TY - GEN
T1 - Faster secure multi-party computation of AES and DES using lookup tables
AU - Keller, Marcel
AU - Orsini, Emmanuela
AU - Rotaru, Dragos
AU - Scholl, Peter
AU - Soria-Vazquez, Eduardo
AU - Vivek, Srinivas
PY - 2017/6/26
Y1 - 2017/6/26
N2 - We present an actively secure protocol for secure multi-party computation based on lookup tables, by extending the recent, two-party ‘TinyTable’ protocol of Damgård et al. (ePrint 2016). Like TinyTable, an attractive feature of our protocol is a very fast and simple online evaluation phase. We also give a new method for efficiently implementing the preprocessing material required for the online phase using arithmetic circuits over characteristic two fields. This improves over the suggested method from TinyTable by at least a factor of 50. As an application of our protocol, we consider secure computation of the Triple DES and the AES block ciphers, computing the S-boxes via lookup tables. Additionally, we adapt a technique for evaluating (Triple) DES based on a polynomial representation of its S-boxes that was recently proposed in the side-channel countermeasures community. We compare the above two approaches with an implementation. The table lookup method leads to a very fast online time of over 230,000 blocks per second for AES and 45,000 for Triple DES. The preprocessing cost is not much more than previous methods that have a much slower online time.
AB - We present an actively secure protocol for secure multi-party computation based on lookup tables, by extending the recent, two-party ‘TinyTable’ protocol of Damgård et al. (ePrint 2016). Like TinyTable, an attractive feature of our protocol is a very fast and simple online evaluation phase. We also give a new method for efficiently implementing the preprocessing material required for the online phase using arithmetic circuits over characteristic two fields. This improves over the suggested method from TinyTable by at least a factor of 50. As an application of our protocol, we consider secure computation of the Triple DES and the AES block ciphers, computing the S-boxes via lookup tables. Additionally, we adapt a technique for evaluating (Triple) DES based on a polynomial representation of its S-boxes that was recently proposed in the side-channel countermeasures community. We compare the above two approaches with an implementation. The table lookup method leads to a very fast online time of over 230,000 blocks per second for AES and 45,000 for Triple DES. The preprocessing cost is not much more than previous methods that have a much slower online time.
KW - Block cipher
KW - Implementation
KW - Multi-party computation
UR - http://www.scopus.com/inward/record.url?scp=85022324204&partnerID=8YFLogxK
U2 - 10.1007/978-3-319-61204-1_12
DO - 10.1007/978-3-319-61204-1_12
M3 - Conference Contribution (Conference Proceeding)
AN - SCOPUS:85022324204
SN - 9783319612034
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 229
EP - 249
BT - Applied Cryptography and Network Security
PB - Springer, Cham
T2 - 15th International Conference on Applied Cryptography and Network Security, ACNS 2017
Y2 - 10 July 2017 through 12 July 2017
ER -