TY - JOUR
T1 - A single shuffle is enough for secure card-based computation of any Boolean circuit
AU - Shinagawa, Kazumasa
AU - Nuida, Koji
N1 - Funding Information:
The authors would like to thank members of the study group “Shin-Akarui-Angou-Benkyou-Kai” for the valuable discussions and helpful comments. Among them, the authors specially thank Goichiro Hanaoka for his worthful suggestions on this study. The authors express their appreciation to the anonymous reviewers for their valuable comments. The first author was supported during this work by JSPS KAKENHI Grant Nos. 17J01169 and 20J01192 , Japan. The second author was supported during this work by JST CREST Grant No. JPMJCR14D6 , Japan.
Publisher Copyright:
© 2020 The Authors
PY - 2021/1/31
Y1 - 2021/1/31
N2 - Secure computation enables a number of players each holding a secret input value to compute a function of the inputs without revealing the inputs. It is known that secure computation is possible physically when the inputs are given as a sequence of physical cards. This research area is called card-based cryptography. One of the important problems in card-based cryptography is to minimize the number of cards and shuffles, where a shuffle is the most important (and somewhat heavy) operation in card-based protocols. In this paper, we determine the minimum number of shuffles for achieving general secure computation. Somewhat surprisingly, the answer is just one, i.e., we design a protocol which securely computes any Boolean circuit with only a single shuffle. The number of cards required for our protocol is proportional to the size of the circuit to be computed.
AB - Secure computation enables a number of players each holding a secret input value to compute a function of the inputs without revealing the inputs. It is known that secure computation is possible physically when the inputs are given as a sequence of physical cards. This research area is called card-based cryptography. One of the important problems in card-based cryptography is to minimize the number of cards and shuffles, where a shuffle is the most important (and somewhat heavy) operation in card-based protocols. In this paper, we determine the minimum number of shuffles for achieving general secure computation. Somewhat surprisingly, the answer is just one, i.e., we design a protocol which securely computes any Boolean circuit with only a single shuffle. The number of cards required for our protocol is proportional to the size of the circuit to be computed.
UR - http://www.scopus.com/inward/record.url?scp=85094832398&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85094832398&partnerID=8YFLogxK
U2 - 10.1016/j.dam.2020.10.013
DO - 10.1016/j.dam.2020.10.013
M3 - Article
AN - SCOPUS:85094832398
VL - 289
SP - 248
EP - 261
JO - Discrete Applied Mathematics
JF - Discrete Applied Mathematics
SN - 0166-218X
ER -