TY - GEN
T1 - Secure arithmetic computation with constant computational overhead
AU - Applebaum, Benny
AU - Damgård, Ivan
AU - Ishai, Yuval
AU - Nielsen, Michael
AU - Zichron, Lior
N1 - Publisher Copyright:
© International Association for Cryptologic Research 2017.
PY - 2017
Y1 - 2017
N2 - We study the complexity of securely evaluating an arithmetic circuit over a finite field ð�”½ in the setting of secure two-party computation with semi-honest adversaries. In all existing protocols, the number of arithmetic operations per multiplication gate grows either linearly with log |ð�”½| or polylogarithmically with the security parameter. We present the first protocol that only makes a constant (amortized) number of field operations per gate. The protocol uses the underlying field ð�”½ as a black box, and its security is based on arithmetic analogues of well-studied cryptographic assumptions. Our protocol is particularly appealing in the special case of securely evaluating a “vector-OLE” function of the form ax+b, where x ∈ ð�”½ is the input of one party and a, b ∈ ð�”½w are the inputs of the other party. In this case, which is motivated by natural applications, our protocol can achieve an asymptotic rate of 1/3 (i.e., the communication is dominated by sending roughly 3w elements of ð�”½). Our implementation of this protocol suggests that it outperforms competing approaches even for relatively small fields ð�”½ and over fast networks. Our technical approach employs two new ingredients that may be of independent interest. First, we present a general way to combine any linear code that has a fast encoder and a cryptographic (“LPN-style”) pseudorandomness property with another linear code that supports fast encoding and erasure-decoding, obtaining a code that inherits both the pseudorandomness feature of the former code and the efficiency features of the latter code. Second, we employ local arithmetic pseudo-random generators, proposing arithmetic generalizations of boolean candidates that resist all known attacks.
AB - We study the complexity of securely evaluating an arithmetic circuit over a finite field ð�”½ in the setting of secure two-party computation with semi-honest adversaries. In all existing protocols, the number of arithmetic operations per multiplication gate grows either linearly with log |ð�”½| or polylogarithmically with the security parameter. We present the first protocol that only makes a constant (amortized) number of field operations per gate. The protocol uses the underlying field ð�”½ as a black box, and its security is based on arithmetic analogues of well-studied cryptographic assumptions. Our protocol is particularly appealing in the special case of securely evaluating a “vector-OLE” function of the form ax+b, where x ∈ ð�”½ is the input of one party and a, b ∈ ð�”½w are the inputs of the other party. In this case, which is motivated by natural applications, our protocol can achieve an asymptotic rate of 1/3 (i.e., the communication is dominated by sending roughly 3w elements of ð�”½). Our implementation of this protocol suggests that it outperforms competing approaches even for relatively small fields ð�”½ and over fast networks. Our technical approach employs two new ingredients that may be of independent interest. First, we present a general way to combine any linear code that has a fast encoder and a cryptographic (“LPN-style”) pseudorandomness property with another linear code that supports fast encoding and erasure-decoding, obtaining a code that inherits both the pseudorandomness feature of the former code and the efficiency features of the latter code. Second, we employ local arithmetic pseudo-random generators, proposing arithmetic generalizations of boolean candidates that resist all known attacks.
UR - http://www.scopus.com/inward/record.url?scp=85028465736&partnerID=8YFLogxK
U2 - 10.1007/978-3-319-63688-7_8
DO - 10.1007/978-3-319-63688-7_8
M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???
AN - SCOPUS:85028465736
SN - 9783319636870
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 223
EP - 254
BT - Advances in Cryptology – CRYPTO 2017 - 37th Annual International Cryptology Conference, Proceedings
A2 - Shacham, Hovav
A2 - Katz, Jonathan
PB - Springer Verlag
T2 - 37th Annual International Cryptology Conference, CRYPTO 2017
Y2 - 20 August 2017 through 24 August 2017
ER -