,
Garbled Circuits
Garbled Circuit Algorithm Example
Abstract
Xin Fang, Stratis Ioannidis, Miriam LeeserDepartment of Electrical and Computer Engineering
Northeastern University, Boston MA, USA
Privacy Preserving Computations accelerated using FPGA Overlays
Garbled Circuits: Ensure the privacy of the computing data while being processed.
Three types of parties: Garbler, Evaluator, User;
Garbler engages in GC protocol with evaluator
The evaluator computes f over the inputs
Does not learn the inputs or any intermediate output
Learns only the final output
Problem # of AND Gate # of XOR gate # of layers Max # of AND in One Layer
Millionaire(2) 2 11 7 1
Addition(6) 6 24 18 1
HD(10) 20 90 22 5
A*B(8) 120 352 57 64
A*B(12) 276 816 89 144
Sorting(10*4) 848 4683 278 32
Problem Speedup
Millionaire(2) 422
Addition(6) 222
HD(10) 243
A*B(8) 498
A*B(12) 571
Sorting(10*4) 929
Garbled Circuits (GC) is a protocol for implementing Secure Function Evaluation
(SFE) which can evaluate any function that can be expressed as a Boolean circuit
and obtain the result while keeping all parties’ inputs private.
We investigate, implement and evaluate a Secure Computation Infrastructure using
FPGA Overlay architecture and leverage hardware acceleration to tackle the
scalability and efficiency challenges inherent in garbled circuits.
Our implementation shows orders of magnitude improvement over a software
Package (ObliVM) for evaluating garbled circuits and demonstrates that the circuit
being evaluated can change with almost no overhead.
Random number ai represents
value i on wire a,
Same applies to wire b and x
Using cryptographic primitives,
take random number as keys,
encrypt the output key.
Output: Four cyphertexts.
Enca0,b0(x0)
Enca0,b1 (x1)
Enca1,b0 (x1)
Enca1,b1 (x1)
Output
Workflow
Extract parallel information in GC problems:
[1] Chang Liu, Xiao Shaun Wang, Karthik Nayak, Yan Huang, and Elaine Shi. ObliVM: A generic,
customizable, and reusable secure computation architecture. In IEEE S & P, 2015. http://oblivm.com/
FPGA Overlay Architecture:
Different Problems with size information:
Dataflow in GC problems:
Proposed System:
Experiments and Results on one FPGA
Speedup compared with ObliVM:Resource Utilization: