TY - GEN
T1 - More efficient oblivious transfer and extensions for faster secure computation
AU - Asharov, Gilad
AU - Lindell, Yehuda
AU - Schneider, Thomas
AU - Zohner, Michael
N1 - Place of conference:Berlin, Germany
PY - 2013
Y1 - 2013
N2 - Protocols for secure computation enable parties to compute a joint function on their private inputs without revealing anything but the result. A foundation for secure computation is oblivious transfer (OT), which traditionally requires expensive public key cryptography. A more efficient way to perform many OTs is to extend a small number of base OTs using OT extensions based on symmetric cryptography. In this work we present optimizations and efficient implementations of OT and OT extensions in the semi-honest model. We propose a novel OT protocol with security in the standard model and improve OT extensions with respect to communication complexity, computation complexity, and scalability. We also provide specific optimizations of OT extensions that are tailored to the secure computation protocols of Yao and Goldreich-Micali- Wigderson and reduce the communication complexity even further. We experimentally verify the efficiency gains of our protocols and optimizations. By applying our implementation to current secure computation frameworks, we can securely compute a Levenshtein distance circuit with 1.29 billion AND gates at a rate of 1.2 million AND gates per second. Moreover, we demonstrate the importance of correctly implementing OT within secure computation protocols by presenting an attack on the FastGC framework.
AB - Protocols for secure computation enable parties to compute a joint function on their private inputs without revealing anything but the result. A foundation for secure computation is oblivious transfer (OT), which traditionally requires expensive public key cryptography. A more efficient way to perform many OTs is to extend a small number of base OTs using OT extensions based on symmetric cryptography. In this work we present optimizations and efficient implementations of OT and OT extensions in the semi-honest model. We propose a novel OT protocol with security in the standard model and improve OT extensions with respect to communication complexity, computation complexity, and scalability. We also provide specific optimizations of OT extensions that are tailored to the secure computation protocols of Yao and Goldreich-Micali- Wigderson and reduce the communication complexity even further. We experimentally verify the efficiency gains of our protocols and optimizations. By applying our implementation to current secure computation frameworks, we can securely compute a Levenshtein distance circuit with 1.29 billion AND gates at a rate of 1.2 million AND gates per second. Moreover, we demonstrate the importance of correctly implementing OT within secure computation protocols by presenting an attack on the FastGC framework.
KW - oblivious transfer extensions
KW - secure computation
KW - semi-honest adversaries
UR - http://www.scopus.com/inward/record.url?scp=84889059259&partnerID=8YFLogxK
U2 - 10.1145/2508859.2516738
DO - 10.1145/2508859.2516738
M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???
AN - SCOPUS:84889059259
SN - 9781450324779
T3 - Proceedings of the ACM Conference on Computer and Communications Security
SP - 535
EP - 547
BT - CCS 2013 - Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security
T2 - 2013 ACM SIGSAC Conference on Computer and Communications Security, CCS 2013
Y2 - 4 November 2013 through 8 November 2013
ER -