Breaking the 1/λ-Rate Barrier for Arithmetic Garbling

Geoffroy Couteau; Carmit Hazay; Aditya Hegde; Naman Kumar

doi:10.1007/978-3-031-91095-1_7

Breaking the 1/λ-Rate Barrier for Arithmetic Garbling

Geoffroy Couteau, Carmit Hazay, Aditya Hegde, Naman Kumar

Bar-Ilan University - The Alexander Kofkin Faculty of Engineering

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

Garbled circuits, introduced in the seminal work of Yao (FOCS, 1986), have received considerable attention in the boolean setting due to their efficiency and application to round-efficient secure computation. In contrast, arithmetic garbling schemes have received much less scrutiny. The main efficiency measure of garbling schemes is their rate, defined as the bit size of each gate’s output divided by the size of the (amortized) garbled gate. Despite recent progress, state-of-the-art garbling schemes for arithmetic circuits suffer from important limitations: all existing schemes are either restricted to B-bounded integer arithmetic circuits (a computational model where the arithmetic is performed over Z and correctness is only guaranteed if no intermediate computation exceeds the bound B) and achieve constant rate only for very large bounds B=2^Ω⁽λ³⁾, or have a rate at most O(1/λ) otherwise, where λ denotes a security parameter. In this work, we improve this state of affairs in both settings. As our main contribution, we introduce the first arithmetic garbling scheme over modular rings Z_B with rate O(logλ/λ), breaking for the first time the 1/λ-rate barrier for modular arithmetic garbling. Our construction relies on the power-DDH assumption.As a secondary contribution, we introduce a new arithmetic garbling scheme for B-bounded integer arithmetic that achieves a constant rate for bounds B as low as 2^O(λ). Our construction relies on a new non-standard KDM-security assumption on Paillier encryption with small exponents. As our main contribution, we introduce the first arithmetic garbling scheme over modular rings Z_B with rate O(logλ/λ), breaking for the first time the 1/λ-rate barrier for modular arithmetic garbling. Our construction relies on the power-DDH assumption. As a secondary contribution, we introduce a new arithmetic garbling scheme for B-bounded integer arithmetic that achieves a constant rate for bounds B as low as 2^O(λ). Our construction relies on a new non-standard KDM-security assumption on Paillier encryption with small exponents.

Original language	English
Title of host publication	Advances in Cryptology – EUROCRYPT 2025 - 44th Annual International Conference on the Theory and Applications of Cryptographic Techniques, 2025, Proceedings
Editors	Serge Fehr, Pierre-Alain Fouque
Publisher	Springer Science and Business Media Deutschland GmbH
Pages	182-213
Number of pages	32
ISBN (Print)	9783031910944
DOIs	https://doi.org/10.1007/978-3-031-91095-1_7
State	Published - 2025
Event	44th Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2025 - Madrid, Spain Duration: 4 May 2025 → 8 May 2025

Publication series

Name	Lecture Notes in Computer Science
Volume	15606 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	44th Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2025
Country/Territory	Spain
City	Madrid
Period	4/05/25 → 8/05/25

Bibliographical note

Publisher Copyright:
© International Association for Cryptologic Research 2025.

Access to Document

10.1007/978-3-031-91095-1_7

Cite this

Couteau, G., Hazay, C., Hegde, A., & Kumar, N. (2025). Breaking the 1/λ-Rate Barrier for Arithmetic Garbling. In S. Fehr, & P.-A. Fouque (Eds.), Advances in Cryptology – EUROCRYPT 2025 - 44th Annual International Conference on the Theory and Applications of Cryptographic Techniques, 2025, Proceedings (pp. 182-213). (Lecture Notes in Computer Science; Vol. 15606 LNCS). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-3-031-91095-1_7

Couteau, Geoffroy ; Hazay, Carmit ; Hegde, Aditya et al. / Breaking the 1/λ-Rate Barrier for Arithmetic Garbling. Advances in Cryptology – EUROCRYPT 2025 - 44th Annual International Conference on the Theory and Applications of Cryptographic Techniques, 2025, Proceedings. editor / Serge Fehr ; Pierre-Alain Fouque. Springer Science and Business Media Deutschland GmbH, 2025. pp. 182-213 (Lecture Notes in Computer Science).

@inproceedings{5423548f9ebb48e4b300b4bbfa6fbffd,

title = "Breaking the 1/λ-Rate Barrier for Arithmetic Garbling",

abstract = "Garbled circuits, introduced in the seminal work of Yao (FOCS, 1986), have received considerable attention in the boolean setting due to their efficiency and application to round-efficient secure computation. In contrast, arithmetic garbling schemes have received much less scrutiny. The main efficiency measure of garbling schemes is their rate, defined as the bit size of each gate{\textquoteright}s output divided by the size of the (amortized) garbled gate. Despite recent progress, state-of-the-art garbling schemes for arithmetic circuits suffer from important limitations: all existing schemes are either restricted to B-bounded integer arithmetic circuits (a computational model where the arithmetic is performed over Z and correctness is only guaranteed if no intermediate computation exceeds the bound B) and achieve constant rate only for very large bounds B=2Ω(λ3), or have a rate at most O(1/λ) otherwise, where λ denotes a security parameter. In this work, we improve this state of affairs in both settings. As our main contribution, we introduce the first arithmetic garbling scheme over modular rings ZB with rate O(logλ/λ), breaking for the first time the 1/λ-rate barrier for modular arithmetic garbling. Our construction relies on the power-DDH assumption.As a secondary contribution, we introduce a new arithmetic garbling scheme for B-bounded integer arithmetic that achieves a constant rate for bounds B as low as 2O(λ). Our construction relies on a new non-standard KDM-security assumption on Paillier encryption with small exponents. As our main contribution, we introduce the first arithmetic garbling scheme over modular rings ZB with rate O(logλ/λ), breaking for the first time the 1/λ-rate barrier for modular arithmetic garbling. Our construction relies on the power-DDH assumption. As a secondary contribution, we introduce a new arithmetic garbling scheme for B-bounded integer arithmetic that achieves a constant rate for bounds B as low as 2O(λ). Our construction relies on a new non-standard KDM-security assumption on Paillier encryption with small exponents.",

author = "Geoffroy Couteau and Carmit Hazay and Aditya Hegde and Naman Kumar",

note = "Publisher Copyright: {\textcopyright} International Association for Cryptologic Research 2025.; 44th Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2025 ; Conference date: 04-05-2025 Through 08-05-2025",

year = "2025",

doi = "10.1007/978-3-031-91095-1_7",

language = "אנגלית",

isbn = "9783031910944",

series = "Lecture Notes in Computer Science",

publisher = "Springer Science and Business Media Deutschland GmbH",

pages = "182--213",

editor = "Serge Fehr and Pierre-Alain Fouque",

booktitle = "Advances in Cryptology – EUROCRYPT 2025 - 44th Annual International Conference on the Theory and Applications of Cryptographic Techniques, 2025, Proceedings",

address = "גרמניה",

}

Couteau, G, Hazay, C, Hegde, A & Kumar, N 2025, Breaking the 1/λ-Rate Barrier for Arithmetic Garbling. in S Fehr & P-A Fouque (eds), Advances in Cryptology – EUROCRYPT 2025 - 44th Annual International Conference on the Theory and Applications of Cryptographic Techniques, 2025, Proceedings. Lecture Notes in Computer Science, vol. 15606 LNCS, Springer Science and Business Media Deutschland GmbH, pp. 182-213, 44th Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2025, Madrid, Spain, 4/05/25. https://doi.org/10.1007/978-3-031-91095-1_7

Breaking the 1/λ-Rate Barrier for Arithmetic Garbling. / Couteau, Geoffroy; Hazay, Carmit; Hegde, Aditya et al.
Advances in Cryptology – EUROCRYPT 2025 - 44th Annual International Conference on the Theory and Applications of Cryptographic Techniques, 2025, Proceedings. ed. / Serge Fehr; Pierre-Alain Fouque. Springer Science and Business Media Deutschland GmbH, 2025. p. 182-213 (Lecture Notes in Computer Science; Vol. 15606 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Breaking the 1/λ-Rate Barrier for Arithmetic Garbling

AU - Couteau, Geoffroy

AU - Hazay, Carmit

AU - Hegde, Aditya

AU - Kumar, Naman

N1 - Publisher Copyright: © International Association for Cryptologic Research 2025.

PY - 2025

Y1 - 2025

N2 - Garbled circuits, introduced in the seminal work of Yao (FOCS, 1986), have received considerable attention in the boolean setting due to their efficiency and application to round-efficient secure computation. In contrast, arithmetic garbling schemes have received much less scrutiny. The main efficiency measure of garbling schemes is their rate, defined as the bit size of each gate’s output divided by the size of the (amortized) garbled gate. Despite recent progress, state-of-the-art garbling schemes for arithmetic circuits suffer from important limitations: all existing schemes are either restricted to B-bounded integer arithmetic circuits (a computational model where the arithmetic is performed over Z and correctness is only guaranteed if no intermediate computation exceeds the bound B) and achieve constant rate only for very large bounds B=2Ω(λ3), or have a rate at most O(1/λ) otherwise, where λ denotes a security parameter. In this work, we improve this state of affairs in both settings. As our main contribution, we introduce the first arithmetic garbling scheme over modular rings ZB with rate O(logλ/λ), breaking for the first time the 1/λ-rate barrier for modular arithmetic garbling. Our construction relies on the power-DDH assumption.As a secondary contribution, we introduce a new arithmetic garbling scheme for B-bounded integer arithmetic that achieves a constant rate for bounds B as low as 2O(λ). Our construction relies on a new non-standard KDM-security assumption on Paillier encryption with small exponents. As our main contribution, we introduce the first arithmetic garbling scheme over modular rings ZB with rate O(logλ/λ), breaking for the first time the 1/λ-rate barrier for modular arithmetic garbling. Our construction relies on the power-DDH assumption. As a secondary contribution, we introduce a new arithmetic garbling scheme for B-bounded integer arithmetic that achieves a constant rate for bounds B as low as 2O(λ). Our construction relies on a new non-standard KDM-security assumption on Paillier encryption with small exponents.

AB - Garbled circuits, introduced in the seminal work of Yao (FOCS, 1986), have received considerable attention in the boolean setting due to their efficiency and application to round-efficient secure computation. In contrast, arithmetic garbling schemes have received much less scrutiny. The main efficiency measure of garbling schemes is their rate, defined as the bit size of each gate’s output divided by the size of the (amortized) garbled gate. Despite recent progress, state-of-the-art garbling schemes for arithmetic circuits suffer from important limitations: all existing schemes are either restricted to B-bounded integer arithmetic circuits (a computational model where the arithmetic is performed over Z and correctness is only guaranteed if no intermediate computation exceeds the bound B) and achieve constant rate only for very large bounds B=2Ω(λ3), or have a rate at most O(1/λ) otherwise, where λ denotes a security parameter. In this work, we improve this state of affairs in both settings. As our main contribution, we introduce the first arithmetic garbling scheme over modular rings ZB with rate O(logλ/λ), breaking for the first time the 1/λ-rate barrier for modular arithmetic garbling. Our construction relies on the power-DDH assumption.As a secondary contribution, we introduce a new arithmetic garbling scheme for B-bounded integer arithmetic that achieves a constant rate for bounds B as low as 2O(λ). Our construction relies on a new non-standard KDM-security assumption on Paillier encryption with small exponents. As our main contribution, we introduce the first arithmetic garbling scheme over modular rings ZB with rate O(logλ/λ), breaking for the first time the 1/λ-rate barrier for modular arithmetic garbling. Our construction relies on the power-DDH assumption. As a secondary contribution, we introduce a new arithmetic garbling scheme for B-bounded integer arithmetic that achieves a constant rate for bounds B as low as 2O(λ). Our construction relies on a new non-standard KDM-security assumption on Paillier encryption with small exponents.

UR - http://www.scopus.com/inward/record.url?scp=105004253146&partnerID=8YFLogxK

U2 - 10.1007/978-3-031-91095-1_7

DO - 10.1007/978-3-031-91095-1_7

M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???

AN - SCOPUS:105004253146

SN - 9783031910944

T3 - Lecture Notes in Computer Science

SP - 182

EP - 213

BT - Advances in Cryptology – EUROCRYPT 2025 - 44th Annual International Conference on the Theory and Applications of Cryptographic Techniques, 2025, Proceedings

A2 - Fehr, Serge

A2 - Fouque, Pierre-Alain

PB - Springer Science and Business Media Deutschland GmbH

T2 - 44th Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2025

Y2 - 4 May 2025 through 8 May 2025

ER -

Couteau G, Hazay C, Hegde A, Kumar N. Breaking the 1/λ-Rate Barrier for Arithmetic Garbling. In Fehr S, Fouque PA, editors, Advances in Cryptology – EUROCRYPT 2025 - 44th Annual International Conference on the Theory and Applications of Cryptographic Techniques, 2025, Proceedings. Springer Science and Business Media Deutschland GmbH. 2025. p. 182-213. (Lecture Notes in Computer Science). doi: 10.1007/978-3-031-91095-1_7