Skip to main content
SpringerLink
Log in

Better Security-Efficiency Trade-Offs in Permutation-Based Two-Party Computation

  • Conference paper
  • First Online:
Advances in Cryptology – ASIACRYPT 2021 (ASIACRYPT 2021)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 13091))

Abstract

We improve upon the security of (tweakable) correlation-robust hash functions, which are essential components of garbling schemes and oblivious-transfer extension schemes. We in particular focus on constructions from permutations, and improve upon the work by Guo et al. (IEEE S&P ’20) in terms of security and efficiency.

We present a tweakable one-call construction which matches the security of the most secure two-call construction – the resulting security bound takes form \(O((p+q)q/2^n)\), where q is the number of construction evaluations and p is the number of direct adversarial queries to the underlying n-bit permutation, which is modeled as random.

Moreover, we present a new two-call construction with much better security degradation – in particular, for applications of interest, where only a constant number of evaluations per tweak are made, the security degrades as \(O((\sqrt{q} p+q^2)/2^n)\). Our security proof relies on the sum-capture theorems (Babai ’02; Steinberger ’12, Cogliati and Seurin ’18), as well as on new balls-into-bins combinatorial lemmas for limited independence ball-throws.

Of independent interest, we also provide a self-contained concrete security treatment of oblivious transfer extension.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 99.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 129.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    The basic idea of the simple proof is that a direct query H(mt) only helps if \(m = w \oplus R\) for one of the B oracle queries (wt).

  2. 2.

    Heuristically, one could evaluate a hash function on a fixed subset of inputs to obtain the corresponding tweaks.

  3. 3.

    I.e., of the characteristic function of the set.

  4. 4.

    Their proof, for a slightly simpler protocol, is in the standard model and tacitly assumes non-uniform tweakable crHF security. Roughly, their proof needs to build an adversary \(\mathcal {B}\) for keys chosen from a set \(\mathcal {R}\), but this set needs to be fixed non-uniformly – this is problematic in ideal models, because the choice of \(\mathcal {R}\) itself depends on the ideal primitive.

  5. 5.

    For \(\gamma \ge \delta \), by looking at the Taylor series, one can show that \(f_{\delta }(\epsilon ) = D((1+\epsilon )\delta \Vert \delta ) \ge \epsilon ^2\delta /2(1+\epsilon )\). This yields the inequality with \(\epsilon \delta = (\gamma - \delta )\) and \(1+\epsilon = \gamma /\delta \).

References

  1. Abdalla, M., Benhamouda, F., Passelègue, A.: Algebraic XOR-RKA-secure pseudorandom functions from post-zeroizing multilinear maps. In: Galbraith, S.D., Moriai, S. (eds.) ASIACRYPT 2019. LNCS, vol. 11922, pp. 386–412. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-34621-8_14

    Chapter  Google Scholar 

  2. Gilad, A., Yehuda, L., Thomas, S., Michael, Z.: More efficient oblivious transfer and extensions for faster secure computation. In: Sadeghi, A.Z., Gligor, V.D., Yung, M., (Eds.) ACM CCS 2013, pp. 535–548. ACM Press, November 2013

    Google Scholar 

  3. Babai, L.: The fourier transform and equations over finite abelian groups: An introduction to the method of trigonometric sums (lecture notes)

    Google Scholar 

  4. Bellare, M., Hoang, V.T., Keelveedhi, S., Rogaway, P.: Efficient garbling from a fixed-key blockcipher. In: 2013 IEEE Symposium on Security and Privacy, pp. 478–492. IEEE Computer Society Press, May 2013

    Google Scholar 

  5. Bellare, M., Hoang, V.T., Rogaway, P.: Foundations of garbled circuits. In: Yu, T., Danezis, G., Gligor, V.D. (Eds.) ACM CCS 2012, pp. 784–796. ACM Press, October 2012

    Google Scholar 

  6. Bellare, M., Kohno, T.: Hash function balance and its impact on birthday attacks. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 401–418. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-24676-3_24

    Chapter  Google Scholar 

  7. Chen, S., Steinberger, J.: Tight security bounds for key-alternating ciphers. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 327–350. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-55220-5_19

    Chapter  Google Scholar 

  8. Choi, S.G., Katz, J., Kumaresan, R., Zhou, H.S.: On the security of the “free-XOR” technique. In: Cramer, R. (ed.) TCC 2012. LNCS, vol. 7194, pp. 39–53. Springer, Heidelberg, March 2012

    Google Scholar 

  9. Cogliati, B., Seurin, Y.: On the provable security of the iterated even-mansour cipher against related-key and chosen-key attacks. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9056, pp. 584–613. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46800-5_23

    Chapter  Google Scholar 

  10. Cogliati, B., Seurin, Y.: Analysis of the single-permutation encrypted davies-meyer construction. Des. Codes Cryptogr. 86(12), 2703–2723 (2018)

    Article  MathSciNet  Google Scholar 

  11. Even, S., Mansour, Y.: A construction of a cipher from a single pseudorandom permutation. J. Cryptol. 10(3), 151–161 (1997). https://doi.org/10.1007/s001459900025

    Article  MathSciNet  MATH  Google Scholar 

  12. Farshim, P., Procter, G.: The related-key security of iterated even–mansour ciphers. In: Leander, G. (ed.) FSE 2015. LNCS, vol. 9054, pp. 342–363. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-48116-5_17

    Chapter  Google Scholar 

  13. Goldreich, O.: Foundations of Cryptography: Basic Applications, vol. 2. Cambridge University Press, Cambridge (2004)

    Book  Google Scholar 

  14. Gueron, S., Lindell, Y., Nof, A., Pinkas, B.: Fast garbling of circuits under standard assumptions. J. Cryptol. 31(3), 798–844 (2018)

    Article  MathSciNet  Google Scholar 

  15. Guo, C., Katz, J., Wang, X., Weng, C., Yu, Y.: Better concrete security for half-gates garbling (in the multi-instance setting). In: Micciancio, D., Ristenpart, T. (eds.) CRYPTO 2020. LNCS, vol. 12171, pp. 793–822. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-56880-1_28

    Chapter  Google Scholar 

  16. Guo, C., Katz, J., Wang, X., Yu, Y.: Efficient and secure multiparty computation from fixed-key block ciphers. In: 2020 IEEE Symposium on Security and Privacy, pp. 825–841. IEEE Computer Society Press, May 2020

    Google Scholar 

  17. Impagliazzo, R., Kabanets, V.: Constructive proofs of concentration bounds. In: Serna, M., Shaltiel, R., Jansen, K., Rolim, J. (eds.) APPROX/RANDOM -2010. LNCS, vol. 6302, pp. 617–631. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-15369-3_46

    Chapter  Google Scholar 

  18. Ishai, Y., Kilian, J., Nissim, K., Petrank, E.: Extending oblivious transfers efficiently. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 145–161. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-45146-4_9

    Chapter  Google Scholar 

  19. Keller, M., Orsini, E., Scholl, P.: Actively secure ot extension with optimal overhead. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. LNCS, vol. 9215, pp. 724–741. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-47989-6_35

    Chapter  Google Scholar 

  20. Krawczyk, H.: LFSR-based hashing and authentication. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 129–139. Springer, Heidelberg (1994). https://doi.org/10.1007/3-540-48658-5_15

    Chapter  Google Scholar 

  21. Liskov, M., Rivest, R.L., Wagner, D.: Tweakable block ciphers. J. Cryptol. 24(3), 588–613 (2011)

    Article  MathSciNet  Google Scholar 

  22. Panconesi, A., Srinivasan, A.: Randomized distributed edge coloring via an extension of the chernoff-hoeffding bounds. SIAM J. Comput. 26(2), 350–368 (1997)

    Article  MathSciNet  Google Scholar 

  23. Patarin, J.: The “coefficients H” technique (invited talk). In: Avanzi, R.M., Keliher, L., Sica, F. (eds.) SAC 2008, volume 5381 of LNCS, pp. 328–345. Springer, Heidelberg, August 2009. https://doi.org/10.1007/978-0-387-30440-3

  24. Steinberger, J.P.: The sum-capture problem for abelian groups. arXiv preprint arXiv:1309.5582 (2013)

  25. Tessaro, S.: Optimally secure block ciphers from ideal primitives. In: Iwata, T., Cheon, J.H. (eds.) ASIACRYPT 2015, Part II, volume 9453 of LNCS, pp. 437–462. Springer, Heidelberg, November/December 2015

    Google Scholar 

  26. Yao, A.C.C.: How to generate and exchange secrets (extended abstract). In: 27th FOCS, pp. 162–167. IEEE Computer Society Press, October 1986

    Google Scholar 

  27. Zahur, S., Rosulek, M., Evans, D.: Two halves make a whole. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9057, pp. 220–250. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46803-6_8

    Chapter  MATH  Google Scholar 

Download references

Acknowledgments

This work was done at the University of Washington, Seattle, USA, when the first author was visiting there. Yu Long Chen is supported by a Ph.D. Fellowship and a long term travel grant from the Research Foundation - Flanders (FWO). Stefano Tessaro was supported in part by NSF grants CNS-1930117 (CAREER), CNS-1926324, CNS-2026774, a Sloan Research Fellowship, and a JP Morgan Faculty Award. The authors would like to thank the anonymous reviewers for their comments and suggestions.

Author information

Authors and Affiliations

  1. imec-COSIC, KU Leuven, Leuven, Belgium

    Yu Long Chen

  2. Paul G. Allen School of Computer Science and Engineering, University of Washington, Seattle, USA

    Stefano Tessaro

Authors
  1. Yu Long Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Stefano Tessaro
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Yu Long Chen or Stefano Tessaro .

Editor information

Editors and Affiliations

  1. NTT Corporation, Tokyo, Japan

    Mehdi Tibouchi

  2. Nanyang Technological University, Singapore, Singapore

    Huaxiong Wang

Rights and permissions

Reprints and permissions

Copyright information

© 2021 International Association for Cryptologic Research

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Chen, Y.L., Tessaro, S. (2021). Better Security-Efficiency Trade-Offs in Permutation-Based Two-Party Computation. In: Tibouchi, M., Wang, H. (eds) Advances in Cryptology – ASIACRYPT 2021. ASIACRYPT 2021. Lecture Notes in Computer Science(), vol 13091. Springer, Cham. https://doi.org/10.1007/978-3-030-92075-3_10

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-92075-3_10

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-92074-6

  • Online ISBN: 978-3-030-92075-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Societies and partnerships

Search

Navigation