eprint.iacr.org will be offline for approximately an hour for routine maintenance again at 10pm UTC on Wednesday, April 17.

Paper 2010/365

TASTY: Tool for Automating Secure Two-partY computations

Wilko Henecka, Stefan Kögl, Ahmad-Reza Sadeghi, Thomas Schneider, and Immo Wehrenberg


Secure two-party computation allows two untrusting parties to jointly compute an arbitrary function on their respective private inputs while revealing no information beyond the outcome. Existing cryptographic compilers can automatically generate secure computation protocols from high-level specifications, but are often limited in their use and efficiency of generated protocols as they are based on either garbled circuits or (additively) homomorphic encryption only. In this paper we present TASTY, a novel tool for automating, i.e., describing, generating, executing, benchmarking, and comparing, efficient secure two-party computation protocols. TASTY is a new compiler that can generate protocols based on homomorphic encryption and efficient garbled circuits as well as combinations of both, which often yields the most efficient protocols available today. The user provides a high-level description of the computations to be performed on encrypted data in a domain-specific language. This is automatically transformed into a protocol. TASTY provides most recent techniques and optimizations for practical secure two-party computation with low online latency. Moreover, it allows to efficiently evaluate circuits generated by the well-known Fairplay compiler. We use TASTY to compare protocols for secure multiplication based on homomorphic encryption with those based on garbled circuits and highly efficient Karatsuba multiplication. Further, we show how TASTY improves the online latency for securely evaluating the AES functionality by an order of magnitude compared to previous software implementations. TASTY allows to automatically generate efficient secure protocols for many privacy-preserving applications where we consider the use cases for private set intersection and face recognition protocols.

Note: fixed typo and updated reference

Available format(s)
Cryptographic protocols
Publication info
Published elsewhere. Full version of ACM CCS 2010 paper.
Contact author(s)
thomas schneider @ ec-spride de
2014-02-12: last of 3 revisions
2010-06-25: received
See all versions
Short URL
Creative Commons Attribution


      author = {Wilko Henecka and Stefan Kögl and Ahmad-Reza Sadeghi and Thomas Schneider and Immo Wehrenberg},
      title = {TASTY: Tool for Automating Secure Two-partY computations},
      howpublished = {Cryptology ePrint Archive, Paper 2010/365},
      year = {2010},
      note = {\url{https://eprint.iacr.org/2010/365}},
      url = {https://eprint.iacr.org/2010/365}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.