[PDF] Top 20 Cut-and-Choose Bilateral Oblivious Transfer and Its Application in Secure Two-party Computation

... malicious party in Yan’s protocol can successfully cheat only if they generate exactly κ − c fake garbled circuits and none of them is checked by the other ... See full document

... Secure two-party computation (2PC) is a very powerful tool that allows two participants to compute any function of their private inputs without revealing any information about the ... See full document

... multiparty computation (MPC) [Yao82, GMW87] is an area of cryptography that deals with multiple parties who wish to compute a joint function of their private inputs such that the goals of MPC ...to choose ... See full document

... 17], secure multiparty computation (SMC) has grown from a theoretical novelty to a potentially useful and practical cryptographic ...performing secure multiparty computation in ... See full document

... allows two parties to each input a string of length τ and check if the two strings are ...one party must have cheated and the protocol will be aborted, ...of its inputs in case of ...makes ... See full document

... introduce two new schemes for securely computing Ham- ming distance in the two-party ...1-out-of-2 Oblivious Transfer, that achieves full security in the semi-honest setting and ... See full document

... to cut-and-choose called LEGO. In this approach, cut-and-choose is not done on several circuits, but rather on individual and independent garbled ...of its individual ...the ... See full document

... The notion of the local universal composability (LUC for short) was proposed by Canetti and Vald [8]. Roughly speaking, instead of setting a single adversary as in the UC framework, there can be plural local adversaries ... See full document

... specifying two-party compu- tation protocols and present the automated verification with ProVerif of an oblivious transfer protocol based on homomorphic encryption ...on oblivious ... See full document

... third party. In the active model, security is maintained even if one party is malicious, deviating from the protocol ...honest party retains privacy of its input and is ensured a correct ...a ... See full document

... adaptively secure garbled circuits in the standard model may be plugged into the second construction in order to maintain its low communication and remove the ... See full document

... if two bits entanglement with each other, if they be far a from each other even millions kilometers and upon one of we perform the measurement process, at that moment we can achieve the information of the second ... See full document

... Many algorithms recommended like Apriori algorithms. It is based upon the resistant monotone property. Due to their two main problems i.e. frequent database examine and superior computational cost, there is a need ... See full document

... the computation complexity for the party with the majority of the workload in the ...the computation (and the communication) complexity of our protocol with the circuit-based PSI approaches (which ... See full document

... Generic secure computation protocols [Yao86, GMW87], allowing evaluation of arbitrary functions, have seen tremendous performance improvements in the last ...evaluate two million AND gates per second ... See full document

... in two steps. Two parties first run a protocol whose outputs are triples that are leaky without any correctness guarantee; then a checking procedure is run to ensure ...these two steps can be ... See full document

... any two-message protocol between Alice and Bob, where Alice sends the first message and Bob sends the second, we show how to enforce that the input used by Bob to generate his message remain independent of the ... See full document

... In two lemmas we prove that this middle hybrid is indistinguishable from both real execution and ...step two we consider the case of adaptive inputs choice, thus proving the theorem ... See full document

... UC-secure oblivious transfer scheme from a collision-resistant chameleon hash scheme (CH) and a CCA encryption scheme accepting a smooth projective hash function ...UC-secure oblivious ... See full document

... the oblivious transfer ...the oblivious transfer phase, the receiver needs to communicate with at least k servers in order to obtain the desired secret, where k < ... See full document