Paper 2016/1069

Constant Round Maliciously Secure 2PC with Function-independent Preprocessing using LEGO

Jesper Buus Nielsen, Thomas Schneider, and Roberto Trifiletti

Abstract

Secure two-party computation (S2PC) allows two parties to compute a function on their joint inputs while leaking only the output of the function. At TCC 2009 Orlandi and Nielsen proposed the LEGO protocol for maliciously secure 2PC based on cut-and-choose of Yao's garbled circuits at the gate level and showed that this is asymptotically more efficient than on the circuit level. Since then the LEGO approach has been improved upon in several theoretical works, but never implemented. In this paper we describe further concrete improvements and provide the first implementation of a protocol from the LEGO family. Our protocol is optimized for the offline/online setting and supports function-independent preprocessing using only a constant number of rounds. We have benchmarked our prototype and find that our protocol can compete with all existing implementations and that it is often more efficient. As an example, in a LAN setting we can evaluate an AES-128 with online latency down to 1.13 ms, while if evaluating 128 AES-128 in parallel the amortized cost is 0.09 ms per AES-128. This online performance does not come at the price of offline inefficiency as we achieve comparable performance to previous, less general protocols, and significantly better if we ignore the cost of the function-independent preprocessing. Also, as our protocol has an optimal 2-round online phase it is significantly more efficient than previous protocols' when considering a high latency network.

Note: Minor changes and typo fixes throughout the paper

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Published elsewhere. The Network and Distributed System Security Symposium (NDSS) 2017
DOI
10.14722/ndss.2017.23075
Keywords
Secure Two-party ComputationImplementationLEGOXOR-Homomorphic CommitmentsSelective OT-Attack
Contact author(s)
roberto @ cs au dk
History
2016-12-09: revised
2016-11-15: received
See all versions
Short URL
https://ia.cr/2016/1069
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2016/1069,
      author = {Jesper Buus Nielsen and Thomas Schneider and Roberto Trifiletti},
      title = {Constant Round Maliciously Secure {2PC} with Function-independent Preprocessing using {LEGO}},
      howpublished = {Cryptology {ePrint} Archive, Paper 2016/1069},
      year = {2016},
      doi = {10.14722/ndss.2017.23075},
      url = {https://eprint.iacr.org/2016/1069}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.