Is the Classical GMW Paradigm Practical? The Case of Non-Interactive Actively Secure 2PC
CCS '20: 2020 ACM SIGSAC Conference on Computer and Communications Security Virtual Event USA November, 2020(2020)
摘要
One of the most challenging aspects in secure computation is offering protection against active adversaries, who may arbitrarily alter the behavior of corrupted parties. A powerful paradigm due to Goldreich, Micali, and Wigderson (GMW), is to follow a two-step approach: (1) design a passively secure protocol π for the task at hand; (2) apply a general compiler to convert π into an actively secure protocol π' for the same task.
In this work, we implement the first two-party actively secure protocol whose design is based on the general GMW paradigm. Our implementation applies to a passively secure π based on garbled circuits, using a sublinear zero-knowledge proof to ensure correctness of garbling. The main variant of our protocol makes a black-box use of an underlying oblivious transfer primitive by following the "certified oblivious transfer" blueprint of Ishai et al. (Eurocrypt 2011) and Hazay et. al. (TCC 2017). We also analyze a conceptually simpler but less efficient variant that makes a non-black-box use of oblivious transfer. %that designed an efficient parallel OT in which the receiver is additionally assured that the pairs of strings transmitted satisfy a global consistency predicate.
Our protocol has several important advantages. It supports non-interactive secure computation (NISC), where a receiver posts an "encryption" of its input and gets back from a sender an "encryption" of the output. The efficiency of this NISC protocol is enhanced by using an offline non-interactive preprocessing, where the sender publishes a single garbled circuit together with a proof of correctness, while the receiver need not even be online. The online work of both the sender and the receiver is lightweight, with a small overhead compared Yao's passively secure protocol depending mostly on the input size rather than the circuit size.
更多查看译文
关键词
Secure Two-Party Computation, Garbled Circuits, Oblivious-Transfer, Zero-Knowledge
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络