The IPS Compiler: Optimizations, Variants and Concrete Efficiency

  • Yehuda Lindell
  • Eli Oxman
  • Benny Pinkas
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6841)


In recent work, Ishai, Prabhakaran and Sahai (CRYPTO 2008) presented a new compiler (hereafter the IPS compiler) for constructing protocols that are secure in the presence of malicious adversaries without an honest majority, from protocols that are only secure in the presence of semi-honest adversaries. The IPS compiler has many important properties: it provides a radically different way of obtaining security in the presence of malicious adversaries with no honest majority, it is black-box in the underlying semi-honest protocol, and it has excellent asymptotic efficiency.

In this paper, we study the IPS compiler from a number of different angles. We present an efficiency improvement of the “watchlist setup phase” of the compiler that also facilitates a simpler and tighter analysis of the cheating probability. In addition, we present a conceptually simpler variant that uses protocols that are secure in the presence of covert adversaries as its basic building block. This variant can be used to achieve more efficient asymptotic security, as we show regarding black-box constructions of malicious oblivious transfer from semi-honest oblivious transfer. In addition, it deepens our understanding of the model of security in the presence of covert adversaries. Finally, we analyze the IPS compiler from a concrete efficiency perspective and demonstrate that in some cases it can be competitive with the best efficient protocols currently known.


Security Parameter Oblivious Transfer Virtual Server Honest Party Secure Multiparty Computation 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Aumann, Y., Lindell, Y.: Security Against Covert Adversaries: Efficient Protocols for Realistic Adversaries. J. of Cryptology 23(2), 281–343 (2010)MathSciNetzbMATHCrossRefGoogle Scholar
  2. 2.
    Beaver, D.: Correlated Pseudorandomness and the Complexity of Private Computations. In: The 28th STOC, pp. 479–488 (1996)Google Scholar
  3. 3.
    Ben-Or, M., Goldwasser, S., Wigderson, A.: Completeness Theorems for Non-Cryptographic Fault-Tolerant Distributed Computation. In: 20th STOC, pp. 1–10 (1988)Google Scholar
  4. 4.
    Chaum, D., Crépeau, C., Damgård, I.: Multi-party Unconditionally Secure Protocols. In: 20th STOC, pp. 11–19 (1988)Google Scholar
  5. 5.
    Crépeau, C., van de Graaf, J., Tapp, A.: Committed Oblivious Transfer and Private Multi-Party Computation. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 110–123. Springer, Heidelberg (1995)Google Scholar
  6. 6.
    Damgård, I., Geisler, M., Nielsen, J.B.: From Passive to Covert Security at Low Cost. In: Micciancio, D. (ed.) TCC 2010. LNCS, vol. 5978, pp. 128–145. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  7. 7.
    Damgård, I., Ishai, Y.: Scalable Secure Multiparty Computation. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 501–520. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  8. 8.
    Damgård, I., Keller, M.: Secure Multiparty AES. In: Sion, R. (ed.) FC 2010. LNCS, vol. 6052, pp. 367–374. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  9. 9.
    Fitzi, M., Hirt, M., Maurer, U.M.: Trading Correctness for Privacy in Unconditional Multi-Party Computation. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 121–136. Springer, Heidelberg (1998)Google Scholar
  10. 10.
    Franklin, M.K., Yung, M.: Communication Complexity of Secure Computation (Extended Abstract). In: The 24th STOC, pp. 699–710 (1992)Google Scholar
  11. 11.
    Gilboa, N.: Two Party RSA Key Generation (Extended Abstract). In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 116–129. Springer, Heidelberg (1999)Google Scholar
  12. 12.
    Goldreich, O., Micali, S., Wigderson, A.: How to Play any Mental Game – A Completeness Theorem for Protocols with Honest Majority. In: 19th STOC, pp. 218–229 (1987)Google Scholar
  13. 13.
    Haitner, I., Ishai, Y., Kushilevitz, E., Lindell, Y., Petrank, E.: Black-Box Constructions of Protocols for Secure Computation. SIAM Journal on Computing 40(2), 225–266 (2011)zbMATHCrossRefGoogle Scholar
  14. 14.
    Ishai, Y.: Personal Communication (2011)Google Scholar
  15. 15.
    Ishai, Y., Kilian, J., Nissim, K., Petrank, E.: Extending Oblivious Transfers Efficiently. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 145–161. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  16. 16.
    Ishai, Y., Prabhakaran, M., Sahai, A.: Founding Cryptography on Oblivious Transfer – Efficiently. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 572–591. Springer, Heidelberg (2008)Google Scholar
  17. 17.
    Ishai, Y., Prabhakaran, M., Sahai, A.: Secure Arithmetic Computation with No Honest Majority. In: Reingold, O. (ed.) TCC 2009. LNCS, vol. 5444, pp. 294–314. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  18. 18.
    Lindell, Y., Pinkas, B.: Secure Two-Party Computation via Cut-and-Choose Oblivious Transfer. In: Ishai, Y. (ed.) TCC 2011. LNCS, vol. 6597, pp. 329–346. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  19. 19.
    Naor, M., Pinkas, B.: Oblivious Transfer with Adaptive Queries. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 573–590. Springer, Heidelberg (1999)Google Scholar
  20. 20.
    Pinkas, B., Schneider, T., Smart, N.P., Williams, S.C.: Secure Two-Party Computation Is Practical. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 250–267. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  21. 21.
    Peikert, C., Vaikuntanathan, V., Waters, B.: A Framework for Efficient and Composable Oblivious Transfer. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 554–571. Springer, Heidelberg (2008)Google Scholar
  22. 22.
    Rabin, M.: How to Exchange Secrets by Oblivious Transfer. Tech. Memo TR-81, Aiken Computation Laboratory, Harvard U. (1981)Google Scholar
  23. 23.
    Shamir, A.: How to Share a Secret. Communications of the ACM 22(11), 612–613 (1979)MathSciNetzbMATHCrossRefGoogle Scholar
  24. 24.
    Yao, A.: How to Generate and Exchange Secrets. In: 27th FOCS, pp. 162–167 (1986)Google Scholar

Copyright information

© International Association for Cryptologic Research 2011

Authors and Affiliations

  • Yehuda Lindell
    • 1
  • Eli Oxman
    • 1
  • Benny Pinkas
    • 1
  1. 1.Dept. of Computer ScienceBar Ilan UniversityRamat GanIsrael

Personalised recommendations