Advances in Cryptology – ASIACRYPT 2009

Volume 5912 of the series Lecture Notes in Computer Science pp 250-267

Secure Two-Party Computation Is Practical

  • Benny PinkasAffiliated withLancaster UniversityDept. of Computer Science, University of Haifa
  • , Thomas SchneiderAffiliated withLancaster UniversityHorst Görtz Institute for IT-Security, Ruhr-University Bochum
  • , Nigel P. SmartAffiliated withLancaster UniversityDept. Computer Science, University of Bristol
  • , Stephen C. WilliamsAffiliated withLancaster UniversityDept. Computer Science, University of Bristol


Secure multi-party computation has been considered by the cryptographic community for a number of years. Until recently it has been a purely theoretical area, with few implementations with which to test various ideas. This has led to a number of optimisations being proposed which are quite restricted in their application. In this paper we describe an implementation of the two-party case, using Yao’s garbled circuits, and present various algorithmic protocol improvements. These optimisations are analysed both theoretically and empirically, using experiments of various adversarial situations. Our experimental data is provided for reasonably large circuits, including one which performs an AES encryption, a problem which we discuss in the context of various possible applications.