Advances in Cryptology – ASIACRYPT 2007

Volume 4833 of the series Lecture Notes in Computer Science pp 298-314

Two-Party Computing with Encrypted Data

  • Seung Geol ChoiAffiliated withColumbia University
  • , Ariel ElbazAffiliated withColumbia University
  • , Ari JuelsAffiliated withRSA Laboratories
  • , Tal MalkinAffiliated withColumbia University
  • , Moti YungAffiliated withColumbia UniversityGoogle


We consider a new model for online secure computation on encrypted inputs in the presence of malicious adversaries. The inputs are independent of the circuit computed in the sense that they can be contributed by separate third parties. The model attempts to emulate as closely as possible the model of “Computing with Encrypted Data” that was put forth in 1978 by Rivest, Adleman and Dertouzos which involved a single online message. In our model, two parties publish their public keys in an offline stage, after which any party (i.e., any of the two and any third party) can publish encryption of their local inputs. Then in an on-line stage, given any common input circuit C and its set of inputs from among the published encryptions, the first party sends a single message to the second party, who completes the computation.


Computing with Encrypted Data Secure Two-Party Computation CryptoComputing oblivious transfer