Highly Efficient Actively Secure Two-Party Computation with One-Bit Advantage Bound

Yi Liu; Junzuo Lai; Peng Yang; Anjia Yang; Qi Wang; Siu-Ming Yiu; Jian Weng

Paper 2025/614

Highly Efficient Actively Secure Two-Party Computation with One-Bit Advantage Bound

Yi Liu

, Jinan University

Junzuo Lai

, Jinan University

Peng Yang

, University of Hong Kong

Anjia Yang

, Jinan University

Qi Wang

, Southern University of Science and Technology

Siu-Ming Yiu

, University of Hong Kong

Jian Weng

, Jinan University

Abstract

Secure two-party computation (2PC) enables two parties to jointly evaluate a function while maintaining input privacy. Despite recent significant progress, a notable efficiency gap remains between actively secure and passively secure protocols. In S\&P'12, Huang, Katz, and Evans formalized the notion of \emph{active security with one-bit leakage}, providing a promising approach to bridging this gap. Protocols derived from this notion have become foundational in designing highly efficient actively secure 2PC protocols. However, a critical challenge identified by Huang, Katz, and Evans remains unexplored: these protocols face significant weaknesses in ensuring fairness for honest parties when employed in standalone settings rather than as components within larger protocols. While the authors proposed two potential solutions to mitigate this issue, both approaches are prohibitively expensive and lack formalization of security guarantees. In this paper, we first formally define an enhanced notion called \emph{active security with one-bit-advantage bound}, in which the adversaries' advantages are strictly bounded to at most one bit beyond what honest parties obtain. This bound is enforced through a \emph{progressive revelation} mechanism, where the evaluation result is disclosed incrementally bit by bit. In addition, we propose a novel approach leveraging label structures within garbled circuits to design a highly efficient constant-round 2PC protocol that achieves active security with one-bit advantage bound. Our protocol demonstrates \emph{runtime performance nearly identical to that of passively secure garbled-circuit counterparts} in duplex networks (\eg for the {\tt SHA256} circuit in LAN), with \emph{low overhead} for output progressive revelation (only communicated bytes per bit release). With its strengthened security guarantees and minimal overhead, our protocol is highly suitable for practical 2PC applications.

Metadata

Available format(s): PDF
Category: Cryptographic protocols
Publication info: Published elsewhere. Minor revision. IEEE S&P 2025
Keywords: Dual execution Fairness Garbled circuits One-bit advantage bound Secure two-party computation
Contact author(s): liuyi @ jnu edu cn
laijunzuo @ gmail com
stuyangpeng @ gmail com
anjiayang @ gmail com
wangqi @ sustech edu cn
smyiu @ cs hku hk
cryptjweng @ gmail com
History: 2025-04-11: approved; 2025-04-04: received; See all versions
Short URL: https://ia.cr/2025/614
License: CC BY

BibTeX

@misc{cryptoeprint:2025/614,
      author = {Yi Liu and Junzuo Lai and Peng Yang and Anjia Yang and Qi Wang and Siu-Ming Yiu and Jian Weng},
      title = {Highly Efficient Actively Secure Two-Party Computation with One-Bit Advantage Bound},
      howpublished = {Cryptology {ePrint} Archive, Paper 2025/614},
      year = {2025},
      url = {https://eprint.iacr.org/2025/614}
}