论文信息 - A New Framework for Garbled Circuits

A New Framework for Garbled Circuits

Garbled circuits are a fundamental cryptographic building block to encode Boolean circuits as a sequence of encrypted values. This sequence allows two parties to securely evaluate the circuit, e.g., without revealing their respective inputs. At the heart of any garbling scheme lies a randomized algorithm projecting the plain values into a larger domain. Emerging from a large body of work, the common paradigm meets two implicit properties: the circuit is garbled progressively gate-wise; and all underlying algorithms are linear. In this setting, the communication complexity is measured in the number of sent ciphertexts and shown to be optimal with a scheme sending two ciphertexts per AND gate and no ciphertexts per XOR gate (Zahur, Rosulek and Evans, Eurocrypt’15). We revisit the common paradigm and extend the seminal work of Bellare, Hoang, and Rogaway from CCS 2012 to present for the first time an abstraction of the garbling algorithm itself. This abstraction highlights how Yao’s work (Yao, FOCS’86) and all its optimizations focused on improving just one aspect of the garbling. We then discuss how improving the other aspects could provide new ways to overcome the limitations of existing schemes. As a proof of concept we present a non-bijective scheme avoiding Zahur et al.’s bound, achieving a communication complexity of a single data item which is not a ciphertext.

Carmit Hazay | Avishay Yanai | Tomer Ashur | Efrat Cohen

[1] Vladimir Kolesnikov,et al. Improved Garbled Circuit: Free XOR Gates and Applications , 2008, ICALP.

[2] Vladimir Kolesnikov,et al. FleXOR: Flexible garbling for XOR gates that beats free-XOR , 2014, IACR Cryptol. ePrint Arch..

[3] Koutarou Suzuki,et al. How to Circumvent the Two-Ciphertext Lower Bound for Linear Garbling Schemes , 2016, ASIACRYPT.

[4] Andrew Chi-Chih Yao,et al. How to generate and exchange secrets , 1986, 27th Annual Symposium on Foundations of Computer Science (sfcs 1986).

[5] Benny Applebaum,et al. Garbled Circuits as Randomized Encodings of Functions: a Primer , 2017, Tutorials on the Foundations of Cryptography.

[6] Mihir Bellare,et al. Foundations of garbled circuits , 2012, CCS.

[7] Silvio Micali,et al. The Round Complexity of Secure Protocols (Extended Abstract) , 1990, STOC 1990.

[8] Moni Naor,et al. Privacy preserving auctions and mechanism design , 1999, EC '99.

[9] Benny Pinkas,et al. Secure Two-Party Computation is Practical , 2009, IACR Cryptol. ePrint Arch..

[10] Yehuda Lindell,et al. A Proof of Security of Yao’s Protocol for Two-Party Computation , 2009, Journal of Cryptology.

[11] David Evans,et al. Two Halves Make a Whole - Reducing Data Transfer in Garbled Circuits Using Half Gates , 2015, EUROCRYPT.

[12] Mihir Bellare,et al. Efficient Garbling from a Fixed-Key Blockcipher , 2013, 2013 IEEE Symposium on Security and Privacy.