A Ciphertext Reduction Scheme for Garbling an S-Box in an AES Circuit with Minimal Online Time
Author:
Yan Xu12, Lian Bin1, Yang Yunhao12, Wang Xiaotie3, Cui Jialin1, Zhao Xianghong1, Wang Fuqun4, Chen Kefei4
Affiliation:
1. School of Information Science and Engineering, NingboTech University, Ningbo 315100, China 2. College of Information Science and Electronic Engineering, Zhejiang University, Hangzhou 310058, China 3. School of Computer Science and Technology, Zhejiang Sci-Tech University, Hangzhou 310018, China 4. School of Mathematics, Hangzhou Normal University, Hangzhou 311121, China
Abstract
The secure computation of symmetric encryption schemes using Yao’s garbled circuits, such as AES, allows two parties, where one holds a plaintext block m and the other holds a key k, to compute Enc(k,m) without leaking m and k to one another. Due to its wide application prospects, secure AES computation has received much attention. However, the evaluation of AES circuits using Yao’s garbled circuits incurs substantial communication overhead. To further improve its efficiency, this paper, upon observing the special structures of AES circuits and the symmetries of an S-box, proposes a novel ciphertext reduction scheme for garbling an S-box in the last SubBytes step. Unlike the idea of traditional Yao’s garbled circuits, where the circuit generator uses the input wire labels to encrypt the corresponding output wire labels, our garbling scheme uses the input wire labels of an S-box to encrypt the corresponding “flip bit strings”. This approach leads to a significant performance improvement in our garbling scheme, which necessitates only 28 ciphertexts to garble an S-box and a single invocation of a cryptographic primitive for decryption compared to the best result in previous work that requires 8×28 ciphertexts to garble an S-box and multiple invocations of a cryptographic primitive for decryption. Crucially, the proposed scheme provides a new idea to improve the performance of Yao’s garbled circuits. We analyze the security of the proposed scheme in the semi-honest model and experimentally verify its efficiency.
Funder
National Natural Science Foundation of China Zhejiang Provincial Natural Science Foundation of China Zhejiang Provincial basic public welfare research project of China Ningbo City’s Key Technology Breakthrough Plan for “Science and Technology Innovation Yongjiang 2035” Ningbo 2025 Major Project of Science and Technology Innovation Major Technological Innovation Projects of Ningbo High tech Zone
Reference34 articles.
1. Yao, A.C.C. (1986, January 27–29). How to generate and exchange secrets. Proceedings of the 27th Annual Symposium on Foundations of Computer Science (Sfcs 1986), Toronto, ON, Canada. 2. Huang, Y., Shen, C.H., Evans, D., Katz, J., and Shelat, A. (2011, January 15–19). Efficient secure computation with garbled circuits. Proceedings of the Information Systems Security: 7th International Conference, ICISS 2011, Kolkata, India. Proceedings 7. 3. Mohassel, P., and Riva, B. (2013, January 18–22). Garbled circuits checking garbled circuits: More efficient and secure two-party computation. Proceedings of the Advances in Cryptology–CRYPTO 2013: 33rd Annual Cryptology Conference, Santa Barbara, CA, USA. Proceedings, Part II. 4. Frederiksen, T.K., Nielsen, J.B., and Orlandi, C. (2015, January 26–30). Privacy-free garbled circuits with applications to efficient zero-knowledge. Proceedings of the Annual International Conference on the Theory and Applications of Cryptographic Techniques, Sofia, Bulgaria. 5. Pinkas, B., Schneider, T., Smart, N.P., and Williams, S.C. (2009, January 6–10). Secure two-party computation is practical. Proceedings of the Advances in Cryptology–ASIACRYPT 2009: 15th International Conference on the Theory and Application of Cryptology and Information Security, Tokyo, Japan. Proceedings 15.
|
|