Efficient Secure Computation with Garbled Circuits

  • Yan Huang
  • Chih-hao Shen
  • David Evans
  • Jonathan Katz
  • Abhi Shelat
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7093)


Secure two-party computation enables applications in which participants compute the output of a function that depends on their private inputs, without revealing those inputs or relying on any trusted third party. In this paper, we show the potential of building privacy-preserving applications using garbled circuits, a generic technique that until recently was believed to be too inefficient to scale to realistic problems. We present a Java-based framework that uses pipelining and circuit-level optimizations to build efficient and scalable privacy-preserving applications. Although the standard garbled circuit protocol assumes a very week, honest-but-curious adversary, techniques are available for converting such protocols to resist stronger adversaries, including fully malicious adversaries. We summarize approaches to producing malicious-resistant secure computations that reduce the costs of transforming a protocol to be secure against stronger adversaries. In addition, we summarize results on ensuring fairness, the property that either both parties receive the result or neither party does. Several open problems remain, but as theory and pragmatism advance, secure computation is approaching the point where it offers practical solutions for a wide variety of important problems.


Secure Computation Homomorphic Encryption Oblivious Transfer Levenshtein Distance Honest Party 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Asharov, G., Canetti, R., Hazay, C.: Towards a Game Theoretic View of Secure Computation. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 426–445. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  2. 2.
    Barni, M., Bianchi, T., Catalano, D., Raimondo, M.D., Labati, R.D., Faillia, P., Fiore, D., Lazzeretti, R., Piuri, V., Scotti, F., Piva, A.: Privacy-preserving Fingercode Authentication. In: ACM Multimedia and Security Workshop (2010)Google Scholar
  3. 3.
    Beaver, D.: Secure Multiparty Protocols and Zero-Knowledge Proof Systems Tolerating a Faulty Minority. Journal of Cryptology (1991)Google Scholar
  4. 4.
    Beaver, D., Goldwasser, S.: Multiparty Computation with Faulty Majority. In: 30th Symposium on Foundations of Computer Science (1989)Google Scholar
  5. 5.
    Beaver, D., Micali, S., Rogaway, P.: The Round Complexity of Secure Protocols. In: ACM Symposium on Theory of Computing (1990)Google Scholar
  6. 6.
    Beimel, A., Lindell, Y., Omri, E., Orlov, I.: 1/p-secure Multiparty Computation Without Honest Majority and the Best of Both Worlds. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 277–296. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  7. 7.
    Beimel, A., Omri, E., Orlov, I.: Protocols for Multiparty Coin Toss with Dishonest Majority. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 538–557. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  8. 8.
    Ben-David, A., Nisan, N., Pinkas, B.: FairplayMP: A System for Secure Multi-party Computation. In: ACM Conference on Computer and Communications Security (2008)Google Scholar
  9. 9.
    Brickell, J., Shmatikov, V.: Privacy-Preserving Graph Algorithms in the Semi-Honest Model. In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 236–252. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  10. 10.
    Choi, S.G., Katz, J., Kumaresan, R., Zhou, H.S.: On the Security of the “Free-XOR” Technique (2011),
  11. 11.
    Cleve, R.: Limits on the Security of Coin Flips when Half the Processors Are Faulty. In: 18th Symposium on Theory of Computing (1986)Google Scholar
  12. 12.
    Even, S., Goldreich, O., Lempel, A.: A Randomized Protocol for Signing Contracts. Communications of the ACM (1985)Google Scholar
  13. 13.
    Galil, Z., Haber, S., Yung, M.: Cryptographic Computation: Secure Fault Tolerant Protocols and the Public-Key Model. In: Pomerance, C. (ed.) CRYPTO 1987. LNCS, vol. 293, pp. 135–155. Springer, Heidelberg (1988)Google Scholar
  14. 14.
    Gamma, E., Helm, R., Johnson, R.E., Vlissides, J.: Design Patterns — Elements of Reusable Object-Oriented Software. Addison-Wesley (March 1995)Google Scholar
  15. 15.
    Garay, J.A., MacKenzie, P.D., Prabhakaran, M., Yang, K.: Resource Fairness and Composability of Cryptographic Protocols. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 404–428. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  16. 16.
    Goldreich, O., Micali, S., Wigderson, A.: How to Play Any Mental Game, or a Completeness Theorem for Protocols with Honest Majority. In: 19th Symposium on Theory of Computing (1987)Google Scholar
  17. 17.
    Goldwasser, S., Levin, L.A.: Fair Computation of General Functions in Presence of Immoral Majority. In: Menezes, A., Vanstone, S.A. (eds.) CRYPTO 1990. LNCS, vol. 537, pp. 77–93. Springer, Heidelberg (1991)Google Scholar
  18. 18.
    Gordon, S.D.: Fairness in Secure Computation. Ph.D. thesis, University of Maryland (2010)Google Scholar
  19. 19.
    Gordon, S.D., Hazay, C., Katz, J., Lindell, Y.: Complete Fairness in Secure Two-Party Computation. In: 40th Symposium on Theory of Computing (2008)Google Scholar
  20. 20.
    Gordon, S.D., Katz, J.: Rational Secret Sharing, Revisited. In: De Prisco, R., Yung, M. (eds.) SCN 2006. LNCS, vol. 4116, pp. 229–241. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  21. 21.
    Gordon, S.D., Katz, J.: Complete Fairness in Multi-Party Computation Without an Honest Majority. In: Reingold, O. (ed.) TCC 2009. LNCS, vol. 5444, pp. 19–35. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  22. 22.
    Gordon, S.D., Katz, J.: Partial Fairness in Secure Two-Party Computation. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 157–176. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  23. 23.
    Groce, A., Katz, J.: Fair Computation with Rational Players (2011),
  24. 24.
    Halpern, J., Teague, V.: Rational Secret Sharing and Multiparty Computation. In: 36th Symposium on Theory of Computing (2004)Google Scholar
  25. 25.
    Hazay, C., Lindell, Y.: Efficient Protocols for Set Intersection and Pattern Matching with Security Against Malicious and Covert Adversaries. In: Canetti, R. (ed.) TCC 2008. LNCS, vol. 4948, pp. 155–175. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  26. 26.
    Henecka, W., Kogl, S., Sadeghi, A.R., Schneider, T., Wehrenberg, I.: TASTY: Tool for Automating Secure Two-partY computations. In: ACM Conference on Computer and Communications Security (2010)Google Scholar
  27. 27.
    Huang, Y., Chapman, P., Evans, D.: Privacy-Preserving Applications on Smartphones. In: USENIX Workshop on Hot Topics in Security (2011)Google Scholar
  28. 28.
    Huang, Y., Evans, D., Katz, J., Malka, L.: Faster Secure Two-Party Computation Using Garbled Circuits. In: USENIX Security Symposium (2011)Google Scholar
  29. 29.
    Huang, Y., Malka, L., Evans, D., Katz, J.: Efficient Privacy-Preserving Biometric Identification. In: Network and Distributed System Security Symposium (2011)Google Scholar
  30. 30.
    Ishai, Y., Kilian, J., Nissim, K., Petrank, E.: Extending Oblivious Transfers Efficiently. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 145–161. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  31. 31.
    Jarecki, S., Shmatikov, V.: Efficient Two-Party Secure Computation on Committed Inputs. In: Naor, M. (ed.) EUROCRYPT 2007. LNCS, vol. 4515, pp. 97–114. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  32. 32.
    Jha, S., Kruger, L., Shmatikov, V.: Towards Practical Privacy for Genomic Computation. In: IEEE Symposium on Security and Privacy (2008)Google Scholar
  33. 33.
    Kiraz, M.: Secure and Fair Two-Party Computation. Ph.D. thesis, Technische Universiteit Eindhoven (2008)Google Scholar
  34. 34.
    Kiraz, M., Schoenmakers, B.: A Protocol Issue for The Malicious Case of Yao’s Garbled Circuit Construction. In: 27th Symposium on Information Theory in the Benelux (2006)Google Scholar
  35. 35.
    Kolesnikov, V., Sadeghi, A.-R., Schneider, T.: Improved Garbled Circuit Building Blocks and Applications to Auctions and Computing Minima. In: Garay, J.A., Miyaji, A., Otsuka, A. (eds.) CANS 2009. LNCS, vol. 5888, pp. 1–20. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  36. 36.
    Kolesnikov, V., Schneider, T.: Improved Garbled Circuit: Free XOR Gates and Applications. In: Aceto, L., Damgård, I., Goldberg, L.A., Halldórsson, M.M., Ingólfsdóttir, A., Walukiewicz, I. (eds.) ICALP 2008, Part II. LNCS, vol. 5126, pp. 486–498. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  37. 37.
    Lindell, Y., Pinkas, B.: Privacy Preserving Data Mining. Journal of Cryptology 15(3) (2002)Google Scholar
  38. 38.
    Lindell, Y., Pinkas, B.: An Efficient Protocol for Secure Two-Party Computation in the Presence of Malicious Adversaries. In: Naor, M. (ed.) EUROCRYPT 2007. LNCS, vol. 4515, pp. 52–78. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  39. 39.
    Lindell, Y., Pinkas, B.: Secure Two-Party Computation Via Cut-and-Choose Oblivious Transfer. Crypto ePrint Archive (2010),
  40. 40.
    Lysyanskaya, A., Triandopoulos, N.: Rationality and Adversarial Behavior in Multi-Party Computation. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 180–197. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  41. 41.
    Malkhi, D., Nisan, N., Pinkas, B., Sella, Y.: Fairplay — A Secure Two-Party Computation System. In: USENIX Security Symposium (2004)Google Scholar
  42. 42.
    Mohassel, P., Franklin, M.: Efficiency Tradeoffs for Malicious Two-Party Computation. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T. (eds.) PKC 2006. LNCS, vol. 3958, pp. 458–473. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  43. 43.
    Moran, T., Naor, M., Segev, G.: An Optimally Fair Coin Toss. In: Reingold, O. (ed.) TCC 2009. LNCS, vol. 5444, pp. 1–18. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  44. 44.
    Naor, M., Pinkas, B.: Efficient Oblivious Transfer Protocols. In: ACM-SIAM Symposium on Discrete Algorithms (2001)Google Scholar
  45. 45.
    Nielsen, J.B., Orlandi, C.: LEGO for Two-Party Secure Computation. In: Reingold, O. (ed.) TCC 2009. LNCS, vol. 5444, pp. 368–386. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  46. 46.
    Nielsen, J.B., Nordholt, P.S., Orlandi, C., Burra, S.S.: A New Approach to Practical Active-Secure Two-Party Computation. Crypto ePrint Archive (2011),
  47. 47.
    Osadchy, M., Pinkas, B., Jarrous, A., Moskovich, B.: SCiFI: A System for Secure Face Identification. In: IEEE Symposium on Security and Privacy (2010)Google Scholar
  48. 48.
    Pinkas, B., Schneider, T., Smart, N.P., Williams, S.C.: Secure Two-Party Computation Is Practical. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 250–267. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  49. 49.
    Rabin, T., Ben-Or, M.: Verifiable Secret Sharing and Multiparty Protocols with Honest Majority. In: 21st Symposium on Theory of Computing (1989)Google Scholar
  50. 50.
    Shelat, A., Shen, C.-H.: Two-Output Secure Computation with Malicious Adversaries. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 386–405. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  51. 51.
    Yang, Z., Zhong, S., Wright, R.: Privacy-preserving Classification of Customer Data without Loss of Accuracy. In: SIAM International Conference on Data Mining (2005)Google Scholar
  52. 52.
    Yao, A.C.: Protocols for Secure Computations. In: Symposium on Foundations of Computer Science (1982)Google Scholar
  53. 53.
    Yao, A.C.: How to Generate and Exchange Secrets. In: Symposium on Foundations of Computer Science (1986)Google Scholar
  54. 54.
    Zahur, S., Huang, Y., Evans, D.: Efficient Secure Computation over Partially-Secret Inputs (2011),

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Yan Huang
    • 1
  • Chih-hao Shen
    • 1
  • David Evans
    • 1
  • Jonathan Katz
    • 2
  • Abhi Shelat
    • 1
  1. 1.Department of Computer ScienceUniversity of VirginiaUSA
  2. 2.Department of Computer ScienceUniversity of MarylandUSA

Personalised recommendations