Paper 2009/314

Secure Two-Party Computation is Practical

B. Pinkas
T. Schneider
N. P. Smart
S. Williams

Secure multi-party computation has been considered by the cryptographic community for a number of years. Until recently it has been a purely theoretical area, with few implementations with which to test various ideas. This has led to a number of optimisations being proposed which are quite restricted in their application. In this paper we describe an implementation of the two-party case, using Yao’s garbled circuits, and present various algorithmic protocol improvements. These optimisations are analysed both theoretically and empirically, using experiments of various adversarial situations. Our experimental data is provided for reasonably large circuits, including one which performs an AES encryption, a problem which we discuss in the context of various possible applications.

Available format(s)
Cryptographic protocols
Publication info
A major revision of an IACR publication in ASIACRYPT 2009
MPCGarbled Circuit
Contact author(s)
benny @ pinkas net
schneider @ encrypto cs tu-darmstadt de
nigel smart @ kuleuven be
2023-04-11: last of 2 revisions
2009-07-01: received
See all versions
Short URL
Creative Commons Attribution


      author = {B.  Pinkas and T.  Schneider and N. P.  Smart and S.  Williams},
      title = {Secure Two-Party Computation is Practical},
      howpublished = {Cryptology ePrint Archive, Paper 2009/314},
      year = {2009},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.