Garbled Circuits as Randomized Encodings of Functions: a Primer

  title={Garbled Circuits as Randomized Encodings of Functions: a Primer},
  author={Benny Applebaum},
  booktitle={Tutorials on the Foundations of Cryptography},
  • B. Applebaum
  • Published in
    Tutorials on the Foundations…
  • Mathematics, Computer Science
Yao’s garbled circuit (GC) construction is a central cryptographic tool with numerous applications. In this tutorial, we study garbled circuits from a foundational point of view under the framework of randomized encoding (RE) of functions. We review old and new constructions of REs, present some lower bounds, and describe some applications. We also discuss new directions and open problems in the foundations of REs. 
A New Framework for Garbled Circuits
This work revisits the common paradigm and extends the seminal work of Bellare, Hoang, and Rogaway to present for the first time an abstraction of the garbling algorithm itself, and presents a non-bijective scheme avoiding Zahur et al.
Quantum garbled circuits
This work introduces a definition of quantum randomized encodings and presents a construction which allows to efficiently garble any quantum circuit, assuming the existence of quantum-secure one-way functions, and achieves perfect information-theoretic security albeit with blowup in the size of the garbled circuits.
Threshold Garbled Circuits and Ad Hoc Secure Computation
This work studies the case when some of the wire-keys are missing, but the evaluator of the GC might have both keys for a constant number of wires, and shows that when the number of parties participating in the online phase is a fixed threshold l ≤ n then it is possible to securely evaluate any l-input function.
A Simple Construction of iO for Turing Machines
We give a simple construction of indistinguishability obfuscation for Turing machines where the time to obfuscate grows only with the description size of the machine and otherwise, independent of the
Limits on the Power of Garbling Techniques for Public-Key Encryption
The seminal work of Impagliazzo and Rudich shows that black-box constructions of public-key encryption from one-way functions are impossible, but this impossibility result leaves open the possibility of using non-black-box techniques for achieving this goal.
A Simple Post-Quantum Non-Interactive Zero-Knowledge Proof from Garbled Circuits
A simple public-coin zero-knowledge proof system solely based on symmetric primitives, from which the Fiat-Shamir heuristic can be applied to make it non-interactive.
On the Complexity of Decomposable Randomized Encodings, Or: How Friendly Can a Garbling-Friendly PRF Be?
A systematic study of the DRE complexity of Boolean functions, and shows that any exponentially secure PRF has Ω(n2/ logn) DRE size, and presents a plausible candidate for a “garbling-optimal” PRF that nearly meets this bound.
Adaptive Garbled RAM from Laconic Oblivious Transfer
This work yields the first constant round secure computation protocol for persistent RAM programs in the malicious setting from standard assumptions, and it is noted that prior works did not support persistence inThe malicious setting.
On Actively-Secure Elementary MPC Reductions
We introduce the notion of elementary MPC reductions that allow us to securely compute a functionality f by making a single call to a constant-degree “noncryptographic” functionality g without
Perfect Secure Computation in Two Rounds
We show that any multi-party functionality can be evaluated using a two-round protocol with perfect correctness and perfect semi-honest security, provided that the majority of parties are honest.


Garbled RAM Revisited
The notion of garbled random-access machines (garbled RAMs) was introduced by Lu and Ostrovsky (Eurocrypt 2013). It can be seen as an analogue of Yao’s garbled circuits, that allows a user to garble
Improved Garbled Circuit: Free XOR Gates and Applications
In this one-round protocol, XOR gates are evaluated "for free", which results in the corresponding improvement over the best garbled circuit implementations (e.g. Fairplay) and improves integer addition and equality testing by factor of up to 2.
How to Garble RAM Programs
This work shows how to construct Garbled RAM Programs (GRAM) where its size only depends on fixed polynomial in the security parameter times the program running time, implying the first garbled binary search program (searching over sorted encrypted data stored in a cloud) which is poly-logarithmic in the data size instead of linear.
Foundations of garbled circuits
This work provides a provable-security treatment for garbling schemes, endowing them with a versatile syntax and multiple security definitions, and provides highly efficient blockcipher-based instantiations of both schemes.
Garbled RAM From One-Way Functions
This paper provides the first construction with strictly poly-logarithmic overhead in both space and time based only on the minimal assumption that one-way functions exist and allows for garbling multiple programs being executed on a persistent database, and has the additional feature that the program garbling is decoupled from the database garbling.
Randomization Techniques for Secure Computation
  • Y. Ishai
  • Computer Science, Mathematics
    Secure Multi-Party Computation
  • 2013
The state of the art on different flavors of this question that are motivated by different problems in secure computation and correspond to different notions of simplicity are surveyed.
Efficient Garbling from a Fixed-Key Blockcipher
This work advocates schemes based on fixed-key AES as the best route to highly efficient circuit-garbling and justifies the security of these methods in the random-permutation model, where parties have access to a public random permutation.
Randomly Encoding Functions: A New Cryptographic Paradigm - (Invited Talk)
This work surveys several cryptographic applications of the notion of randomized encoding, which allows to represent a "complex" function f (x) by a "simpler" randomized mapping ˆ f ( x;r) whose output distribution on an input x encodes the value of f (X).
Fully Key-Homomorphic Encryption, Arithmetic Circuit ABE and Compact Garbled Circuits
The first (key-policy) attribute-based encryption (ABE) system with short secret keys is constructed, and the first reusable circuit garbling scheme that produces garbled circuits whose size is the same as the original circuit plus an additive poly(λ,d) bits is obtained.
Partial Garbling Schemes and Their Applications
A general new notion of partial garbling is suggested which unifies several previous notions from the literature, including standard garbling schemes, secret sharing schemes, and “conditional disclosure of secrets”, and is demonstrated by presenting applications to efficient attribute-based encryption, delegation, and secure computation.