Abstract
One of the most challenging aspects in secure computation is offering protection against active adversaries, who may arbitrarily alter the behavior of corrupted parties. A powerful paradigm due to Goldreich, Micali, and Wigderson (GMW), is to follow a two-step approach: (1) design a passively secure protocol pfor the task at hand; (2) apply a general compiler to convert pinto an actively secure protocol €' for the same task. In this work, we implement the first two-party actively secure protocol whose design is based on the general GMW paradigm. Our implementation applies to a passively secure pbased on garbled circuits, using a sublinear zero-knowledge proof to ensure correctness of garbling. The main variant of our protocol makes a black-box use of an underlying oblivious transfer primitive by following the "certified oblivious transfer"blueprint of Ishai et al. (Eurocrypt 2011) and Hazay et. al. (TCC 2017). We also analyze a conceptually simpler but less efficient variant that makes a non-black-box use of oblivious transfer. %that designed an efficient parallel OT in which the receiver is additionally assured that the pairs of strings transmitted satisfy a global consistency predicate. Our protocol has several important advantages. It supports non-interactive secure computation (NISC), where a receiver posts an "encryption"of its input and gets back from a sender an "encryption"of the output. The efficiency of this NISC protocol is enhanced by using an offline non-interactive preprocessing, where the sender publishes a single garbled circuit together with a proof of correctness, while the receiver need not even be online. The online work of both the sender and the receiver is lightweight, with a small overhead compared Yao's passively secure protocol depending mostly on the input size rather than the circuit size.
Original language | English |
---|---|
Title of host publication | CCS 2020 - Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security |
Publisher | Association for Computing Machinery |
Pages | 1591-1605 |
Number of pages | 15 |
ISBN (Electronic) | 9781450370899 |
DOIs | |
State | Published - 30 Oct 2020 |
Event | 27th ACM SIGSAC Conference on Computer and Communications Security, CCS 2020 - Virtual, Online, United States Duration: 9 Nov 2020 → 13 Nov 2020 |
Publication series
Name | Proceedings of the ACM Conference on Computer and Communications Security |
---|---|
ISSN (Print) | 1543-7221 |
Conference
Conference | 27th ACM SIGSAC Conference on Computer and Communications Security, CCS 2020 |
---|---|
Country/Territory | United States |
City | Virtual, Online |
Period | 9/11/20 → 13/11/20 |
Bibliographical note
Publisher Copyright:© 2020 ACM.
Funding
The second author was supported by NSF Award CNS-1618884. The third author was supported by the BIU Center for Research in Applied Cryptography and Cyber Security in conjunction with the Israel National Cyber Bureau in the Prime Minister’s Office, and by ISF grant No. 1316/18. The fourth author was supported by ERC Project NTSC (742754), NSF-BSF grant 2015782, BSF grant 2018393, ISF grant 2774/20, and a grant from the Ministry of Science and Technology, Israel and Department of Science and Technology, Government of India. The fifth author was supported by Google Faculty Research Grant, NSF Award CNS-1618884 and Intelligence Advanced Research Projects Activity (IARPA) via 2019-19-020700009. The views expressed are those of the author and do not reflect the official policy or position of Google, the Department of Defense, the National Science Foundation, or the U.S. Government.
Funders | Funder number |
---|---|
NSF-BSF | 2015782 |
NTSC | 742754 |
National Science Foundation | CNS-1618884 |
Bonfils-Stanton Foundation | 2018393, 2774/20 |
Intelligence Advanced Research Projects Activity | 2019-19-020700009 |
Engineering Research Centers | |
Department of Science and Technology, Ministry of Science and Technology, India | |
Israel Science Foundation | 1316/18 |
Keywords
- garbled circuits
- oblivious-transfer
- secure two-party computation
- zero-knowledge