Efficient garbling from a fixed-key blockcipher
2013 IEEE Symposium on Security and Privacy, 2013•ieeexplore.ieee.org
We advocate schemes based on fixed-key AES as the best route to highly efficient circuit-
garbling. We provide such schemes making only one AES call per garbled-gate evaluation.
On the theoretical side, we justify the security of these methods in the random-permutation
model, where parties have access to a public random permutation. On the practical side, we
provide the Just Garble system, which implements our schemes. Just Garble evaluates
moderate-sized garbled-circuits at an amortized cost of 23.2 cycles per gate (7.25 nsec), far …
garbling. We provide such schemes making only one AES call per garbled-gate evaluation.
On the theoretical side, we justify the security of these methods in the random-permutation
model, where parties have access to a public random permutation. On the practical side, we
provide the Just Garble system, which implements our schemes. Just Garble evaluates
moderate-sized garbled-circuits at an amortized cost of 23.2 cycles per gate (7.25 nsec), far …
We advocate schemes based on fixed-key AES as the best route to highly efficient circuit-garbling. We provide such schemes making only one AES call per garbled-gate evaluation. On the theoretical side, we justify the security of these methods in the random-permutation model, where parties have access to a public random permutation. On the practical side, we provide the Just Garble system, which implements our schemes. Just Garble evaluates moderate-sized garbled-circuits at an amortized cost of 23.2 cycles per gate (7.25 nsec), far faster than any prior reported results.
ieeexplore.ieee.org
Showing the best result for this search. See all results