[PDF] Top 20 Outsourcing Secure Two-Party Computation as a Black Box

... 17], secure multiparty computation (SMC) has grown from a theoretical novelty to a potentially useful and practical cryptographic ...performing secure multiparty computation in ... See full document

... Next, we discuss tools that expose libraries which developers can use to describe 2PC protocols. To generate efficient protocols for a functionality, the programmer must break the functionality into components and call ... See full document

... the two- party version of Fairplay, which increases the overhead by a factor of c in order to reduce the cheating probability of malicious adversaries to ...a two-party protocol se- cure ... See full document

... In [GMPP16], Garg, et al., proved a lower bound of four rounds for MPC protocols that relies on black-box simulation. Following this work, in independent works, Ananth, Choudhuri and Jain [ACJ17] and ... See full document

... every party receives its output, or the protocol aborts, in which case all honest parties learn that the protocol ...every party learns the identity of some corrupted ... See full document

... the two input 0-keys of a garbled gate are chosen at random in our protocol, while the output 0-key is computed as a function of the input ...first two codes were found in the MinT database [SS06, SS10] and ... See full document

... Execution in the Real Model. The malicious adversary may follow an arbitrary fea- sible strategy in the real model. Let f be as above and Π be as a two-party protocol for computing f . Furthermore, let A be ... See full document

... This is where A and B rely on oblivious transfer [15, 16]. An oblivious transfer protocol allows a receiver to obtain a message from a set computed by the sender such that: (i) only one message can be received and (ii) ... See full document

... Our goal is to extend the characterization of full security to this class of functions. In particular, we show how the feasibility result (Theorem 3.3) and the impossibility result (reduction from non- trivial sampling) ... See full document

... in two steps. Two parties first run a protocol whose outputs are triples that are leaky without any correctness guarantee; then a checking procedure is run to ensure ...these two steps can be ... See full document

... one party, called the creator, generates a Boolean circuit of the function f and garbles the circuit by assigning symmetric keys to the input wires of the circuit and recursively encrypting every possible output ... See full document

... al.[16]presented secure two-party protocols for various core problems in linear algebra, such as computing the determinant and minimal polynomial of a ...were secure under the assumption of ... See full document

... a party takes three different roles across the three composed execution: an evaluator, a garbler who initiate the GC generation by picking the randomness, a co-garbler who verifies the sanity of the ...in ... See full document

... of party i is simply its view in the protocol, augmented with all the intermediate values computed locally by ...different party in the computation. The view of each party in the protocol ... See full document

... a Secure Function Evaluation protocol secure against honest-but-curious adversaries to evaluate a simple circuit to generate the gate ...the computation and communication complexity of our ... See full document

... of secure cross-domain communication between two users belonging to different security domains within an open and distributed ...any secure two-party password-based key exchange (2PAKE) ... See full document

... Secure Two-Party and Multiparty Computation. Secure two-party computation (2-PC) targets the following problem: Alice and Bob, modeled as probabilistic ... See full document

... only secure against passive adversaries, who are trusted to strictly follow the ...actively secure protocols, which remain secure against arbitrary deviations from the protocol, typically most ... See full document

... The enforcement of access policies and the support of policy updates are important challenging issues in the data sharing systems. In this study, we pro- posed a attribute-based data sharing scheme to en- force a ... See full document

... a black-box simulator of an o( log n n ) round protocol for an n-party functionality does not gain anything via “rewindings” in the adaptive ...a black-box ...honest party, the ... See full document