Paper 2018/578

Optimizing Authenticated Garbling for Faster Secure Two-Party Computation

Jonathan Katz, Samuel Ranellucci, Mike Rosulek, and Xiao Wang


Wang et al. (CCS 2017) recently proposed a protocol for malicious secure two-party computation that represents the state-of-the- art with regard to concrete efficiency in both the single-execution and amortized settings, with or without preprocessing. We show here several optimizations of their protocol that result in a significant improvement in the overall communication and running time. Specifically: - We show how to make the “authenticated garbling” at the heart of their protocol compatible with the half-gate optimization of Zahur et al. (Eurocrypt 2015). We also show how to avoid sending an information-theoretic MAC for each garbled row. These two optimizations give up to a 2.6x improvement in communication, and make the communication of the online phase essentially equivalent to that of state-of-the-art semi-honest secure computation. - We show various optimizations to their protocol for generating AND triples that, overall, result in a 1.5x improvement in the communication and a 2x improvement in the computation for that step.

Note: Add a note that version 1 requires a higher roundtrip complexity.

Available format(s)
Cryptographic protocols
Publication info
Published by the IACR in CRYPTO 2018
secure two-party computationmalicious security
Contact author(s)
wangxiao @ cs umd edu
2018-10-11: last of 2 revisions
2018-06-06: received
See all versions
Short URL
Creative Commons Attribution


      author = {Jonathan Katz and Samuel Ranellucci and Mike Rosulek and Xiao Wang},
      title = {Optimizing Authenticated Garbling for Faster Secure Two-Party Computation},
      howpublished = {Cryptology ePrint Archive, Paper 2018/578},
      year = {2018},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.