Skip to main content

Secure Two-Party Computation: A Visual Way

Part of the Lecture Notes in Computer Science book series (LNSC,volume 8317)


In this paper we propose a novel method for performing secure two-party computation. By merging together in a suitable way two beautiful ideas of the 80’s and the 90’s, Yao’s garbled circuit construction and Naor and Shamir’s visual cryptography, respectively, we enable Alice and Bob to securely evaluate a function \(f(\cdot ,\cdot )\) of their inputs, \(x\) and \(y\), through a pure physical process. Indeed, once Alice has prepared a set of properly constructed transparencies, Bob computes the function value \(f(x,y)\) by applying a sequence of simple steps which require the use of a pair of scissors, superposing transparencies, and the human visual system. A crypto-device for the function evaluation process is not needed any more.


  • Yao’s construction
  • Visual cryptography
  • Secure computation

This is a preview of subscription content, access via your institution.

Buying options

USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-319-04268-8_2
  • Chapter length: 21 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
USD   59.99
Price excludes VAT (USA)
  • ISBN: 978-3-319-04268-8
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   79.99
Price excludes VAT (USA)
Fig. 1.
Fig. 2.
Fig. 3.
Fig. 4.
Fig. 5.
Fig. 6.


  1. 1.

    The introduction of [4] offers a brief history of the construction and a nice accounting of the research efforts which followed.

  2. 2.

    A detailed description of Yao’s protocol can be found in [28].

  3. 3.

    A random variable is sufficient to represent the input, the output or any intermediate computation of a randomized entity in a single protocol execution. However, since it is of interest analyzing the behavior of protocol executions, according to input sizes depending on the security parameter \(k\), collections of random variables are needed: an ensemble is exactly a family of random variables, where each of them, say \(X_s,\) is uniquely identified by an index \(s,\) related to the security parameter \(k\).

  4. 4.

    We deal in the following with a deterministic functionality.Hence, we state the simplified versions of the definitions in [20, 28]. Moreover, we also state the definition for the unconditionally secure case. As we will show later, by using an unconditionally secure physical implementation of the oblivious transfer, known to be possible [29], the definition in the physical world is achieved by our protocol.

  5. 5.

    We do not follow the traditional entropy-based characterization, e.g., [8, 25], since in our analysis we are not going to use the entropy function. A comprehensive study of secret sharing schemes which does not use the language of information theory can be found in [5]. See also a recent survey [3].

  6. 6.

    In this abstract, to simplify the presentation of our approach, instead of providing general definitions, we concentrate on specific definitions of VCS for the tools we need in our construction.

  7. 7.

    We stress that the scheme is the same, and it is used twice with independent and fresh randomness.

  8. 8.

    If Alice thinks that Bob has had a career as illusionist, in order to be sure that Bob does not substitute the envelope that will be destroyed with an identical but fake one, might requests that Bob shows up in swimsuit.

  9. 9.

    An alternative could be that the envelope is burned in front of Alice. The key-property that need to be satisfied is that the physical process should be irreversible, the secret cannot be even partially recovered.

  10. 10.

    Notice that, for the permutation bit, we are using a deterministic \((2,2)\)-VCS with pixel expansion \(m=2\). We have used this solution for the permutation bit because, first of all it is possible to use a scheme with pixel expansion since each permutation bit propagates only from one level of the circuit to the subsequent one, and secondly because a scheme with pixel expansion allows a deterministic reconstruction.


  1. Ateniese, G., Blundo, C., De Santis, A., Stinson, D.R.: Visual cryptography for general access structures. Inf. Comput. 129(2), 86–106 (1996)

    CrossRef  MATH  Google Scholar 

  2. Beaver, D., Micali, S., Rogaway, P.: The round complexity of secure protocols. In: Proceedings of 22nd ACM Symposium on Theory of Computing, pp. 503–513 (1990)

    Google Scholar 

  3. Beimel, A.: Secret-sharing schemes: a survey. In: Chee, Y.M., Guo, Z., Ling, S., Shao, F., Tang, Y., Wang, H., Xing, C. (eds.) IWCC 2011. LNCS, vol. 6639, pp. 11–46. Springer, Heidelberg (2011)

    Google Scholar 

  4. Bellare, M., Hoang, V.T., Rogaway, P.: Garbling schemes. Cryptology ePrint archive, report 2012/265 (2012)

    Google Scholar 

  5. Bellare, M., Rogaway, P.: Robust computational secret sharing and a unified account of classical secret-sharing goals. In: Proceedings of the 14th ACM Conference on Computer and Communications Security (ACM CCS), ACM (2007)

    Google Scholar 

  6. Blundo, C., D’Arco, P., De Santis, A., Stinson, D.R.: Contrast optimal threshold visual cryptography schemes. SIAM J. Discrete Math. 16, 224–261 (2003)

    CrossRef  MATH  MathSciNet  Google Scholar 

  7. Boneh, D., Sahai, A., Waters, B.: Functional encryption: definitions and challenges. In: Ishai, Y. (ed.) TCC 2011. LNCS, vol. 6597, pp. 253–273. Springer, Heidelberg (2011)

    Google Scholar 

  8. Capocelli, R.M., De Santis, A., Gargano, L., Vaccaro, U.: On the size of shares for secret sharing schemes. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 101–113. Springer, Heidelberg (1992)

    Google Scholar 

  9. Canetti, R.: Security and composition of multiparty cryptographic protocols. J. Cryptol. 13, 143–202 (2000)

    CrossRef  MATH  MathSciNet  Google Scholar 

  10. Chaum, D.: Secret-Ballot receipts and transparent integrity.

  11. Cimato, S., De Prisco, R., De Santis, A.: Colored visual cryptography without color darkening. In: Blundo, C., Cimato, S. (eds.) SCN 2004. LNCS, vol. 3352, pp. 235–248. Springer, Heidelberg (2005)

    Google Scholar 

  12. Cimato, S., De Prisco, R., De Santis, A.: Optimal colored threshold visual cryptography schemes. Des. Codes. Crypt. 35, 311–335 (2005)

    CrossRef  MATH  Google Scholar 

  13. Cimato, S., De Prisco, R., De Santis, A.: Probabilistic visual cryptography schemes. Comput. J. 49(1), 97–107 (2006)

    CrossRef  Google Scholar 

  14. Cimato, S., De Prisco, R., De Santis, A.: Colored visual cryptography without color darkening. Theor. Comput. Sci. 374(1–3), 261–276 (2007)

    CrossRef  MATH  Google Scholar 

  15. Cimato, S., Yang, C.-N. (eds.): Visual Cryptography and Secret Image Sharing. CRC Press, Boca Raton (2012). ISBN: 978-1-4398-3721-4

    Google Scholar 

  16. De Prisco, R., De Santis, A.: Using colors to improve visual cryptography for black and white images. In: Fehr, S. (ed.) ICITS 2011. LNCS, vol. 6673, pp. 182–201. Springer, Heidelberg (2011)

    Google Scholar 

  17. De Prisco, R., De Santis, A.: Color visual cryptography schemes for black and white secret image. Theoretical Computer Science. (to appear)

  18. Even, S., Goldreich, O., Lempel, A.: A randomized protocol for signing contracts. Commun. ACM. 28(6), 637–647 (1985)

    CrossRef  MathSciNet  Google Scholar 

  19. Eisen, P.A., Stinson, D.R.: Threshold visual cryptography schemes with specified whiteness levels of reconstructed pixels. Des. Codes. Crypt. 25, 15–61 (2002)

    CrossRef  MATH  MathSciNet  Google Scholar 

  20. Goldreich, O.: Foundation Cryptography, vol. II. MIT Press, Cambridge (2004)

    CrossRef  Google Scholar 

  21. Goldreich, O., Micali, S., Wigderson, A.: How to play any mental game. In: STOC, pp. 218–229 (1987)

    Google Scholar 

  22. Gennaro, R., Gentry, C., Parno, B.: Non-interactive verifiable computing: outsourcing computation to untrusted workers. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 465–482. Springer, Heidelberg (2010)

    Google Scholar 

  23. Hofmeister, T., Krause, M., Simon, H.U.: Contrast-optimal \(k\) out of \(n\) secret sharing schemes in visual cryptography. Theor. Comput. Sci. 240, 471–485 (2000)

    CrossRef  MATH  MathSciNet  Google Scholar 

  24. Kafri, O., Keren, E.: Encryption of pictures and shapes by random grids. Opt. Lett. 12(6), 377–379 (1987)

    CrossRef  Google Scholar 

  25. Karnin, E., Greene, J., Hellman, M.: On secret sharing systems. IEEE Trans. Inf. Theor. 29(1), 3551 (1983)

    MathSciNet  Google Scholar 

  26. Kolesnikov, V.: Gate evaluation secret sharing and secure one-round two-party computation. In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 136–155. Springer, Heidelberg (2005)

    CrossRef  Google Scholar 

  27. Naor, M., Shamir, A.: Visual cryptography. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 1–12. Springer, Heidelberg (1995)

    Google Scholar 

  28. Lindell, Y., Pinkas, B.: A proof of security of Yao’s protocol for two-party computation. J. Cryptology 22, 161–188 (2009)

    CrossRef  MATH  MathSciNet  Google Scholar 

  29. Moran, T., Naor, M.: Basing cryptographic protocols on tamper-evident seals. Theor. Comput. Sci. 411, 1283–1310 (2010)

    CrossRef  MATH  MathSciNet  Google Scholar 

  30. Yang, C.-N.: New visual secret sharing schemes using probabilistic method. Pattern Recogn. Lett. 25, 481–494 (2004)

    CrossRef  Google Scholar 

  31. Yao, A.C.: Protocols for secure computations. In: Proceedings of 23rd IEEE Symposium on Foundations of Computational Science, pp. 160–164 (1982)

    Google Scholar 

  32. Yao, A.C.: How to generate and exchange secrets (extended abstract). In: Proceedings of 27th IEEE Symposium on Foundations of Computational Science, pp. 162–167 (1986)

    Google Scholar 

Download references


We would like to thank Alfredo De Santis for discussions and for pointing out to our attention [29], Carlo Blundo for comments on a preliminary version of this paper, and an anonymous referee for hints and suggestions.

Author information

Authors and Affiliations


Corresponding author

Correspondence to Roberto De Prisco .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2014 Springer International Publishing Switzerland

About this paper

Cite this paper

D’Arco, P., De Prisco, R. (2014). Secure Two-Party Computation: A Visual Way. In: Padró, C. (eds) Information Theoretic Security. ICITS 2013. Lecture Notes in Computer Science(), vol 8317. Springer, Cham.

Download citation

  • DOI:

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-04267-1

  • Online ISBN: 978-3-319-04268-8

  • eBook Packages: Computer ScienceComputer Science (R0)