Faster secure two-party computation with less memory

Secure two-party computation is used as the basis for a large variety of privacy-preserving protocols, but often concerns about the low performance hinder the move away from non-private solutions. In this paper we present an improved implementation of Yao's garbled circuit protocol in the semi-honest adversaries setting which is up to 10 times faster than previous implementations. Our improvements include (1) the first multi-threaded implementation of the base oblivious transfers resulting in a speedup of a factor of two, (2) techniques for minimizing the memory footprint during oblivious transfer extensions and processing of circuits, (3) compilation of sub-circuits into files, and (4) caching of circuit descriptions and network packets. We implement improved circuit building blocks from the literature and present for the first time performance results for secure evaluation of the ultra-lightweight block cipher PRESENT within 7 ms online time.

[1]  Kevin R. B. Butler,et al.  Memory-Efficient Garbled Circuit Generation for Mobile Devices , 2012, Financial Cryptography.

[2]  Benny Pinkas,et al.  Fairplay - Secure Two-Party Computation System , 2004, USENIX Security Symposium.

[3]  Joan Boyar,et al.  A New Combinational Logic Minimization Technique with Applications to Cryptology , 2010, SEA.

[4]  Ahmad-Reza Sadeghi,et al.  TASTY: tool for automating secure two-party computations , 2010, CCS '10.

[5]  Abhi Shelat,et al.  Billion-Gate Secure Computation with Malicious Adversaries , 2012, USENIX Security Symposium.

[6]  Ahmad-Reza Sadeghi,et al.  Embedded SFE: Offloading Server and Network Using Hardware Tokens , 2010, Financial Cryptography.

[7]  Claudio Orlandi,et al.  A New Approach to Practical Active-Secure Two-Party Computation , 2012, IACR Cryptol. ePrint Arch..

[8]  Ahmad-Reza Sadeghi,et al.  Twin Clouds: Secure Cloud Computing with Low Latency - (Full Version) , 2011, Communications and Multimedia Security.

[9]  Ahmad-Reza Sadeghi,et al.  Practical Secure Evaluation of Semi-Private Functions , 2009, IACR Cryptol. ePrint Arch..

[10]  Benny Pinkas,et al.  Keyword Search and Oblivious Pseudorandom Functions , 2005, TCC.

[11]  Yehuda Lindell,et al.  Secure Multiparty Computation for Privacy-Preserving Data Mining , 2009, IACR Cryptol. ePrint Arch..

[12]  Ahmad-Reza Sadeghi,et al.  Improved Garbled Circuit Building Blocks and Applications to Auctions and Computing Minima , 2009, IACR Cryptol. ePrint Arch..

[13]  Yehuda Lindell,et al.  A Proof of Yao's Protocol for Secure Two-Party Computation , 2004, Electron. Colloquium Comput. Complex..

[14]  Yuval Ishai,et al.  Extending Oblivious Transfers Efficiently , 2003, CRYPTO.

[15]  Vladimir Kolesnikov,et al.  Improved Garbled Circuit: Free XOR Gates and Applications , 2008, ICALP.

[16]  A. Yao,et al.  Fair exchange with a semi-trusted third party (extended abstract) , 1997, CCS '97.

[17]  Helmut Veith,et al.  Secure two-party computations in ANSI C , 2012, CCS.

[18]  Joan Boyar,et al.  Concrete Multiplicative Complexity of Symmetric Functions , 2006, MFCS.

[19]  Theodosis Mourouzis,et al.  Solving Circuit Optimisation Problems in Cryptography and Cryptanalysis , 2011, IACR Cryptol. ePrint Arch..

[20]  Yehuda Lindell,et al.  A Proof of Security of Yao’s Protocol for Two-Party Computation , 2009, Journal of Cryptology.

[21]  Jonathan Katz,et al.  Faster Secure Two-Party Computation Using Garbled Circuits , 2011, USENIX Security Symposium.

[22]  Benny Pinkas,et al.  SCiFI - A System for Secure Face Identification , 2010, 2010 IEEE Symposium on Security and Privacy.

[23]  Jonathan Katz,et al.  Private Set Intersection: Are Garbled Circuits Better than Custom Protocols? , 2012, NDSS.

[24]  Benny Pinkas,et al.  Secure Two-Party Computation is Practical , 2009, IACR Cryptol. ePrint Arch..

[25]  Ahmad-Reza Sadeghi,et al.  Garbled Circuits for Leakage-Resilience: Hardware Implementation and Evaluation of One-Time Programs - (Full Version) , 2010, CHES.

[26]  Yan Huang,et al.  Privacy-Preserving Applications on Smartphones , 2011, HotSec.

[27]  Jonathan Katz,et al.  Quid-Pro-Quo-tocols: Strengthening Semi-honest Protocols with Dual Execution , 2012, 2012 IEEE Symposium on Security and Privacy.

[28]  Florian Kerschbaum,et al.  Automatically optimizing secure computation , 2011, CCS '11.

[29]  Moni Naor,et al.  Privacy preserving auctions and mechanism design , 1999, EC '99.

[30]  Benny Pinkas,et al.  FairplayMP: a system for secure multi-party computation , 2008, CCS.

[31]  Moni Naor,et al.  Efficient oblivious transfer protocols , 2001, SODA '01.

[32]  Thomas Schneider,et al.  Engineering Secure Two-Party Computation Protocols , 2012, Springer Berlin Heidelberg.

[33]  Marina Blanton,et al.  Secure and Efficient Protocols for Iris and Fingerprint Identification , 2011, ESORICS.

[34]  Jonathan Katz,et al.  Efficient Privacy-Preserving Biometric Identification , 2011, NDSS.

[35]  Lior Malka,et al.  VMCrypt: modular software architecture for scalable secure computation , 2011, CCS '11.

[36]  Xiaomin Liu,et al.  Efficient Oblivious Pseudorandom Function with Applications to Adaptive OT and Secure Computation of Set Intersection , 2009, TCC.

[37]  Donald Beaver,et al.  Precomputing Oblivious Transfer , 1995, CRYPTO.