled Circuits Keys , 2013, CRYPTO.

[78]  Vinod Vaikuntanathan,et al.  Efficient Fully Homomorphic Encryption from (Standard) LWE , 2011, 2011 IEEE 52nd Annual Symposium on Foundations of Computer Science.

[79]  Yuval Ishai,et al.  Protecting data privacy in private information retrieval schemes , 1998, STOC '98.

[80]  Ran Canetti,et al.  Succinct Garbling and Indistinguishability Obfuscation for RAM Programs , 2015, STOC.

[81]  Yuval Ishai,et al.  Randomization Techniques for Secure Computation , 2013, Secure Multi-Party Computation.

[82]  Abhi Shelat,et al.  Billion-Gate Secure Computation with Malicious Adversaries , 2012, USENIX Security Symposium.

[83]  Rafail Ostrovsky,et al.  Garbled RAM Revisited , 2014, EUROCRYPT.

[84]  Yael Tauman Kalai,et al.  Reusable garbled circuits and succinct functional encryption , 2013, STOC '13.

[85]  Joe Kilian,et al.  One-Round Secure Computation and Secure Autonomous Mobile Agents , 2000, ICALP.

[86]  Benny Applebaum,et al.  On the Relationship Between Statistical Zero-Knowledge and Statistical Randomized Encodings , 2018, computational complexity.

[87]  Andrew Chi-Chih Yao,et al.  How to generate and exchange secrets , 1986, 27th Annual Symposium on Foundations of Computer Science (sfcs 1986).

[88]  Yuval Ishai,et al.  Efficient Multi-party Computation over Rings , 2003, EUROCRYPT.