Enforcing Input Correctness via Certification in Garbled Circuit Evaluation

  • Yihua Zhang
  • Marina BlantonEmail author
  • Fattaneh Bayatbabolghani
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10493)


Secure multi-party computation allows a number of participants to securely evaluate a function on their private inputs and has a growing number of applications. Two standard adversarial models that treat the participants as semi-honest or malicious, respectively, are normally considered for showing security of constructions in this framework. In this work, we go beyond the standard security model in the presence of malicious participants and treat the problem of enforcing correct inputs to be entered into the computation. We achieve this by having a certification authority certify user’s information, which is consequently used in secure two-party computation based on garbled circuit evaluation. The focus of this work on enforcing correctness of garbler’s inputs via certification, as prior work already allows one to achieve this goal for circuit evaluator’s input. Thus, in this work, we put forward a novel approach for certifying user’s input and tying certification to garbler’s input used during secure function evaluation based on garbled circuits. Our construction achieves notable performance of adding only one (standard) signature verification and \(O(n\rho )\) symmetric key/hash operations to the cost of garbled circuit evaluation in the malicious model via cut-and-choose, in which \(\rho \) circuits are garbled and n is the length of the garbler’s input in bits. Security of our construction is rigorously proved in the standard model.


Garbled circuits Input certification Input verification Secure function evaluation 



This work was supported in part by grants 1223699 and 1319090 from the National Science Foundation and FA9550-13-1-0066 from the Air Force Office of Scientific Research. Any opinions, findings, and conclusions or recommendations expressed in this publication are those of the authors and do not necessarily reflect the views of the funding agencies.


  1. 1.
    Baum, C.: On garbling schemes with and without privacy. In: Zikas, V., Prisco, R. (eds.) SCN 2016. LNCS, vol. 9841, pp. 468–485. Springer, Cham (2016). doi: 10.1007/978-3-319-44618-9_25Google Scholar
  2. 2.
    Bellare, M., Hoang, V., Keelveedhi, S., Rogaway, P.: Efficient garbling from a fixed-key blockcipher. In: IEEE Symposium on Security and Privacy (SP), pp. 478–492 (2013)Google Scholar
  3. 3.
    Blanton, M., Bayatbabolghani, F.: Efficient server-aided secure two-party function evaluation with applications to genomic computation. Proc. Priv. Enhanc. Technol. (PoPET) 4, 1–22 (2016)Google Scholar
  4. 4.
    Blanton, M., Gasti, P.: Secure and efficient protocols for iris and fingerprint identification. In: Atluri, V., Diaz, C. (eds.) ESORICS 2011. LNCS, vol. 6879, pp. 190–209. Springer, Heidelberg (2011). doi: 10.1007/978-3-642-23822-2_11CrossRefGoogle Scholar
  5. 5.
    Bogdanov, D., Laur, S., Willemson, J.: Sharemind: a framework for fast privacy-preserving computations. In: Jajodia, S., Lopez, J. (eds.) ESORICS 2008. LNCS, vol. 5283, pp. 192–206. Springer, Heidelberg (2008). doi: 10.1007/978-3-540-88313-5_13CrossRefGoogle Scholar
  6. 6.
    Camenisch, J., Lysyanskaya, A.: A signature scheme with efficient protocols. In: Cimato, S., Persiano, G., Galdi, C. (eds.) SCN 2002. LNCS, vol. 2576, pp. 268–289. Springer, Heidelberg (2003). doi: 10.1007/3-540-36413-7_20CrossRefGoogle Scholar
  7. 7.
    Camenisch, J., Lysyanskaya, A.: Signature schemes and anonymous credentials from bilinear maps. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 56–72. Springer, Heidelberg (2004). doi: 10.1007/978-3-540-28628-8_4CrossRefGoogle Scholar
  8. 8.
    Camenisch, J., Sommer, D., Zimmermann, R.: A general certification framework with applications to privacy-enhancing certificate infrastructures. In: Fischer-Hübner, S., Rannenberg, K., Yngström, L., Lindskog, S. (eds.) SEC 2006. IIFIP, vol. 201, pp. 25–37. Springer, Boston, MA (2006). doi: 10.1007/0-387-33406-8_3CrossRefGoogle Scholar
  9. 9.
    Camenisch, J., Zaverucha, G.M.: Private intersection of certified sets. In: Dingledine, R., Golle, P. (eds.) FC 2009. LNCS, vol. 5628, pp. 108–127. Springer, Heidelberg (2009). doi: 10.1007/978-3-642-03549-4_7CrossRefGoogle Scholar
  10. 10.
    Damgård, I., Pastro, V., Smart, N., Zakarias, S.: Multiparty computation from somewhat homomorphic encryption. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 643–662. Springer, Heidelberg (2012). doi: 10.1007/978-3-642-32009-5_38CrossRefGoogle Scholar
  11. 11.
    Cristofaro, E., Tsudik, G.: Practical private set intersection protocols with linear complexity. In: Sion, R. (ed.) FC 2010. LNCS, vol. 6052, pp. 143–159. Springer, Heidelberg (2010). doi: 10.1007/978-3-642-14577-3_13CrossRefGoogle Scholar
  12. 12.
    Goldreich, O., Micali, S., Wigderson, A.: Proofs that yield nothing but their validity or all languages in NP have zero-knowledge proof systems. J. ACM 38(3), 690–728 (1991)MathSciNetCrossRefzbMATHGoogle Scholar
  13. 13.
    Goldwasser, S., Micali, S., Wigderson, A.: How to play any mental game, or a completeness theorem for protocols with an honest majority. In: ACM Symposium on the Theory of Computing (STOC), pp. 218–229 (1987)Google Scholar
  14. 14.
    Halpern, J., Teague, V.: Rational secret sharing and multiparty computation. In: ACM Symposium on Theory of Computing (STOC), pp. 623–632 (2004)Google Scholar
  15. 15.
    Kantarcioglu, M., Nix, R.: Incentive compatible distributed data mining. In: IEEE International Conference on Privacy, Security, Risk and Trust (PASSAT) (2010)Google Scholar
  16. 16.
    Katz, J., Malozemoff, A.J., Wang, X.: Efficiently enforcing input validity in secure two-party computation. IACR Cryptology ePrint Archive Report 2016/184 (2016)Google Scholar
  17. 17.
    Kolesnikov, V., Kumaresan, R., Shikfa, A.: Efficient verification of input consistency in server-assisted secure function evaluation. In: Pieprzyk, J., Sadeghi, A.-R., Manulis, M. (eds.) CANS 2012. LNCS, vol. 7712, pp. 201–217. Springer, Heidelberg (2012). doi: 10.1007/978-3-642-35404-5_16CrossRefGoogle Scholar
  18. 18.
    Kreuter, B., Shelat, A., Mood, B., Butler, K.: PCF: a portable circuit format for scalable two-party secure computation. In: USENIX Security Symposium (2013)Google Scholar
  19. 19.
    Lindell, Y.: Fast cut-and-choose based protocols for malicious and covert adversaries. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8043, pp. 1–17. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-40084-1_1CrossRefGoogle Scholar
  20. 20.
    Lindell, Y., Pinkas, B.: An efficient protocol for secure two-party computation in the presence of malicious adversaries. In: Naor, M. (ed.) EUROCRYPT 2007. LNCS, vol. 4515, pp. 52–78. Springer, Heidelberg (2007). doi: 10.1007/978-3-540-72540-4_4CrossRefGoogle Scholar
  21. 21.
    Lindell, Y., Pinkas, B.: A proof of security of Yao’s protocol for two-party computation. J. Cryptol. 22(2), 161–188 (2009)MathSciNetCrossRefzbMATHGoogle Scholar
  22. 22.
    Mohassel, P., Franklin, M.: Efficiency tradeoffs for malicious two-party computation. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T. (eds.) PKC 2006. LNCS, vol. 3958, pp. 458–473. Springer, Heidelberg (2006). doi: 10.1007/11745853_30CrossRefGoogle Scholar
  23. 23.
    Sadeghi, A.-R., Schneider, T., Wehrenberg, I.: Efficient privacy-preserving face recognition. In: Lee, D., Hong, S. (eds.) ICISC 2009. LNCS, vol. 5984, pp. 229–244. Springer, Heidelberg (2010). doi: 10.1007/978-3-642-14423-3_16CrossRefGoogle Scholar
  24. 24.
    Shelat, A., Shen, C.: Two-output secure computation with malicious adversaries. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 386–405. Springer, Heidelberg (2011). doi: 10.1007/978-3-642-20465-4_22CrossRefGoogle Scholar
  25. 25.
    Shelat, A., Shen, C.H.: Fast two-party secure computation with minimal assumptions. In: ACM Conference on Computer and Communications Security (CCS), pp. 523–534 (2013)Google Scholar
  26. 26.
    Shoham, Y., Tennenholtz, M.: Non-cooperative computation: boolean functions with correctness and exclusivity. Theor. Comput. Sci. (TCS) 343(1), 97–113 (2005)MathSciNetCrossRefzbMATHGoogle Scholar
  27. 27.
    Wallrabenstein, J.R., Clifton, C.: Equilibrium concepts for rational multiparty computation. In: Das, S.K., Nita-Rotaru, C., Kantarcioglu, M. (eds.) GameSec 2013. LNCS, vol. 8252, pp. 226–245. Springer, Cham (2013). doi: 10.1007/978-3-319-02786-9_14CrossRefGoogle Scholar
  28. 28.
    Wallrabenstein, J.R., Clifton, C.: Realizable rational multiparty cryptographic protocols. In: Poovendran, R., Saad, W. (eds.) GameSec 2014. LNCS, vol. 8840, pp. 134–154. Springer, Cham (2014). doi: 10.1007/978-3-319-12601-2_8Google Scholar
  29. 29.
    Woodruff, D.P.: Revisiting the efficiency of malicious two-party computation. In: Naor, M. (ed.) EUROCRYPT 2007. LNCS, vol. 4515, pp. 79–96. Springer, Heidelberg (2007). doi: 10.1007/978-3-540-72540-4_5CrossRefGoogle Scholar
  30. 30.
    Yao, A.C.: How to generate and exchange secrets. In: IEEE Symposium on Foundations of Computer Science (FOCS), pp. 162–167 (1986)Google Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  • Yihua Zhang
    • 1
  • Marina Blanton
    • 2
    Email author
  • Fattaneh Bayatbabolghani
    • 1
  1. 1.Computer Science and EngineeringUniversity of Notre DameNotre DameUSA
  2. 2.Computer Science and EngineeringState University of New YorkBuffaloUSA

Personalised recommendations