How to Hide Circuits in MPC an Efficient Framework for Private Function Evaluation

  • Payman Mohassel
  • Saeed Sadeghian
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7881)


We revisit the problem of general-purpose private function evaluation (PFE) wherein a single party P 1 holds a circuit \(\mathcal{C}\), while each P i for 1 ≤ i ≤ n holds a private input x i , and the goal is for a subset (or all) of the parties to learn \(\mathcal{C}(x_1, \ldots, x_n)\) but nothing else. We put forth a general framework for designing PFE where the task of hiding the circuit and securely evaluating its gates are addressed independently: First, we reduce the task of hiding the circuit topology to oblivious evaluation of a mapping that encodes the topology of the circuit, which we refer to as oblivious extended permutation (OEP) since the mapping is a generalization of the permutation mapping. Second, we design a subprotocol for private evaluation of a single gate (PFE for one gate), which we refer to as private gate evaluation (PGE). Finally, we show how to naturally combine the two components to obtain efficient and secure PFE.

We apply our framework to several well-known general-purpose MPC constructions, in each case, obtaining the most efficient PFE construction to date, for the considered setting. Similar to the previous work we only consider semi-honest adversaries in this paper.


  1. 1.
    Abadi, M., Feigenbaum, J.: Secure circuit evaluation. Journal of Cryptology 2, 1–12 (1990)MathSciNetMATHCrossRefGoogle Scholar
  2. 2.
    Kolesnikov, V., Schneider, T.: A practical universal circuit construction and secure evaluation of private functions. In: Tsudik, G. (ed.) FC 2008. LNCS, vol. 5143, pp. 83–97. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  3. 3.
    Sadeghi, A.R., Schneider, T.: Generalized universal circuits for secure evaluation of private functions with application to data classification. In: Lee, P.J., Cheon, J.H. (eds.) ICISC 2008. LNCS, vol. 5461, pp. 336–353. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  4. 4.
    Katz, J., Malka, L.: Constant-round private function evaluation with linear complexity. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 556–571. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  5. 5.
    Schneider, T.: Practical secure function evaluation (2008)Google Scholar
  6. 6.
    Valiant, L.: Universal circuits (preliminary report). In: Proceedings of the Eighth Annual ACM STOC, pp. 196–203 (1976)Google Scholar
  7. 7.
    Shpilka, A., Yehudayoff, A.: Arithmetic circuits: A survey of recent results and open questions (2010)Google Scholar
  8. 8.
    Raz, R.: Elusive functions and lower bounds for arithmetic circuits. In: Proceedings of the 40th Annual ACM STOC (2008)Google Scholar
  9. 9.
    Gentry, C.: Fully homomorphic encryption using ideal lattices. In: Proceedings of the 41st Annual ACM, STOC 2009, pp. 169–178. ACM (2009)Google Scholar
  10. 10.
    Huang, Y., Evans, D., Katz, J.: Private set intersection: Are garbled circuits better than custom protocols? In: Proceedings of 19th NDSS Conference (2012)Google Scholar
  11. 11.
    Wang, G., Luo, T., Goodrich, M.T., Du, W., Zhu, Z.: Bureaucratic protocols for secure two-party sorting, selection, and permuting. In: Proceedings of the 5th ACM ASIACCS, pp. 226–237 (2010)Google Scholar
  12. 12.
    Du, W.: A Study of Several Specific Secure Two-party Computation Problems. PhD thesis, Department of Computer Sciences, Purdue University (2001)Google Scholar
  13. 13.
    Goldreich, O., Micali, S., Wigderson, A.: How to play any mental game. In: Proceedings of the Nineteenth Annual ACM, STOC 1987, pp. 218–229. ACM (1987)Google Scholar
  14. 14.
    Yao, A.C.C.: How to generate and exchange secrets. In: 27th Annual Symposium on Foundations of Computer Science, pp. 162–167 (October 1986)Google Scholar
  15. 15.
    Cramer, R., Damgård, I., Nielsen, J.B.: Multiparty computation from threshold homomorphic encryption. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 280–299. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  16. 16.
    Franklin, M., Gondree, M., Mohassel, P.: Multi-party indirect indexing and applications. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol. 4833, pp. 283–297. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  17. 17.
    Choi, S.G., Hwang, K.-W., Katz, J., Malkin, T., Rubenstein, D.: Secure multi-party computation of boolean circuits with applications to privacy in on-line marketplaces. In: Dunkelman, O. (ed.) CT-RSA 2012. LNCS, vol. 7178, pp. 416–432. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  18. 18.
    Nielsen, J.B., Nordholt, P.S., Orlandi, C., Burra, S.S.: A new approach to practical active-secure two-party computation. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 681–700. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  19. 19.
    Ishai, Y., Kilian, J., Nissim, K., Petrank, E.: Extending oblivious transfers efficiently. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 145–161. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  20. 20.
    Beaver, D.: Precomputing oblivious transfer. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 97–109. Springer, Heidelberg (1995)Google Scholar
  21. 21.
    Mohassel, P., Sadeghian, S.: How to hide circuits in mpc: An efficient framework for private function evaluation (2013),
  22. 22.
    Waksman, A.: A permutation network. J. ACM 15, 159–163 (1968)MathSciNetMATHCrossRefGoogle Scholar
  23. 23.
    Canetti, R.: Security and composition of multiparty cryptographic protocols. Journal of Cryptology 13(1), 143–202 (2000)MathSciNetMATHCrossRefGoogle Scholar

Copyright information

© International Association for Cryptologic Research 2013

Authors and Affiliations

  • Payman Mohassel
    • 1
  • Saeed Sadeghian
    • 1
  1. 1.University of CalgaryCanada

Personalised recommendations