BLUE

ePrint Updates

@eprint.bsky.social

Unofficial bot tracking updates to the IACR Cryptology ePrint Archive (eprint.iacr.org/). Maintained by @str4d.xyz. Currently only posts about new papers. Author names are linkified to Bluesky accounts; contact maintainer for inclusion or removal.

405 followers1 following2.9k posts

EUeprint.bsky.socialOct 4, 2024 8:47am

Bitwise Garbling Schemes — A Model with $\frac{3}{2}\kappa$-bit Lower Bound of Ciphertexts (Fei Xu, Honggang Hu, Changhong Xu) ia.cr/2024/1532

Abstract. At Eurocrypt 2015, Zahur, Rosulek, and Evans proposed the model of Linear Garbling Schemes. This model proved a 2κ-bit lower bound of ciphertexts for a broad class of garbling schemes. Since then, several methods have been developed that bypass this lower bound, albeit with a notable limitation: Their reliance on specifically correlated input wire labels restricts their applicability across most gates. At Crypto 2021, Rosulek and Roy presented the innovative “three-halves” garbling scheme in which AND gates cost 1.5κ + 5 bits and XOR gates are free. A noteworthy aspect of their scheme is the slicing-and-dicing technique, which is applicable universally to all AND gates when garbling a boolean circuit. Following this revelation, Rosulek and Roy presented several open problems. Our research primarily addresses one of them: “Is 1.5κ bits optimal for garbled AND gates in a more inclusive model than Linear Garbling Schemes?’’

In this paper, we propose the Bitwise Garbling Schemes, a model that seamlessly incorporates the slicing-and-dicing technique. Our key revelation is that 1.5κ bits is indeed optimal for arbitrary garbled AND gates in our model. Since Rosulek and Roy also suggested another problem which questions the necessity of free-XOR, we explore constructions without free-XOR and prove a 2κ-bit lower bound. Therefore, sacrificing compatibility with free-XOR does not lead to a more efficient scheme.

ePrint Updates

@eprint.bsky.social

405 followers1 following2.9k posts