Secure two-party computations in ANSI C

Holzer, Andreas; Franz, Martin; Katzenbeisser, Stefan; Veith, Helmut

doi:10.1145/2382196.2382278

Cited by 104 publications

(126 citation statements)

References 35 publications

Supporting

Mentioning

126

Contrasting

Order By: Relevance

“…Holzer et al [39] present a compiler that uses the bounded modelchecker CBMC to translate ANSI C programs into Boolean circuits. The circuits can be used as inputs to the secure computation framework of Huang et al [40].…”

Section: Engineering Of Mpc Protocolsmentioning

confidence: 99%

A Fast and Verified Software Stack for Secure Function Evaluation

Almeida

Barbosa

Barthe

et al. 2017

Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security

View full text Add to dashboard Cite

We present a high-assurance software stack for secure function evaluation (SFE). Our stack consists of three components: i. a verified compiler (CircGen) that translates C programs into Boolean circuits; ii. a verified implementation of Yao's SFE protocol based on garbled circuits and oblivious transfer; and iii. transparent application integration and communications via FRESCO, an open-source framework for secure multiparty computation (MPC). CircGen is a general purpose tool that builds on CompCert, a verified optimizing compiler for C. It can be used in arbitrary Boolean circuit-based cryptography deployments. The security of our SFE protocol implementation is formally verified using EasyCrypt, a tool-assisted framework for building high-confidence cryptographic proofs, and it leverages a new formalization of garbled circuits based on the framework of Bellare, Hoang, and Rogaway (CCS 2012). We conduct a practical evaluation of our approach, and conclude that it is competitive with state-of-the-art (unverified) approaches. Our work provides concrete evidence of the feasibility of building efficient, verified, implementations of higher-level cryptographic systems. All our development is publicly available.

show abstract

Section: Engineering Of Mpc Protocolsmentioning

confidence: 99%

A Fast and Verified Software Stack for Secure Function Evaluation

Almeida

Barbosa

Barthe

et al. 2017

Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security

View full text Add to dashboard Cite

show abstract

“…Frameworks for secure two-party computation are either based on garbled circuits (e.g., Fairplay [4,39], FastGC [24], VMCrypt [38], and CBMC-GC [21]) or homomorphic encryption (e.g., VIFF [12]). The L1 framework [55] allows to describe secure computation protocols that employ both techniques, garbled circuits and homomorphic encryption.…”

Section: Related Workmentioning

confidence: 99%

“…For his outputs, he is given a mapping that allows him to decrypt the output keys into plain output values. For Yao's garbled circuits protocol we use the following optimizations and instantiations that are implemented in FastGC [24] (which is used in many recent works such as [22,23,21,45,46]) and VMCrypt [38]: For OT we use OT extensions of [26] with the OT protocol of [42] for the base OTs. For garbled circuits we use free XOR gates [34], garbled row reduction [43,51], and pipelining [24].…”

Section: Garbled Circuitsmentioning

confidence: 99%

“…A number of protocols compete for the best performance in this model. Recently, the garbled circuit implementation FastGC [24] has been used in several privacy-preserving applications, including [22,23,21,45,46], but still garbled circuits have some inherent limitations, e.g., due to the large circuit size of some functionalities such as multiplication. In this paper we propose a different approach.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Automatic Protocol Selection in Secure Two-Party Computations

Kerschbaum

Schneider

Schröpfer

2014

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. Performance of secure computation is still often an obstacle to its practical adaption. There are different protocols for secure computation that compete for the best performance. In this paper we propose automatic protocol selection which selects a protocol for each operation resulting in a mix with the best performance so far. Based on an elaborate performance model, we propose an optimization algorithm and an efficient heuristic for this selection problem. We show that our mixed protocols achieve the best performance on a set of use cases. Furthermore, our results underpin that the selection problem is so complicated and large in size, that a programmer is unlikely to manually make the optimal selection. Our proposed algorithms nevertheless can be integrated into a compiler in order to yield the best (or near-optimal) performance.

show abstract

“…Indeed, many held the opinion that secure computation will never be practical since carrying out cryptographic operations for every gate in a circuit computing the function (which is the way many protocols work) will never be fast enough to be of use. Due to many works that pushed secure computation further towards practical applications, e.g., [6,7,10,15,17,25,28,35,[41][42][43]50,57], this conjecture has proven to be wrong and it is possible to carry out secure computation of complex functions at speeds that five years ago would have been unconceivable. For example, in FastGC [28] it was shown that AES can be securely computed with 0.2 seconds of preprocessing time and just 0.008 seconds of online computation.…”

Section: Introductionmentioning

confidence: 99%

More efficient oblivious transfer and extensions for faster secure computation

Asharov

Lindell

Schneider

et al. 2013

Proceedings of the 2013 ACM SIGSAC Conference on Computer &Amp; Communications Security - CCS '13

304

340

View full text Add to dashboard Cite

Abstract. Protocols for secure computation enable parties to compute a joint function on their private inputs without revealing anything but the result. A foundation for secure computation is oblivious transfer (OT), which traditionally requires expensive public key cryptography. A more efficient way to perform many OTs is to extend a small number of base OTs using OT extensions based on symmetric cryptography. In this work we present optimizations and efficient implementations of OT and OT extensions in the semi-honest model. We propose a novel OT protocol with security in the standard model and improve OT extensions with respect to communication complexity, computation complexity, and scalability. We also provide specific optimizations of OT extensions that are tailored to the secure computation protocols of Yao and GoldreichMicali-Wigderson and reduce the communication complexity even further. We experimentally verify the efficiency gains of our protocols and optimizations. By applying our implementation to current secure computation frameworks, we can securely compute a Levenshtein distance circuit with 1.29 billion AND gates at a rate of 1.2 million AND gates per second. Moreover, we demonstrate the importance of correctly implementing OT within secure computation protocols by presenting an attack on the FastGC framework.

show abstract

Secure two-party computations in ANSI C

Cited by 104 publications

References 35 publications

A Fast and Verified Software Stack for Secure Function Evaluation

A Fast and Verified Software Stack for Secure Function Evaluation

Automatic Protocol Selection in Secure Two-Party Computations

More efficient oblivious transfer and extensions for faster secure computation

Contact Info

Product

Resources

About