Most implementations of Yao's garbled circuit approach for 2-party secure computation use the free-XOR optimization of Kolesnikov & Schneider (ICALP 2008). We introduce an alternative technique called flexible-XOR (fleXOR) that generalizes free-XOR and offers several advantages. First, fleXOR can be instantiated under a weaker hardness assumption on the underlying cipher/hash function (related-key security only, compared to related-key and circular security required for free-XOR) while maintaining most of the performance improvements that free-XOR offers. Alternatively, even though XOR gates are not always "free" in our approach, we show that the other (non-XOR) gates can be optimized more heavily than what is possible when using free-XOR. For many circuits of cryptographic interest, this can yield a significantly (over 30%) smaller garbled circuit than any other known techniques (including free-XOR) or their combinations. © 2014 International Association for Cryptologic Research.
CITATION STYLE
Kolesnikov, V., Mohassel, P., & Rosulek, M. (2014). FleXOR: Flexible garbling for XOR gates that beats free-XOR. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 8617 LNCS, pp. 440–457). Springer Verlag. https://doi.org/10.1007/978-3-662-44381-1_25
Mendeley helps you to discover research relevant for your work.