Paper 2012/265
Foundations of Garbled Circuits
Mihir Bellare, Viet Tung Hoang, and Phillip Rogaway
Abstract
Garbled circuits, a classical idea rooted in the work of Andrew Yao, have long been understood as a cryptographic technique, not a cryptographic goal. Here we cull out a primitive corresponding to this technique. We call it a garbling scheme. We provide a provable-security treatment for garbling schemes, endowing them with a versatile syntax and multiple security definitions. The most basic of these, privacy, suffices for two-party secure function evaluation (SFE) and private function evaluation (PFE). Starting from a PRF, we provide an efficient garbling scheme achieving privacy and we analyze its concrete security. We next consider obliviousness and authenticity, properties needed for private and verifiable outsourcing of computation. We extend our scheme to achieve these ends. We provide highly efficient blockcipher-based instantiations of both schemes. Our treatment of garbling schemes presages more efficient garbling, more rigorous analyses, and more modularly designed higher-level protocols.
Metadata
- Available format(s)
- Publication info
- Published elsewhere. Proceeding version appears in CCS 2012
- Keywords
- Garbled circuitsgarbling schemesprovable securitysecure function evaluationYao’s protocol
- Contact author(s)
- tvhoang @ ucdavis edu
- History
- 2013-06-30: last of 4 revisions
- 2012-05-17: received
- See all versions
- Short URL
- https://ia.cr/2012/265
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2012/265, author = {Mihir Bellare and Viet Tung Hoang and Phillip Rogaway}, title = {Foundations of Garbled Circuits}, howpublished = {Cryptology {ePrint} Archive, Paper 2012/265}, year = {2012}, url = {https://eprint.iacr.org/2012/265} }