Paper 2023/001

Time is money, friend! Timing Side-channel Attack against Garbled Circuit Constructions

Mohammad Hashemi, Worcester Polytechnic Institute
Domenic Forte, University of Florida
Fatemeh Ganji

With the advent of secure function evaluation (SFE), distrustful parties can jointly compute on their private inputs without disclosing anything besides the results. Yao’s garbled circuit protocol has become an integral part of secure computation thanks to considerable efforts made to make it feasible, practical, and more efficient. These efforts have resulted in multiple optimizations on this primitive to enhance its performance by orders of magnitude over the last years. The advancement in protocols has also led to the development of general-purpose compilers and tools made available to academia and industry. For decades, the security of protocols offered in those tools has been assured with regard to sound proofs and the promise that during the computation, no information on parties’ input would be leaking. In a parallel effort, however, side-channel analysis (SCA) has gained momentum in connection with the real-world implementation of cryptographic primitives. Timing side-channel attacks have proven themselves effective in retrieving secrets from implementations, even through remote access to them. Nevertheless, the vulnerability of garbled circuit frameworks to timing attacks has, surprisingly, never been discussed in the literature. This paper introduces Goblin, the first timing attack against commonly employed garbled circuit frameworks. Goblin is a machine learning-assisted, non-profiling, single-trace timing SCA, which successfully recovers the garbler’s input during the computation under different scenarios, including various GC frameworks, benchmark functions, and the number of garbler’s input bits. Furthermore, we discuss Gob- lin’s success factors and countermeasures against that. In doing so, Goblin hopefully paves the way for further research in this matter.

Available format(s)
Attacks and cryptanalysis
Publication info
Secure Function EvaluationTiming Side-channel AnalysisClusteringNon-profiling attackSingle-trace attack.
Contact author(s)
mhashemi @ wpi edu
dforte @ ece ufl edu
fganji @ wpi edu
2023-07-23: last of 6 revisions
2023-01-01: received
See all versions
Short URL
Creative Commons Attribution-NonCommercial-NoDerivs


      author = {Mohammad Hashemi and Domenic Forte and Fatemeh Ganji},
      title = {Time is money, friend! Timing Side-channel Attack against Garbled Circuit Constructions},
      howpublished = {Cryptology ePrint Archive, Paper 2023/001},
      year = {2023},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.