Proceedings 2017 Network and Distributed System Security Symposium 2017
DOI: 10.14722/ndss.2017.23075
|View full text |Cite
|
Sign up to set email alerts
|

Constant Round Maliciously Secure 2PC with Function-independent Preprocessing using LEGO

Abstract: Secure two-party computation (S2PC) allows two parties to compute a function on their joint inputs while leaking only the output of the function. At TCC 2009 Orlandi and Nielsen proposed the LEGO protocol for maliciously secure 2PC based on cut-and-choose of Yao's garbled circuits at the gate level and showed that this is asymptotically more efficient than on the circuit level. Since then the LEGO approach has been improved upon in several theoretical works, but never implemented. In this paper we describe fur… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

0
13
0

Year Published

2017
2017
2019
2019

Publication Types

Select...
6
1

Relationship

1
6

Authors

Journals

citations
Cited by 37 publications
(13 citation statements)
references
References 46 publications
0
13
0
Order By: Relevance
“…We depart from any (possibly interactive) two-party additively homomorphic commitment scheme. To achieve the most efficient result, without relying on a random oracle or specific number theoretic assumptions, we consider the scheme of [18], since has been shown to be highly efficient in practice [34,35]. This scheme, along with others [11,10,9] works on commitments to vectors of m elements over some field F. For this reason we also present our results in this setting.…”
Section: High Level Ideamentioning
confidence: 99%
See 3 more Smart Citations
“…We depart from any (possibly interactive) two-party additively homomorphic commitment scheme. To achieve the most efficient result, without relying on a random oracle or specific number theoretic assumptions, we consider the scheme of [18], since has been shown to be highly efficient in practice [34,35]. This scheme, along with others [11,10,9] works on commitments to vectors of m elements over some field F. For this reason we also present our results in this setting.…”
Section: High Level Ideamentioning
confidence: 99%
“…The work on such extensions started in [21] and independently in [11]. A series of follow-up work [10,18,34,9,6] presented several improvements, both asymptotically and practically. Of these works [34] is of particular interest since it presents an implementation (based on the scheme of [18]) and showed that committing and opening 128 bit messages with s = 40 can be done in less than 0.5µs and 0.2µs respectively, in the amortized sense for a batch of 500,000 commitments.…”
Section: Related Workmentioning
confidence: 99%
See 2 more Smart Citations
“…We would like to point out, however, that our efficient circuits are generic Boolean circuits that could be evaluated with any secure computation framework and could thus be extended to more than 2 parties or even security against malicious adversaries (e.g. using [40] or [41]), with additional cost in communication and runtime.…”
Section: Benchmarks and Evaluationmentioning
confidence: 99%