CryptoDB
ω(1/λ)-Rate Boolean Garbling Scheme from Generic Groups
| Authors: |
|
|---|---|
| Download: | |
| Conference: | CRYPTO 2025 |
| Abstract: | Garbling schemes are a fundamental cryptographic tool for enabling private computations and ensuring that nothing leaks beyond the output. As a widely studied primitive, significant efforts have been made to reduce their size. Until recently, all such schemes followed the Lindell and Pinkas paradigm for Boolean circuits (JoC 2009), where each gate is represented as a set of ciphertexts computed using only symmetric-key primitives. However, this approach is inherently limited to O(λ) bits per gate, where λ is the security parameter. Recently, it has been shown that achieving smaller garbled circuit size is possible under stronger assumptions, such as variants of Learning with Errors (LWE) or Indistinguishability Obfuscation (iO). In addition to requiring high-end cryptography, none of these constructions is black-box in the underlying cryptographic primitives, a key advantage of prior work. In this paper, we present the first approach to garbling Boolean circuits that makes a black-box use of a group and uses o(λ) bits per gate. Building on a novel application of the Reverse Multiplication-Friendly Embeddings (RMFE) paradigm (Cascudo et al., CRYPTO 2018), we introduce a new packing mechanism for garbling schemes. Our results introduce two new succinct schemes that achieve improved rates by a factor of √log(λ), retaining the black-box usage. (1) Our first scheme is proven in the Generic Group model (GGM) for circuits with Ω(√log(λ)) width, obtaining a garbled circuit size of λ . |C| / √log(λ). (2) Our second scheme is proven in the plain model under the Power-DDH assumption, attaining a garbled circuit size of λ . |C| / √log(λ) + poly(λ) . |C| . depth(C), but is restricted to layered circuits. **Our schemes are the first to achieve sublinear (in λ) cost per gate under assumptions that do not imply fully homomorphic encryption**; in addition, our scheme is also the first to achieve this while making a black-box use of cryptography. |
BibTeX
@inproceedings{crypto-2025-35727,
title={ω(1/λ)-Rate Boolean Garbling Scheme from Generic Groups},
publisher={Springer-Verlag},
author={Geoffroy Couteau and Carmit Hazay and Aditya Hegde and Naman Kumar},
year=2025
}