Abstract
Cut-and-choose paradigmmakes Yao's protocol for two-party computation secure in malicious model with an error probability. In CRYPTO 2013, based on multi-phase cut-and-choose, Lindell reduced this probability to the optimal value. However, this work can only compute single-output functions with optimal error probability. We transform multi-phase cut-and-choose for singleoutput case into one that can deal with two-output functions, meanwhile maintaining the optimal error probability. Based on this new paradigm, we propose an efficient two-output secure computation protocol. Besides, by utilizing the specific property of the output garbled keys, we solve the authenticity issue of the generator's output with only symmetric cryptographic operations linear in the output length of the generator, which is the most efficient method so far in standard model without Random oracle (RO).
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
