On Garbling Schemes with and Without Privacy
نویسنده
چکیده
Garbling schemes allow to construct two-party function evaluation with security against cheating parties (SFE). To achieve this goal, one party (the Garbler) sends multiple encodings of a circuit (called Garbled Circuits) to the other party (the Evaluator) and opens a subset of these encodings, showing that they were generated honestly. For the remaining garbled circuits, the garbler sends encodings of the inputs. This allows the evaluator to compute the result of function, while the encoding ensures that no other information beyond the output is revealed. To achieve active security against a malicious adversary, the garbler in current protocols has to send O(s) circuits (where s is the statistical security parameter). In this work we show that, for a certain class of circuits, one can reduce this overhead. We consider circuits where sub-circuits depend only on one party’s input. Intuitively, one can evaluate these subcircuits using only one circuit and privacy-free garbling. This has applications to e.g. input validation in SFE and allows to construct more efficient SFE protocols in such cases. We additionally show how to integrate our solution with the SFE protocol of [5], thus reducing the overhead even further.
منابع مشابه
How to Use Garbling for Privacy Preserving Electronic Surveillance Services
Various applications following the Internet of Things (IoT) paradigm have become a part of our everyday lives. Therefore, designing mechanisms for security, trust and privacy for this context is important. As one example, applications related to electronic surveillance and monitoring have serious issues related to privacy. Research is needed on how to design privacy preserving surveillance syst...
متن کاملAdaptively Secure Garbling with Applications to One-Time Programs and Secure Outsourcing
Standard constructions of garbled circuits provide only static security, meaning the input x is not allowed to depend on the garbled circuit F . But some applications—notably one-time programs (Goldwasser, Kalai, and Rothblum 2008) and secure outsourcing (Gennaro, Gentry, Parno 2010)— need adaptive security, where x may depend on F . We identify gaps in proofs from these papers with regard to a...
متن کاملGarbling Schemes
Garbled circuits, a classical idea rooted in the work of Andrew Yao, have long been understood as a cryptographic technique, not a cryptographic goal. Here we cull out a primitive corresponding to this technique. We call it a garbling scheme . We provide a provable-security treatment for garbling schemes, endowing them with a versatile syntax and multiple security definitions. The most basic of...
متن کاملTinyLEGO: An Interactive Garbling Scheme for Maliciously Secure Two-party Computation
This paper reports on a number of conceptual and technical contributions to the currently very lively field of two-party computation (2PC) based on garbled circuits. Our main contributions are as follows: 1. We propose a notion of an interactive garbling scheme, where the garbled circuit is generated as an interactive protocol between the garbler and the evaluator. The garbled circuit is correc...
متن کاملReactive Garbling: Foundation, Instantiation, Application
Garbled circuits is a cryptographic technique, which has been used among other things for the construction of two and threeparty secure computation, private function evaluation and secure outsourcing. Garbling schemes is a primitive which formalizes the syntax and security properties of garbled circuits. We define a generalization of garbling schemes called reactive garbling schemes. We conside...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2016 شماره
صفحات -
تاریخ انتشار 2016