*18:11*[Pub][ePrint] Foundations of Reactive Garbling Schemes, by Jesper Buus Nielsen and Samuel Ranellucci

Garbled circuits is a cryptographic technique, which has been used among other

things

for the construction of two and three-party secure computation, private

function evaluation and secure outsourcing. Garbling schemes is a primitive

which formalizes the syntax and security properties of garbled circuits.

We define a generalization of garbling schemes called \\emph{reactive garbling

schemes}.

We consider functions and garbled functions taking multiple inputs and giving

multiple outputs.

Two garbled functions can be linked together:

an encoded output of one garbled function can be transformed

into an encoded input of the other garbled function without communication

between the parties.

Reactive garbling schemes also allow partial evaluation of garbled functions

even when only some of the encoded inputs are provided.

It is possible to further evaluate the linked garbled functions

when more garbled inputs become available.

It is also possible to later garble more functions and link them to the

ongoing garbled evaluation.

We provide rigorous definitions for reactive garbling schemes.

We define a new notion of security for reactive garbling schemes called

confidentiality.

We provide both simulation based and indistinguishability based notions of

security.

We also show that the simulation based notion of security

implies the indistinguishability based notion of security.

We present an instantiation of reactive garbling schemes. We present an

application of reactive garbling schemes to reactive

two-party computation secure against a malicious adversary. We demonstrate

how garbling schemes can be used to give abstract black-box descriptions and

proof of several advanced applications of garbled circuits in the literature,

including Minilego

and Lindell\'s forge-and-loose technique.