Cryptology ePrint Archive: Report 2018/743

On the Leakage of Corrupted Garbled Circuits

Aurélien Dupin and David Pointcheval and Christophe Bidan

Abstract: Secure two-party computation provides a way for two parties to compute a function, that depends on the two parties' inputs, while keeping them private. Known since the 1980s, Yao's garbled circuits appear to be a general solution to this problem, in the semi-honest model. Decades of optimizations have made this tool a very practical solution. However, it is well known that a malicious adversary could modify a garbled circuit before submitting it. Many protocols, mostly based on cut-&-choose, have been proposed to secure Yao's garbled circuits in the presence of malicious adversaries. Nevertheless, how much an adversary can modify a circuit and make it still executable has not been studied yet. The main contribution of this paper is to prove that any modification made by an adversary is equivalent to adding/removing NOT gates arbitrarily in the original circuit, otherwise the adversary can get caught. Thereafter, we study some evaluation functions for which, even without using cut-&-choose, no adversary can gain more information about the inputs by modifying the circuit. We also give an improvement over most recent cut-&-choose solutions by requiring that different circuits of the same function are used instead of just one.

Category / Keywords: cryptographic protocols / Garbled circuits, Malicious adversaries, Corruption of garbled circuits, Cut-and-choose

Original Publication (with major differences): ProvSec 2018

Date: received 14 Aug 2018

Contact author: dupin aurelien at gmail com

Available format(s): PDF | BibTeX Citation

Version: 20180815:132541 (All versions of this report)

Short URL: ia.cr/2018/743


[ Cryptology ePrint archive ]