Paper 2024/2048

How to Compress Garbled Circuit Input Labels, Efficiently

Marian Dietz, ETH Zurich
Hanjun Li, University of Washington
Huijia Lin, University of Washington
Abstract

Garbled Circuits are essential building blocks in cryptography, and extensive research has explored their construction from both applied and theoretical perspectives. However, a challenge persists: While theoretically designed garbled circuits offer optimal succinctness--remaining constant in size regardless of the underlying circuit’s complexit--and are reusable for multiple evaluations, their concrete computational costs are prohibitively high. On the other hand, practically efficient garbled circuits, inspired by Yao’s garbled circuits, encounter limitations due to substantial communication bottlenecks and a lack of reusability. To strike a balance, we propose a novel concept: online-offline garbling. This approach leverages instance-independent and (partially) reusable preprocessing during an offline phase, to enable the creation of constant-size garbled circuits in an online phase, while maintaining practical efficiency. Specifically, during the offline stage, the garbler generates and transmits a reference string, independent of the computation to be performed later. Subsequently, in the online stage, the garbler efficiently transforms a circuit into a constant-size garbled circuit. The evaluation process relies on both the reference string and the garbled circuit. We demonstrate that by leveraging existing tools such as those introduced by Applebaum et al. (Crypto’13) and Chongwon et al. (Crypto’17), online-offline garbling can be achieved under a variety of assumptions, including the hardness of Learning With Errors (LWE), Computational Diffie-Hellman (CDH), and factoring. In contrast, without the help of an offline phase, constant-size garbling is only feasible under the LWE and circular security assumptions, or the existence of indistinguishability obfuscation. However, these schemes are still very inefficient, several orders of magnitude more costly than Yao-style garbled circuits. To address this, we propose a new online-offline garbling scheme based on Ring LWE. Our scheme offers both asymptotic and concrete efficiency. It serves as a practical alternative to Yao-style garbled circuits, especially in scenarios where online communication is constrained. Furthermore, we estimate the concrete latency using our approach in realistic settings and demonstrate that it is 2-20X faster than using Yao-style garbled circuits. This improvement is estimated without taking into account parallelization of computation, which can lead to further performance improvement using our scheme.

Metadata
Available format(s)
PDF
Category
Foundations
Publication info
Preprint.
Keywords
garbled circuitssecure computation
Contact author(s)
marian dietz @ inf ethz ch
hanjul @ cs washington edu
rachel @ cs washington edu
History
2024-12-19: approved
2024-12-19: received
See all versions
Short URL
https://ia.cr/2024/2048
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2024/2048,
      author = {Marian Dietz and Hanjun Li and Huijia Lin},
      title = {How to Compress Garbled Circuit Input Labels, Efficiently},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/2048},
      year = {2024},
      url = {https://eprint.iacr.org/2024/2048}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.