Breaking and Fixing Garbled Circuits When a Gate has Duplicate Input Wires

Garbled circuits are a fundamental cryptographic primitive that allows two or more parties to securely evaluate an arbitrary Boolean circuit without revealing any information beyond the output using a constant number of communication rounds. Garbled circuits have been introduced by Yao (FOCS’86) and...

Celý popis

Uložené v:

Podrobná bibliografia
Vydané v:	Journal of cryptology Ročník 36; číslo 4; s. 34
Hlavní autori:	Nieminen, Raine, Schneider, Thomas
Médium:	Journal Article
Jazyk:	English
Vydavateľské údaje:	New York Springer US 01.10.2023 Springer Nature B.V
Predmet:	Boolean Candidates Circuits Coding and Information Theory Combinatorics Communications Engineering Computational Mathematics and Numerical Analysis Computer Science Computing on Encrypted Data Decoupling Encryption Gates (circuits) Networks Privacy Probability Theory and Stochastic Processes Pseudorandom Research Article Wire Secure multi-party computation Garbled circuits Vulnerability Garbling schemes Attack Circuits
ISSN:	0933-2790, 1432-1378
On-line prístup:	Získať plný text
Tagy:	Pridať tag Žiadne tagy, Buďte prvý, kto otaguje tento záznam!

Abstract	Garbled circuits are a fundamental cryptographic primitive that allows two or more parties to securely evaluate an arbitrary Boolean circuit without revealing any information beyond the output using a constant number of communication rounds. Garbled circuits have been introduced by Yao (FOCS’86) and generalized to the multi-party setting by Beaver, Micali and Rogaway (STOC’90). Since then, several works have improved their efficiency by providing different garbling schemes and several implementations exist. Starting with the seminal Fairplay compiler (USENIX Security’04), several implementation frameworks decoupled the task of compiling the function to be evaluated into a Boolean circuit from the engine that securely evaluates that circuit, e.g., using a secure two-party computation protocol based on garbled circuits. In this paper, we show that this decoupling of circuit generation and evaluation allows a subtle attack on several prominent garbling schemes. It occurs when violating the implicit assumption on the circuit that gates have different input wires which is most often not explicitly specified in the respective papers. The affected garbling schemes use separate calls to a deterministic encryption function for the left and right input wire of a gate to derive pseudo-random encryption pads that are XORed together. When a circuit contains a gate where the left and right input wire are the same, these two per-wire encryption pads cancel out and we demonstrate that this can result in a complete break of privacy. We show how the vulnerable garbling schemes can be fixed easily.
AbstractList	Garbled circuits are a fundamental cryptographic primitive that allows two or more parties to securely evaluate an arbitrary Boolean circuit without revealing any information beyond the output using a constant number of communication rounds. Garbled circuits have been introduced by Yao (FOCS’86) and generalized to the multi-party setting by Beaver, Micali and Rogaway (STOC’90). Since then, several works have improved their efficiency by providing different garbling schemes and several implementations exist. Starting with the seminal Fairplay compiler (USENIX Security’04), several implementation frameworks decoupled the task of compiling the function to be evaluated into a Boolean circuit from the engine that securely evaluates that circuit, e.g., using a secure two-party computation protocol based on garbled circuits. In this paper, we show that this decoupling of circuit generation and evaluation allows a subtle attack on several prominent garbling schemes. It occurs when violating the implicit assumption on the circuit that gates have different input wires which is most often not explicitly specified in the respective papers. The affected garbling schemes use separate calls to a deterministic encryption function for the left and right input wire of a gate to derive pseudo-random encryption pads that are XORed together. When a circuit contains a gate where the left and right input wire are the same, these two per-wire encryption pads cancel out and we demonstrate that this can result in a complete break of privacy. We show how the vulnerable garbling schemes can be fixed easily. Garbled circuits are a fundamental cryptographic primitive that allows two or more parties to securely evaluate an arbitrary Boolean circuit without revealing any information beyond the output using a constant number of communication rounds. Garbled circuits have been introduced by Yao (FOCS’86) and generalized to the multi-party setting by Beaver, Micali and Rogaway (STOC’90). Since then, several works have improved their efficiency by providing different garbling schemes and several implementations exist. Starting with the seminal Fairplay compiler (USENIX Security’04), several implementation frameworks decoupled the task of compiling the function to be evaluated into a Boolean circuit from the engine that securely evaluates that circuit, e.g., using a secure two-party computation protocol based on garbled circuits. In this paper, we show that this decoupling of circuit generation and evaluation allows a subtle attack on several prominent garbling schemes. It occurs when violating the implicit assumption on the circuit that gates have different input wires which is most often not explicitly specified in the respective papers. The affected garbling schemes use separate calls to a deterministic encryption function for the left and right input wire of a gate to derive pseudo-random encryption pads that are XORed together. When a circuit contains a gate where the left and right input wire are the same, these two per-wire encryption pads cancel out and we demonstrate that this can result in a complete break of privacy. We show how the vulnerable garbling schemes can be fixed easily.
ArticleNumber	34
Author	Schneider, Thomas Nieminen, Raine
Author_xml	– sequence: 1 givenname: Raine surname: Nieminen fullname: Nieminen, Raine email: nieminen@encrypto.cs.tu-darmstadt.de organization: Technical University of Darmstadt – sequence: 2 givenname: Thomas surname: Schneider fullname: Schneider, Thomas organization: Technical University of Darmstadt
BookMark	eNp9kMtOwzAQRS1UJNrCD7CyxDrgV-JkCYWWokpsQF1ajjNpXYITbEeCvyelSEgsuprXPTOjO0Ej1zpA6JKSa0qIvAmEUJEmhPGEFEKyRJygMRWcJZTLfITGpOA8YbIgZ2gSwm6Qy1TyMXq686DfrNtg7So8t5_7dKF92UCFZ9ab3saA11twWA_9CHirA77vu8aafbV0XR_x2noI5-i01k2Ai984Ra_zh5fZY7J6Xixnt6vE8IzHpDJZXhoBJdCSQMo51bmBqsyEznkFoiYpJXUBwxAyVtZGSKoLycqcMpHlFZ-iq8PezrcfPYSodm3v3XBScZYKIUmR0kGVH1TGtyF4qJWxUUfbuui1bRQlau-cOjinBufUj3NKDCj7h3bevmv_dRziBygMYrcB__fVEeobGhuB3w
CitedBy_id	crossref_primary_10_1109_TIFS_2024_3402145
Cites_doi	10.1145/2810103.2813619 10.1007/978-3-662-46803-6_8 10.1145/100216.100287 10.1109/SP.2013.39 10.1007/978-3-642-28914-9_3 10.1007/s00145-008-9036-8 10.1145/28395.28420 10.1007/978-3-030-84242-0_5 10.1109/SFCS.1986.25 10.1007/978-3-642-25560-1_2 10.1007/3-540-39200-9_6 10.1007/978-3-642-39884-1_23 10.1007/978-3-642-32946-3_19 10.1109/SP.2015.32 10.1145/1866307.1866358 10.14722/ndss.2015.23113 10.1145/336992.337028 10.1109/EuroSP.2016.20 10.1109/SP.2014.48 10.1007/978-3-642-19571-6_20 10.1109/SP.2015.29 10.1007/978-3-540-85855-3_2 10.1145/2382196.2382279 10.1007/978-3-642-10366-7_15 10.1145/3243734.3243786 10.1145/3133956.3134017 10.1007/978-3-030-17138-4_5 10.1145/1455770.1455804 10.1007/978-3-319-70697-9_17 10.1007/978-3-642-54807-9_15 10.1145/2976749.2978347 10.46586/tches.v2023.i2.54-79 10.1007/978-3-540-72540-4_4 10.1007/978-3-642-14577-3_17 10.1145/2046707.2046787
ContentType	Journal Article
Copyright	The Author(s) 2023 The Author(s) 2023. This work is published under http://creativecommons.org/licenses/by/4.0/ (the “License”). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License.
Copyright_xml	– notice: The Author(s) 2023 – notice: The Author(s) 2023. This work is published under http://creativecommons.org/licenses/by/4.0/ (the “License”). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License.
DBID	C6C AAYXX CITATION 8FE 8FG ABJCF AFKRA ARAPS AZQEC BENPR BGLVJ CCPQU DWQXO GNUQQ HCIFZ JQ2 K7- L6V M7S P62 PHGZM PHGZT PKEHL PQEST PQGLB PQQKQ PQUKI PRINS PTHSS
DOI	10.1007/s00145-023-09472-4
DatabaseName	Springer Nature OA Free Journals CrossRef ProQuest SciTech Collection ProQuest Technology Collection Materials Science & Engineering Collection ProQuest Central UK/Ireland Advanced Technologies & Computer Science Collection ProQuest Central Essentials ProQuest Central Technology collection ProQuest One Community College ProQuest Central ProQuest Central Student SciTech Premium Collection ProQuest Computer Science Collection Computer Science Database ProQuest Engineering Collection Engineering Database ProQuest Advanced Technologies & Aerospace Collection ProQuest Central Premium ProQuest One Academic (New) ProQuest One Academic Middle East (New) ProQuest One Academic Eastern Edition (DO NOT USE) One Applied & Life Sciences ProQuest One Academic (retired) ProQuest One Academic UKI Edition ProQuest Central China Engineering Collection
DatabaseTitle	CrossRef Computer Science Database ProQuest Central Student Technology Collection ProQuest One Academic Middle East (New) ProQuest Advanced Technologies & Aerospace Collection ProQuest Central Essentials ProQuest Computer Science Collection SciTech Premium Collection ProQuest One Community College ProQuest Central China ProQuest Central ProQuest One Applied & Life Sciences ProQuest Engineering Collection ProQuest Central Korea ProQuest Central (New) Engineering Collection Advanced Technologies & Aerospace Collection Engineering Database ProQuest One Academic Eastern Edition ProQuest Technology Collection ProQuest SciTech Collection ProQuest One Academic UKI Edition Materials Science & Engineering Collection ProQuest One Academic ProQuest One Academic (New)
DatabaseTitleList	CrossRef Computer Science Database
Database_xml	– sequence: 1 dbid: BENPR name: ProQuest Central url: https://www.proquest.com/central sourceTypes: Aggregation Database
DeliveryMethod	fulltext_linktorsrc
Discipline	Education Computer Science
EISSN	1432-1378
ExternalDocumentID	10_1007_s00145_023_09472_4
GrantInformation_xml	– fundername: Technische Universität Darmstadt (3139)
GroupedDBID	-4Z -59 -5G -BR -EM -Y2 -~C -~X .4S .86 .DC .VR 06D 0R~ 0VY 199 1N0 1SB 203 28- 29K 2J2 2JN 2JY 2KG 2KM 2LR 2P1 2VQ 2~H 3-Y 30V 4.4 406 408 409 40D 40E 5GY 5QI 5VS 67Z 6NX 6TJ 78A 8TC 8UJ 95- 95. 95~ 96X AABHQ AACDK AAHNG AAIAL AAJBT AAJKR AANZL AAOBN AARHV AARTL AASML AATNV AATVU AAUYE AAWCG AAYIU AAYQN AAYTO AAYZH ABAKF ABBBX ABBXA ABDZT ABECU ABFTD ABFTV ABHLI ABHQN ABJNI ABJOX ABKCH ABKTR ABMNI ABMQK ABNWP ABQBU ABQSL ABSXP ABTEG ABTHY ABTKH ABTMW ABULA ABWNU ABXPI ACAOD ACBXY ACDTI ACGFS ACHSB ACHXU ACIWK ACKNC ACMDZ ACMLO ACOKC ACOMO ACPIV ACSNA ACZOJ ADHHG ADHIR ADIMF ADINQ ADKNI ADKPE ADMLS ADRFC ADTPH ADURQ ADYFF ADZKW AEBTG AEFIE AEFQL AEGAL AEGNC AEJHL AEJRE AEKMD AEMSY AENEX AEOHA AEPYU AESKC AETLH AEVLU AEXYK AFBBN AFEXP AFGCZ AFLOW AFQWF AFWTZ AFZKB AGAYW AGDGC AGGDS AGJBK AGMZJ AGQEE AGQMX AGRTI AGWIL AGWZB AGYKE AHAVH AHBYD AHKAY AHSBF AHYZX AIAKS AIGIU AIIXL AILAN AITGF AJBLW AJRNO AJZVZ ALMA_UNASSIGNED_HOLDINGS ALWAN AMKLP AMXSW AMYLF AMYQR AOCGG ARCSS ARMRJ ASPBG AVWKF AXYYD AYJHY AZFZN B-. BA0 BBWZM BDATZ BGNMA BSONS C6C CAG COF CS3 CSCUP D-I DDRTE DL5 DNIVK DPUIP DU5 EBLON EBS EDO EIOEI EIS EJD ESBYG FEDTE FERAY FFXSO FIGPU FINBP FNLPD FRRFC FSGXE FWDCC GGCAI GGRSB GJIRD GNWQR GQ6 GQ7 GQ8 GXS H13 HF~ HG5 HG6 HMJXF HQYDN HRMNR HVGLF HZ~ I-F I09 IHE IJ- IKXTQ ITM IWAJR IXC IZIGR IZQ I~X I~Z J-C J0Z JBSCW JCJTX JZLTJ KDC KOV KOW LAS LLZTM M4Y MA- N2Q N9A NB0 NDZJH NPVJJ NQJWS NU0 O9- O93 O9G O9I O9J OAM P19 P2P P9O PF0 PT4 PT5 QOK QOS R4E R89 R9I RHV RIG RNI RNS ROL RPX RSV RZK S16 S1Z S26 S27 S28 S3B SAP SCJ SCLPG SCO SDH SDM SHX SISQX SJYHP SNE SNPRN SNX SOHCF SOJ SPISZ SRMVM SSLCW STPWE SZN T13 T16 TN5 TSG TSK TSV TUC TUS U2A UG4 UOJIU UTJUX UZXMN VC2 VFIZW VXZ W23 W48 WK8 YLTOR Z45 Z7R Z7X Z81 Z83 Z88 Z8M Z8R Z8U Z8W Z92 ZMTXR ~EX AAPKM AAYXX ABBRH ABDBE ABFSG ABJCF ABRTQ ACSTC ADHKG ADKFA AEZWR AFDZB AFFHD AFHIU AFKRA AFOHR AGQPQ AHPBZ AHWEU AIXLP ARAPS ATHPR AYFIA BENPR BGLVJ CCPQU CITATION HCIFZ K7- M7S PHGZM PHGZT PQGLB PTHSS 8FE 8FG AZQEC DWQXO GNUQQ JQ2 L6V P62 PKEHL PQEST PQQKQ PQUKI PRINS
ID	FETCH-LOGICAL-c363t-dc68bc4ebe1b0e5331a8cedb64a83de4f0510f9eb0ee62bfc471a972b812468d3
IEDL.DBID	RSV
ISICitedReferencesCount	1
ISICitedReferencesURI	http://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=Summon&SrcAuth=ProQuest&DestLinkType=CitingArticles&DestApp=WOS_CPL&KeyUT=001042752500001&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D
ISSN	0933-2790
IngestDate	Sat Sep 27 04:21:54 EDT 2025 Tue Nov 18 21:45:00 EST 2025 Sat Nov 29 06:12:31 EST 2025 Fri Feb 21 02:42:36 EST 2025
IsDoiOpenAccess	true
IsOpenAccess	true
IsPeerReviewed	true
IsScholarly	true
Issue	4
Keywords	Secure multi-party computation Garbled circuits Vulnerability Garbling schemes Attack Circuits
Language	English
LinkModel	DirectLink
MergedId	FETCHMERGED-LOGICAL-c363t-dc68bc4ebe1b0e5331a8cedb64a83de4f0510f9eb0ee62bfc471a972b812468d3
Notes	ObjectType-Article-1 SourceType-Scholarly Journals-1 ObjectType-Feature-2 content type line 14
OpenAccessLink	https://link.springer.com/10.1007/s00145-023-09472-4
PQID	3254470951
PQPubID	2043756
ParticipantIDs	proquest_journals_3254470951 crossref_citationtrail_10_1007_s00145_023_09472_4 crossref_primary_10_1007_s00145_023_09472_4 springer_journals_10_1007_s00145_023_09472_4
PublicationCentury	2000
PublicationDate	20231000 2023-10-00 20231001
PublicationDateYYYYMMDD	2023-10-01
PublicationDate_xml	– month: 10 year: 2023 text: 20231000
PublicationDecade	2020
PublicationPlace	New York
PublicationPlace_xml	– name: New York
PublicationTitle	Journal of cryptology
PublicationTitleAbbrev	J Cryptol
PublicationYear	2023
Publisher	Springer US Springer Nature B.V
Publisher_xml	– name: Springer US – name: Springer Nature B.V
References	Y. Lindell, B. Pinkas, N.P. Smart, Implementing two-party computation efficiently with security against malicious adversaries, in SCN (2008) M. Kiraz, B. Schoenmakers, A protocol issue for the malicious case of Yao’s garbled circuit construction, in Information Theory in the Benelux (SITB) (2006) A. Rastogi, M.A. Hammer, M. Hicks, Wysteria: A programming language for generic, mixed-mode multiparty computations, in S &P (2014) A. Ben-Efraim, Y. Lindell, E. Omri, Efficient scalable constant-round MPC via garbled circuits, in ASIACRYPT (2017) B. Mood, L. Letaw, K. Butler, Memory-efficient garbled circuit generation for mobile devices, in FC (2012) M. Rosulek, L. Roy, Three halves make a whole? Beating the half–gates lower bound for garbled circuits, in CRYPTO (2021) B. Pinkas, Fair secure two-party computation, in EUROCRYPT (2003) S. Zahur, M. Rosulek, D. Evans, Two halves make a whole—Reducing data transfer in garbled circuits using half gates, in EUROCRYPT (2015) S.G. Choi, J. Katz, R. Kumaresan, H.-S. Zhou, On the security of the “Free-XOR” technique, in TCC (2012) Y. Lindell, B. Pinkas, An efficient protocol for secure two-party computation in the presence of malicious adversaries, in EUROCRYPT (2007) W. Henecka, S. Kögl, A. Sadeghi, T. Schneider, I. Wehrenberg, TASTY: Tool for automating secure two-party computations, in CCS (2010) B. Kreuter, A. Shelat, C. Shen, Billion-gate secure computation with malicious adversaries, in USENIX Security (2012) T. Schneider, M. Zoher, GMW vs. Yao? Efficient secure two-party computation with low depth circuits, in FC (2013) S. Zahur, D. Evans, Obliv-C: A language for extensible data-oblivious computation. Cryptology ePrint Archive 1153 (2015) D. Demmler, T. Schneider, M. Zohner, ABY—A framework for efficient mixed-protocol secure two-party computation, in NDSS (2015) N. Büscher, D. Demmler, S. Katzenbeisser, D. Kretzmer, T. Schneider, HyCC: Compilation of hybrid protocols for practical secure computation, in CCS (2018) I. Levi, C. Hazay, Garbled circuits from an SCA perspective: Free XOR can be quite expensive..., in CHES (2023) B. Mood, D. Gupta, H. Carter, K. Butler, P. Traynor, Frigate: A validated, extensible, and efficient compiler and interpreter for secure computation, in EuroS &P (2016) E.M. Songhori, S.U. Hussain, A. Sadeghi, T. Schneider, F. Koushanfar, TinyGarble: Highly compressed and scalable sequential garbled circuits, in S &P (2015) A.C. Yao, How to generate and exchange secrets, in FOCS (1986) J.B. Almeida, M. Barbosa, G. Barthe, F. Dupressoir, B. Grégoire, V. Laporte, V. Pereira, A fast and verified software stack for secure function evaluation, in CCS (2017) M. Naor, B. Pinkas, R. Sumner, Privacy preserving auctions and mechanism design, in Electronic Commerce (EC) (1999) B. Pinkas, T. Schneider, N.P. Smart, S.C. Williams, Secure two-party computation is practical, in ASIACRYPT (2009) A. Rastogi, N. Swamy, M. Hicks, Wys*: A DSL for verified secure multi-party computations, in Principles of Security and Trust (POST) (2019) V. Kolesnikov, T. Schneider, Improved garbled circuit: Free XOR gates and applications, in ICALP (2008) O. Goldreich, S. Micali, A. Wigderson, How to play ANY mental game, in STOC (1987) L. Malka, VMCrypt: Modular software architecture for scalable secure computation, in CCS (2011) C. Liu, X.S. Wang, K. Nayak, Y. Huang, E. Shi, ObliVM: A programming framework for secure computation, in S &P (2015) D. Beaver, S. Micali, P. Rogaway, The round complexity of secure protocols, in STOC (1990) M. Bellare, V.T. Hoang, S. Keelveedhi, P. Rogaway, Efficient garbling from a fixed-key blockcipher, in S &P (2013) S. Gueron, Y. Lindell, A. Nof, B. Pinkas, Fast garbling of circuits under standard assumptions, in CCS (2015) Y. Lindell, B. Pinkas, A proof of security of Yao’s protocol for two-party computation. J. Cryptol. (2009) M. Bellare, V.T. Hoang, P. Rogaway, Foundations of garbled circuits, in CCS (2012). Full version: https://ia.cr/2012/265 M. Franz, A. Holzer, S. Katzenbeisser, C. Schallhart, H. Veith, CBMC-GC: An ANSI C compiler for secure two-party computations, in Compiler Construction (CC) (2014) Y. Huang, D. Evans, J. Katz, L. Malka, Faster secure two-party computation using garbled circuits, in USENIX Security (2011) A. Ben-Efraim, Y. Lindell, E. Omri, Optimizing semi-honest secure multiparty computation for the Internet, in CCS (2016) B. Kreuter, A. Shelat, B. Mood, K. Butler, PCF: A portable circuit format for scalable two-party secure computation, in USENIX Security (2013) Y. Lindell, B. Pinkas, Secure two-party computation via cut-and-choose oblivious transfer. J. Cryptol. (2012) A. Ben-David, N. Nisan, B. Pinkas, FairplayMP: A system for secure multi-party computation, in CCS (2008) D. Malkhi, N. Nisan, B. Pinkas, Y. Sella, Fairplay—Secure two-party computation system, in USENIX Security (2004) K. Järvinen, V. Kolesnikov, A. Sadeghi, T. Schneider, Embedded SFE: Offloading server and network using hardware tokens, in FC (2010) 9472_CR27 9472_CR26 9472_CR29 9472_CR28 9472_CR23 9472_CR22 9472_CR25 9472_CR24 9472_CR41 9472_CR40 9472_CR21 9472_CR20 9472_CR8 9472_CR9 9472_CR19 9472_CR16 9472_CR38 9472_CR15 9472_CR37 9472_CR18 9472_CR17 9472_CR39 9472_CR12 9472_CR34 9472_CR11 9472_CR33 9472_CR14 9472_CR36 9472_CR13 9472_CR35 9472_CR30 9472_CR10 9472_CR32 9472_CR31 9472_CR6 9472_CR7 9472_CR4 9472_CR5 9472_CR2 9472_CR3 9472_CR1
References_xml	– reference: A. Ben-Efraim, Y. Lindell, E. Omri, Efficient scalable constant-round MPC via garbled circuits, in ASIACRYPT (2017) – reference: W. Henecka, S. Kögl, A. Sadeghi, T. Schneider, I. Wehrenberg, TASTY: Tool for automating secure two-party computations, in CCS (2010) – reference: Y. Lindell, B. Pinkas, An efficient protocol for secure two-party computation in the presence of malicious adversaries, in EUROCRYPT (2007) – reference: M. Bellare, V.T. Hoang, S. Keelveedhi, P. Rogaway, Efficient garbling from a fixed-key blockcipher, in S &P (2013) – reference: E.M. Songhori, S.U. Hussain, A. Sadeghi, T. Schneider, F. Koushanfar, TinyGarble: Highly compressed and scalable sequential garbled circuits, in S &P (2015) – reference: M. Franz, A. Holzer, S. Katzenbeisser, C. Schallhart, H. Veith, CBMC-GC: An ANSI C compiler for secure two-party computations, in Compiler Construction (CC) (2014) – reference: Y. Lindell, B. Pinkas, A proof of security of Yao’s protocol for two-party computation. J. Cryptol. (2009) – reference: B. Pinkas, T. Schneider, N.P. Smart, S.C. Williams, Secure two-party computation is practical, in ASIACRYPT (2009) – reference: A. Rastogi, N. Swamy, M. Hicks, Wys*: A DSL for verified secure multi-party computations, in Principles of Security and Trust (POST) (2019) – reference: K. Järvinen, V. Kolesnikov, A. Sadeghi, T. Schneider, Embedded SFE: Offloading server and network using hardware tokens, in FC (2010) – reference: I. Levi, C. Hazay, Garbled circuits from an SCA perspective: Free XOR can be quite expensive..., in CHES (2023) – reference: L. Malka, VMCrypt: Modular software architecture for scalable secure computation, in CCS (2011) – reference: D. Beaver, S. Micali, P. Rogaway, The round complexity of secure protocols, in STOC (1990) – reference: M. Kiraz, B. Schoenmakers, A protocol issue for the malicious case of Yao’s garbled circuit construction, in Information Theory in the Benelux (SITB) (2006) – reference: A.C. Yao, How to generate and exchange secrets, in FOCS (1986) – reference: Y. Huang, D. Evans, J. Katz, L. Malka, Faster secure two-party computation using garbled circuits, in USENIX Security (2011) – reference: N. Büscher, D. Demmler, S. Katzenbeisser, D. Kretzmer, T. Schneider, HyCC: Compilation of hybrid protocols for practical secure computation, in CCS (2018) – reference: B. Pinkas, Fair secure two-party computation, in EUROCRYPT (2003) – reference: S.G. Choi, J. Katz, R. Kumaresan, H.-S. Zhou, On the security of the “Free-XOR” technique, in TCC (2012) – reference: M. Naor, B. Pinkas, R. Sumner, Privacy preserving auctions and mechanism design, in Electronic Commerce (EC) (1999) – reference: A. Ben-Efraim, Y. Lindell, E. Omri, Optimizing semi-honest secure multiparty computation for the Internet, in CCS (2016) – reference: S. Gueron, Y. Lindell, A. Nof, B. Pinkas, Fast garbling of circuits under standard assumptions, in CCS (2015) – reference: A. Rastogi, M.A. Hammer, M. Hicks, Wysteria: A programming language for generic, mixed-mode multiparty computations, in S &P (2014) – reference: B. Kreuter, A. Shelat, C. Shen, Billion-gate secure computation with malicious adversaries, in USENIX Security (2012) – reference: Y. Lindell, B. Pinkas, N.P. Smart, Implementing two-party computation efficiently with security against malicious adversaries, in SCN (2008) – reference: S. Zahur, M. Rosulek, D. Evans, Two halves make a whole—Reducing data transfer in garbled circuits using half gates, in EUROCRYPT (2015) – reference: D. Malkhi, N. Nisan, B. Pinkas, Y. Sella, Fairplay—Secure two-party computation system, in USENIX Security (2004) – reference: D. Demmler, T. Schneider, M. Zohner, ABY—A framework for efficient mixed-protocol secure two-party computation, in NDSS (2015) – reference: B. Kreuter, A. Shelat, B. Mood, K. Butler, PCF: A portable circuit format for scalable two-party secure computation, in USENIX Security (2013) – reference: C. Liu, X.S. Wang, K. Nayak, Y. Huang, E. Shi, ObliVM: A programming framework for secure computation, in S &P (2015) – reference: J.B. Almeida, M. Barbosa, G. Barthe, F. Dupressoir, B. Grégoire, V. Laporte, V. Pereira, A fast and verified software stack for secure function evaluation, in CCS (2017) – reference: M. Rosulek, L. Roy, Three halves make a whole? Beating the half–gates lower bound for garbled circuits, in CRYPTO (2021) – reference: A. Ben-David, N. Nisan, B. Pinkas, FairplayMP: A system for secure multi-party computation, in CCS (2008) – reference: B. Mood, D. Gupta, H. Carter, K. Butler, P. Traynor, Frigate: A validated, extensible, and efficient compiler and interpreter for secure computation, in EuroS &P (2016) – reference: S. Zahur, D. Evans, Obliv-C: A language for extensible data-oblivious computation. Cryptology ePrint Archive 1153 (2015) – reference: O. Goldreich, S. Micali, A. Wigderson, How to play ANY mental game, in STOC (1987) – reference: M. Bellare, V.T. Hoang, P. Rogaway, Foundations of garbled circuits, in CCS (2012). Full version: https://ia.cr/2012/265 – reference: T. Schneider, M. Zoher, GMW vs. Yao? Efficient secure two-party computation with low depth circuits, in FC (2013) – reference: Y. Lindell, B. Pinkas, Secure two-party computation via cut-and-choose oblivious transfer. J. Cryptol. (2012) – reference: B. Mood, L. Letaw, K. Butler, Memory-efficient garbled circuit generation for mobile devices, in FC (2012) – reference: V. Kolesnikov, T. Schneider, Improved garbled circuit: Free XOR gates and applications, in ICALP (2008) – ident: 9472_CR13 doi: 10.1145/2810103.2813619 – ident: 9472_CR17 – ident: 9472_CR19 – ident: 9472_CR41 doi: 10.1007/978-3-662-46803-6_8 – ident: 9472_CR2 doi: 10.1145/100216.100287 – ident: 9472_CR3 doi: 10.1109/SP.2013.39 – ident: 9472_CR9 doi: 10.1007/978-3-642-28914-9_3 – ident: 9472_CR23 doi: 10.1007/s00145-008-9036-8 – ident: 9472_CR12 doi: 10.1145/28395.28420 – ident: 9472_CR36 doi: 10.1007/978-3-030-84242-0_5 – ident: 9472_CR39 doi: 10.1109/SFCS.1986.25 – ident: 9472_CR28 – ident: 9472_CR15 doi: 10.1007/978-3-642-25560-1_2 – ident: 9472_CR32 doi: 10.1007/3-540-39200-9_6 – ident: 9472_CR37 doi: 10.1007/978-3-642-39884-1_23 – ident: 9472_CR30 doi: 10.1007/978-3-642-32946-3_19 – ident: 9472_CR38 doi: 10.1109/SP.2015.32 – ident: 9472_CR14 doi: 10.1145/1866307.1866358 – ident: 9472_CR10 doi: 10.14722/ndss.2015.23113 – ident: 9472_CR31 doi: 10.1145/336992.337028 – ident: 9472_CR20 – ident: 9472_CR29 doi: 10.1109/EuroSP.2016.20 – ident: 9472_CR18 – ident: 9472_CR34 doi: 10.1109/SP.2014.48 – ident: 9472_CR24 doi: 10.1007/978-3-642-19571-6_20 – ident: 9472_CR26 doi: 10.1109/SP.2015.29 – ident: 9472_CR25 doi: 10.1007/978-3-540-85855-3_2 – ident: 9472_CR4 doi: 10.1145/2382196.2382279 – ident: 9472_CR33 doi: 10.1007/978-3-642-10366-7_15 – ident: 9472_CR8 doi: 10.1145/3243734.3243786 – ident: 9472_CR1 doi: 10.1145/3133956.3134017 – ident: 9472_CR35 doi: 10.1007/978-3-030-17138-4_5 – ident: 9472_CR5 doi: 10.1145/1455770.1455804 – ident: 9472_CR7 doi: 10.1007/978-3-319-70697-9_17 – ident: 9472_CR11 doi: 10.1007/978-3-642-54807-9_15 – ident: 9472_CR6 doi: 10.1145/2976749.2978347 – ident: 9472_CR21 doi: 10.46586/tches.v2023.i2.54-79 – ident: 9472_CR22 doi: 10.1007/978-3-540-72540-4_4 – ident: 9472_CR16 doi: 10.1007/978-3-642-14577-3_17 – ident: 9472_CR27 doi: 10.1145/2046707.2046787 – ident: 9472_CR40
SSID	ssj0017573
Score	2.362187
Snippet	Garbled circuits are a fundamental cryptographic primitive that allows two or more parties to securely evaluate an arbitrary Boolean circuit without revealing...
SourceID	proquest crossref springer
SourceType	Aggregation Database Enrichment Source Index Database Publisher
StartPage	34
SubjectTerms	Boolean Candidates Circuits Coding and Information Theory Combinatorics Communications Engineering Computational Mathematics and Numerical Analysis Computer Science Computing on Encrypted Data Decoupling Encryption Gates (circuits) Networks Privacy Probability Theory and Stochastic Processes Pseudorandom Research Article Wire
SummonAdditionalLinks	– databaseName: Engineering Database dbid: M7S link: http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwpV3LS8MwHA46PXjxLU6n5OBNg31kTXsSnc4HMgQf7FbSJMXC6GYf4p9vfmm2oeAu3gppQ-iXx5ff60PoRDEvdT0REUdwj1Ah9JJKZUBCmD9dR4aeEe17e2SDQTgcRk_W4FbasMrpnmg2ajkWYCM_96GWFgNCcDH5IKAaBd5VK6GxjFagSoJrQveeZ14E1m08zBHolbHIsUkzJnUO7gaQm-wTfcFhepg_D6Y52_zlIDXnTn_jvyPeROuWceLLZopsoSWVb4NYsw3s2EEPV5o4gsUc81zifvYFj7e8SEZK4l5WiDqrSqx37RxzDNY2_M5LfF03nm-F7_NJXWEIoy130Wv_5qV3R6zEAhF-4FdEiiBMBNVIuomjNPVzeSiUTALKQ18qmsKaTSOlG1XgJanQZxmPmJcALwhC6e-hVj7O1T7ClCW-JjOh6AqXcu7pjjQ7ovq66XDNQlUbudP_GwtbfxxkMEbxrHKywSTWmMQGk5i20ensm0lTfWPh250pELFdiWU8R6GNzqZQzpv_7u1gcW-HaA2U55u4vg5qVUWtjtCq-Kyysjg28_AbKKTfzA priority: 102 providerName: ProQuest
Title	Breaking and Fixing Garbled Circuits When a Gate has Duplicate Input Wires
URI	https://link.springer.com/article/10.1007/s00145-023-09472-4 https://www.proquest.com/docview/3254470951
Volume	36
WOSCitedRecordID	wos001042752500001&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D
hasFullText	1
inHoldings	1
isFullTextHit
isPrint
journalDatabaseRights	– providerCode: PRVPQU databaseName: Computer Science Database customDbUrl: eissn: 1432-1378 dateEnd: 20241214 omitProxy: false ssIdentifier: ssj0017573 issn: 0933-2790 databaseCode: K7- dateStart: 20230101 isFulltext: true titleUrlDefault: http://search.proquest.com/compscijour providerName: ProQuest – providerCode: PRVPQU databaseName: Engineering Database customDbUrl: eissn: 1432-1378 dateEnd: 20241214 omitProxy: false ssIdentifier: ssj0017573 issn: 0933-2790 databaseCode: M7S dateStart: 20230101 isFulltext: true titleUrlDefault: http://search.proquest.com providerName: ProQuest – providerCode: PRVPQU databaseName: ProQuest Central customDbUrl: eissn: 1432-1378 dateEnd: 20241214 omitProxy: false ssIdentifier: ssj0017573 issn: 0933-2790 databaseCode: BENPR dateStart: 20230101 isFulltext: true titleUrlDefault: https://www.proquest.com/central providerName: ProQuest – providerCode: PRVAVX databaseName: SpringerLink [Stanislaus State] customDbUrl: eissn: 1432-1378 dateEnd: 99991231 omitProxy: false ssIdentifier: ssj0017573 issn: 0933-2790 databaseCode: RSV dateStart: 19970101 isFulltext: true titleUrlDefault: https://link.springer.com/search?facet-content-type=%22Journal%22 providerName: Springer Nature
link	http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwnV1bS8MwFD64zQdfnE7F6Sx58E0Lvad9dHPzyhhOx95KmqZYGFXWTvz55vQ2FBX0rZDkUE5yki85lw_gVFAj0g3uqRpnhmpxLk0qCh3VxfVja6Fr5KR9s3s6HrvzuTcpk8LSKtq9cknmO3Wd7IZoHrOJTVVeSagU3ICWjdVm8I4-ndW-A2oXfmUPWcqop5WpMt_L-HwcrTHmF7doftqM2v_7zx3YLtEluSiWwy5siKQD7Yq5gZSG3EGu5jKuYw9u-xI34oM5YUlIRvE7fl6xZbAQIRnES76Ks5TITTshjOBjG3lmKblcFY5vQW4SKZxgFG26D0-j4ePgWi0ZFlRuOmamhtxxA27JidQDTUjkpzOXizBwLOaaobAiNNnIE7JROEYQcXmUMY8aAcICxw3NA2gmL4k4BGLRwJRYxuU21y3GDClIgiNL3jY1JkGo6IJeKdrnZflxZMFY-HXh5FxxvlScnyvOt7pwVo95LYpv_Nq7V82fXxpi6ptYgo0ijuzCeTVf6-afpR39rfsxbCERfRHm14NmtlyJE9jkb1mcLhVo9YfjyYMCjTuqKhhfOlXyRfsBozffbw
linkProvider	Springer Nature
linkToHtml	http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMw1V1LT9tAEB5BqAQXaAtVw3MP7Qks7PXGj0OFyiOQEiKEaMXNrHfXIlJkQuxA-VP8xs74kahIcOPAzZLtkb3z7Tx2XgDfjM8Th6vQspXkllAKt1SiPSsg_LRsHfBiaN-frt_rBVdX4fkMPNW1MJRWWcvEQlDrW0Vn5Lsu9dLyySDYG95ZNDWKoqv1CI0SFqfm8QFdtuxH5xD5-53z9tHlwYlVTRWwlOu5uaWVF8RK4Mc7sW3Q2nFkoIyOPSEDVxuREEyT0OBN4_E4USi-ZejzmFShF2gX6c7CnHCF12rA3P5R7_xiErfwW2VMO6QJaX5oV2U6RbEeeSNUDe1a6FL5uDD_q8KpffssJFtouvbSe1ujj7BY2dTsZ7kJPsGMST_TOOoqdWUZfu2jaUwxASZTzdr9v3R5LEfxwGh20B-pcT_PGOqllElG54nsRmbscFzG9g3rpMNxzihROFuB32_yK1-gkd6m5isw4ccummuBailHSMmRENp_Ah1qW6KdbZrg1PyMVNVhnQZ9DKJJb-gCAxFiICowEIkmbE_eGZb9RV59er1mfFTJmiyacr0JOzV0prdfprb6OrUtmD-5POtG3U7vdA0WOCG3yGJch0Y-GpsN-KDu83422qx2AYPrtwbVP818QHA
linkToPdf	http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwpV3JTsMwEB1BQYgLZRWFAj5wg4gsbpYjFMpWVRVL1Vvk2I6ohAJqUsTnM5OlLAIkxC2S7Uk09sTPnuUB7GvPji1bBoYphW1wKdGkYuUaPq2flql8OyftG3S9Xs8fDoP-hyz-PNq9ckkWOQ1UpSnJjp5VfDRNfCNkT5nFjoHHEw9fMgtzHE8yFNR1czuY-hG8VuFjDoixzAvMMm3mexmft6Z3vPnFRZrvPJ36_795GZZK1MmOi2WyAjM6WYV6xejASgNfJQ7nMt5jDa5OEE_SRToTiWKd0Ss9notx9KgVa4_GcjLKUoY_84QJRpdw7EGk7HRSOMQ1u0xQOKPo2nQd7jtnd-0Lo2ReMKTjOpmhpOtHkuMEW5GpERFawpdaRS4XvqM0j8mU40Bjo3btKJa4xYnAsyOCC66vnA2oJU-J3gTGvchBjOPLlrS4EDYKQtDE8RRqCgSnugFWpfRQlmXJiR3jMZwWVM4VF6LiwlxxIW_AwXTMc1GU49fezWouw9JA09Ch0mwe4csGHFZz9978s7Stv3Xfg4X-aSfsXvaut2GRuOqLSMAm1LLxRO_AvHzJRul4N1-3b0Sj59U
openUrl	ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Breaking+and+Fixing+Garbled+Circuits+When+a+Gate+has+Duplicate+Input+Wires&rft.jtitle=Journal+of+cryptology&rft.au=Nieminen%2C+Raine&rft.au=Schneider%2C+Thomas&rft.date=2023-10-01&rft.issn=0933-2790&rft.eissn=1432-1378&rft.volume=36&rft.issue=4&rft_id=info:doi/10.1007%2Fs00145-023-09472-4&rft.externalDBID=n%2Fa&rft.externalDocID=10_1007_s00145_023_09472_4
thumbnail_l	http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=0933-2790&client=summon
thumbnail_m	http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=0933-2790&client=summon
thumbnail_s	http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=0933-2790&client=summon