Paper 2014/460
FleXOR: Flexible garbling for XOR gates that beats free-XOR
Vladimir Kolesnikov, Payman Mohassel, and Mike Rosulek
Abstract
Most implementations of Yao's garbled circuit approach for 2-party secure computation use the {\em free-XOR} optimization of Kolesnikov \& Schneider (ICALP 2008). We introduce an alternative technique called {\em flexible-XOR} (fleXOR) that generalizes free-XOR and offers several advantages. First, fleXOR can be instantiated under a weaker hardness assumption on the underlying cipher/hash function (related-key security only, compared to related-key and circular security required for free-XOR) while maintaining most of the performance improvements that free-XOR offers. Alternatively, even though XOR gates are not always ``free'' in our approach, we show that the other (non-XOR) gates can be optimized more heavily than what is possible when using free-XOR. For many circuits of cryptographic interest, this can yield a significantly (over 30\%) smaller garbled circuit than any other known techniques (including free-XOR) or their combinations.
Metadata
- Available format(s)
-
PDF
- Category
- Cryptographic protocols
- Publication info
- A major revision of an IACR publication in CRYPTO 2014
- Keywords
- garbled circuits
- Contact author(s)
- rosulekm @ eecs oregonstate edu
- History
- 2014-06-15: received
- Short URL
- https://ia.cr/2014/460
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2014/460,
author = {Vladimir Kolesnikov and Payman Mohassel and Mike Rosulek},
title = {FleXOR: Flexible garbling for XOR gates that beats free-XOR},
howpublished = {Cryptology ePrint Archive, Paper 2014/460},
year = {2014},
note = {\url{https://eprint.iacr.org/2014/460}},
url = {https://eprint.iacr.org/2014/460}
}
