论文信息 - Optimizing Authenticated Garbling for Faster Secure Two-Party Computation

Optimizing Authenticated Garbling for Faster Secure Two-Party Computation

Wang et al. (CCS 2017) recently proposed a protocol for malicious secure two-party computation that represents the state-of-the-art with regard to concrete efficiency in both the single-execution and amortized settings, with or without preprocessing. We show here several optimizations of their protocol that result in a significant improvement in the overall communication and running time. Specifically: We show how to make the “authenticated garbling” at the heart of their protocol compatible with the half-gate optimization of Zahur et al. (Eurocrypt 2015). We also show how to avoid sending an information-theoretic MAC for each garbled row. These two optimizations give up to a 2.6\(\times \) improvement in communication, and make the communication of the online phase essentially equivalent to that of state-of-the-art semi-honest secure computation. We show various optimizations to their protocol for generating AND triples that, overall, result in a 1.5\(\times \) improvement in the communication and a 2\(\times \) improvement in the computation for that step.

[1] Abhi Shelat,et al. Efficient Secure Computation with Garbled Circuits , 2011, ICISS.

[2] Claudio Orlandi,et al. LEGO for Two-Party Secure Computation , 2009, TCC.

[3] Benny Pinkas,et al. Non-Interactive Secure Computation Based on Cut-and-Choose , 2014, IACR Cryptol. ePrint Arch..

[4] Peter Rindal,et al. Faster Malicious 2-Party Secure Computation with Online/Offline Dual Execution , 2016, USENIX Security Symposium.

[5] Jonathan Katz,et al. Efficient Secure Two-Party Computation Using Symmetric Cut-and-Choose , 2013, CRYPTO.

[6] Benny Pinkas,et al. Fairplay - Secure Two-Party Computation System , 2004, USENIX Security Symposium.

[7] Claudio Orlandi,et al. MiniLEGO: Efficient Secure Two-Party Computation from General Assumptions , 2013, EUROCRYPT.

[8] Yehuda Lindell,et al. Secure Two-Party Computation via Cut-and-Choose Oblivious Transfer , 2011, Journal of Cryptology.

[9] Jonathan Katz,et al. Global-Scale Secure Multiparty Computation , 2017, CCS.

[10] Silvio Micali,et al. The round complexity of secure protocols , 1990, STOC '90.

[11] Yan Huang,et al. JIMU: Faster LEGO-Based Secure Computation Using Additive Homomorphic Hashes , 2017, ASIACRYPT.

[12] David Evans,et al. Two Halves Make a Whole - Reducing Data Transfer in Garbled Circuits Using Half Gates , 2015, EUROCRYPT.

[13] Yuval Ishai,et al. Extending Oblivious Transfers Efficiently , 2003, CRYPTO.

[14] Yehuda Lindell,et al. Blazing Fast 2PC in the Offline/Online Setting with Security for Malicious Adversaries , 2015, IACR Cryptol. ePrint Arch..

[15] Mihir Bellare,et al. Efficient Garbling from a Fixed-Key Blockcipher , 2013, 2013 IEEE Symposium on Security and Privacy.

[16] Jonathan Katz,et al. Faster Secure Two-Party Computation Using Garbled Circuits , 2011, USENIX Security Symposium.

[17] Ivan Damgård,et al. Multiparty Computation from Somewhat Homomorphic Encryption , 2012, IACR Cryptol. ePrint Arch..

[18] Vladimir Kolesnikov,et al. FleXOR: Flexible garbling for XOR gates that beats free-XOR , 2014, IACR Cryptol. ePrint Arch..

[19] Abhi Shelat,et al. Billion-Gate Secure Computation with Malicious Adversaries , 2012, USENIX Security Symposium.

[20] Yuval Ishai,et al. Ligero: Lightweight Sublinear Arguments Without a Trusted Setup , 2017, Designs, Codes and Cryptography.

[21] Alex J. Malozemoff,et al. Faster Secure Two-Party Computation in the Single-Execution Setting , 2017, EUROCRYPT.

[22] Moni Naor,et al. Privacy preserving auctions and mechanism design , 1999, EC '99.

[23] Luís T. A. N. Brandão,et al. Secure Two-Party Computation with Reusable Bit-Commitments, via a Cut-and-Choose with Forge-and-Lose Technique , 2013, IACR Cryptol. ePrint Arch..

[24] Yehuda Lindell,et al. Optimized Honest-Majority MPC for Malicious Adversaries — Breaking the 1 Billion-Gate Per Second Barrier , 2017, 2017 IEEE Symposium on Security and Privacy (SP).

[25] Claudio Orlandi,et al. Cross and Clean: Amortized Garbled Circuits with Constant Overhead , 2016, TCC.

[26] Abhi Shelat,et al. Fast two-party secure computation with minimal assumptions , 2013, CCS.

[27] Abhi Shelat,et al. Two-Output Secure Computation with Malicious Adversaries , 2011, EUROCRYPT.

[28] Yuval Ishai,et al. Actively Secure Garbled Circuits with Constant Communication Overhead in the Plain Model , 2017, Journal of Cryptology.

[29] Vladimir Kolesnikov,et al. Improved Garbled Circuit: Free XOR Gates and Applications , 2008, ICALP.

[30] Yehuda Lindell,et al. Fast Garbling of Circuits Under Standard Assumptions , 2017, Journal of Cryptology.

[31] Benny Pinkas,et al. Fairplay - Secure Two-Party Computation System (Awarded Best Student Paper!) , 2004 .

[32] Thomas Schneider,et al. Constant Round Maliciously Secure 2PC with Function-independent Preprocessing using LEGO , 2017, NDSS.

[33] Alex J. Malozemoff,et al. Amortizing Garbled Circuits , 2015, IACR Cryptol. ePrint Arch..

[34] Donald Beaver,et al. Efficient Multiparty Protocols Using Circuit Randomization , 1991, CRYPTO.

[35] Yehuda Lindell. Fast Cut-and-Choose Based Protocols for Malicious and Covert Adversaries , 2013, CRYPTO.

[36] Jonathan Katz,et al. Authenticated Garbling and Efficient Maliciously Secure Two-Party Computation , 2017, CCS.

[37] Yehuda Lindell,et al. An Efficient Protocol for Secure Two-Party Computation in the Presence of Malicious Adversaries , 2007, Journal of Cryptology.

[38] Claudio Orlandi,et al. A New Approach to Practical Active-Secure Two-Party Computation , 2012, IACR Cryptol. ePrint Arch..

[39] Yehuda Lindell,et al. Cut-and-Choose Yao-Based Secure Computation in the Online/Offline and Batch Settings , 2014, CRYPTO.

[40] Benny Pinkas,et al. Secure Two-Party Computation is Practical , 2009, IACR Cryptol. ePrint Arch..

[41] Vladimir Kolesnikov,et al. DUPLO: Unifying Cut-and-Choose for Garbled Circuits , 2017, CCS.

[42] Aner Ben-Efraim. On Multiparty Garbling of Arithmetic Circuits , 2017, IACR Cryptol. ePrint Arch..

[43] Yehuda Lindell. Fast Cut-and-Choose-Based Protocols for Malicious and Covert Adversaries , 2015, Journal of Cryptology.

[44] Andrew Chi-Chih Yao,et al. How to generate and exchange secrets , 1986, 27th Annual Symposium on Foundations of Computer Science (sfcs 1986).