{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,5,22]],"date-time":"2025-05-22T04:07:01Z","timestamp":1747886821306,"version":"3.41.0"},"reference-count":45,"publisher":"Springer Science and Business Media LLC","issue":"3","license":[{"start":{"date-parts":[[2015,3,20]],"date-time":"2015-03-20T00:00:00Z","timestamp":1426809600000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["J Cryptol"],"published-print":{"date-parts":[[2016,7]]},"DOI":"10.1007\/s00145-015-9201-9","type":"journal-article","created":{"date-parts":[[2015,3,19]],"date-time":"2015-03-19T18:50:07Z","timestamp":1426791007000},"page":"552-576","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":6,"title":["Garbling XOR Gates \u201cFor Free\u201d in the Standard Model"],"prefix":"10.1007","volume":"29","author":[{"given":"Benny","family":"Applebaum","sequence":"first","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2015,3,20]]},"reference":[{"key":"9201_CR1","doi-asserted-by":"crossref","unstructured":"B. Applebaum, Randomly encoding functions: A new cryptographic paradigm (invited talk), in ICITS, pp. 25\u201331 (2011)","DOI":"10.1007\/978-3-642-20728-0_3"},{"key":"9201_CR2","doi-asserted-by":"crossref","unstructured":"B. Applebaum, D. Cash, C. Peikert, A. Sahai, Fast cryptographic primitives and circular-secure encryption based on hard learning problems, in Advances in Cryptology\u2014CRYPTO 2009, pp. 595\u2013618 (2009)","DOI":"10.1007\/978-3-642-03356-8_35"},{"key":"9201_CR3","unstructured":"B. Applebaum, D. Harnik, Y. Ishai, Semantic security under related-key attacks and applications, in ICS, pp. 45\u201360 (2011)"},{"key":"9201_CR4","doi-asserted-by":"crossref","unstructured":"B. Applebaum, Y. Ishai, E. Kushilevitz, Computationally private randomizing polynomials and their applications. Comput. Complex. 15(2), 115\u2013162 (2006)","DOI":"10.1007\/s00037-006-0211-8"},{"key":"9201_CR5","doi-asserted-by":"crossref","unstructured":"B. Applebaum, Y. Ishai, E. Kushilevitz, How to garble arithmetic circuits, in Proc. 52nd FOCS, pp. 120\u2013129 (2011)","DOI":"10.1109\/FOCS.2011.40"},{"key":"9201_CR6","doi-asserted-by":"crossref","unstructured":"M. Bellare, D. Cash, Pseudorandom functions and permutations provably secure against related-key attacks, in Advances in Cryptology\u2014CRYPTO 2010, pp. 666\u2013684 (2010)","DOI":"10.1007\/978-3-642-14623-7_36"},{"key":"9201_CR7","doi-asserted-by":"crossref","unstructured":"M. Bellare, V.T. Hoang, P. Rogaway, Foundations of garbled circuits, in CCS \u201912, pp. 784\u2013796 (2012)","DOI":"10.1145\/2382196.2382279"},{"key":"9201_CR8","doi-asserted-by":"crossref","unstructured":"M. Bellare, T. Kohno, A theoretical treatment of related-key attacks: RKA-PRPs, RKA-PRFs, and applications, in Advances in Cryptology\u2014EUROCRYPT 2003, pp. 491\u2013506 (2003)","DOI":"10.1007\/3-540-39200-9_31"},{"key":"9201_CR9","doi-asserted-by":"crossref","unstructured":"M. Bellare, P. Rogaway, Random oracles are practical: A paradigm for designing efficient protocols, in First ACM Conference on Computer and Communications Security, pp. 62\u201373 (1993)","DOI":"10.1145\/168588.168596"},{"key":"9201_CR10","doi-asserted-by":"crossref","unstructured":"J. Black, P. Rogaway, T. Shrimpton, Encryption-scheme security in the presence of key-dependent messages, in SAC \u201902, pp. 62\u201375 (2002)","DOI":"10.1007\/3-540-36492-7_6"},{"key":"9201_CR11","doi-asserted-by":"crossref","unstructured":"A. Blum, M. Furst, M. Kearns, R.J. Lipton, Cryptographic primitives based on hard learning problems, in Advances in Cryptology\u2014CRYPTO 1993, pp. 278\u2013291 (1993)","DOI":"10.1007\/3-540-48329-2_24"},{"key":"9201_CR12","doi-asserted-by":"crossref","unstructured":"A. Blum, A. Kalai, H. Wasserman, Noise-tolerant learning, the parity problem, and the statistical query model. J. ACM 50(4), 506\u2013519 (2003)","DOI":"10.1145\/792538.792543"},{"key":"9201_CR13","doi-asserted-by":"crossref","unstructured":"M. Blum, S. Micali, How to generate cryptographically strong sequences of pseudo-random bits. SIAM J. Comput. 13, 850\u2013864 (1984)","DOI":"10.1137\/0213053"},{"key":"9201_CR14","doi-asserted-by":"crossref","unstructured":"D. Boneh, S. Halevi, M. Hamburg, R. Ostrovsky, Circular-secure encryption from decision diffie-hellman, in Advances in Cryptology\u2014CRYPTO 2008, pp. 108\u2013125 (2008)","DOI":"10.1007\/978-3-540-85174-5_7"},{"key":"9201_CR15","doi-asserted-by":"crossref","unstructured":"F. B\u00f6hl, G.T. Davies, D. Hofheinz, Encryption schemes secure under related-key and key-dependent message attacks, in Public Key Cryptography, pp. 483\u2013500 (2014)","DOI":"10.1007\/978-3-642-54631-0_28"},{"key":"9201_CR16","doi-asserted-by":"crossref","unstructured":"J. Camenisch, A. Lysyanskaya, An efficient system for non-transferable anonymous credentials with optional anonymity revocation, in Advances in Cryptology\u2014EUROCRYPT 2001, pp. 93\u2013118 (2001)","DOI":"10.1007\/3-540-44987-6_7"},{"key":"9201_CR17","doi-asserted-by":"crossref","unstructured":"R. Canetti, O. Goldreich, S. Halevi, The random oracle methodology, revisited. J. ACM 51(4), 557\u2013594 (2004)","DOI":"10.1145\/1008731.1008734"},{"key":"9201_CR18","doi-asserted-by":"crossref","unstructured":"S.G. Choi, J. Katz, R. Kumaresan, H.S. Zhou, On the security of the \u201dfree-XOR\u201d technique, in TCC \u201912, pp. 39\u201353 (2012)","DOI":"10.1007\/978-3-642-28914-9_3"},{"key":"9201_CR19","doi-asserted-by":"crossref","unstructured":"H. Gilbert, M.J.B. Robshaw, Y. Seurin, How to encrypt with the LPN problem. in Automata, Languages and Programming, 35th International Colloquium, ICALP \u201908, pp. 679\u2013690 (2008)","DOI":"10.1007\/978-3-540-70583-3_55"},{"key":"9201_CR20","doi-asserted-by":"crossref","unstructured":"O. Goldreich, H. Krawczyk, M. Luby, On the existence of pseudorandom generators. SIAM J. Comput. 22(6), 1163\u20131175 (1993)","DOI":"10.1137\/0222069"},{"key":"9201_CR21","doi-asserted-by":"crossref","unstructured":"O. Goldreich, S. Micali, A. Wigderson, How to play ANY mental game, in Proc. 19th STOC, pp. 218\u2013229 (1987)","DOI":"10.1145\/28395.28420"},{"key":"9201_CR22","doi-asserted-by":"crossref","unstructured":"J. H\u00e5stad, R. Impagliazzo, L.A. Levin, M. Luby, A pseudorandom generator from any one-way function. SIAM J. Comput. 28(4), 1364\u20131396 (1999)","DOI":"10.1137\/S0097539793244708"},{"key":"9201_CR23","doi-asserted-by":"crossref","unstructured":"W. Henecka, S. K\u00f6gl, A.R. Sadeghi, T. Schneider, I. Wehrenberg, TASTY: Tool for automating secure two-party computations, in CCS 10\u2019, pp. 451\u2013462 (2010)","DOI":"10.1145\/1866307.1866358"},{"key":"9201_CR24","doi-asserted-by":"crossref","unstructured":"Y. Huang, D. Evans, J. Katz, L. Malka, Faster secure two-party computation using garbled circuits, in USENIX Security Symposium, pp. 539\u2013554 (2011).","DOI":"10.1007\/978-3-642-25560-1_2"},{"key":"9201_CR25","doi-asserted-by":"crossref","unstructured":"Y. Huang, C.H Shen, D. Evans, J. Katz, A. Shelat, Efficient secure computation with garbled circuits, in ICISS \u201911, pp. 28\u201348 (2011)","DOI":"10.1007\/978-3-642-25560-1_2"},{"key":"9201_CR26","doi-asserted-by":"crossref","unstructured":"Y. Ishai, J. Kilian, K. Nissim, E. Petrank, Extending oblivious transfers efficiently, in Advances in Cryptology\u2014CRYPTO 2003, pp. 145\u2013161 (2003)","DOI":"10.1007\/978-3-540-45146-4_9"},{"key":"9201_CR27","doi-asserted-by":"crossref","unstructured":"Y. Ishai, E. Kushilevitz, Randomizing polynomials: A new representation with applications to round-efficient secure computation, in Proc. 41st FOCS, pp. 294\u2013304 (2000)","DOI":"10.1109\/SFCS.2000.892118"},{"key":"9201_CR28","doi-asserted-by":"crossref","unstructured":"V. Kolesnikov, A.R. Sadeghi, T. Schneider, Improved garbled circuit building blocks and applications to auctions and computing minima, in CANS, pp. 1\u201320 (2009)","DOI":"10.1007\/978-3-642-10433-6_1"},{"key":"9201_CR29","doi-asserted-by":"crossref","unstructured":"V. Kolesnikov, T. Schneider, Improved garbled circuit: Free XOR gates and applications, in Automata, Languages and Programming, 35th International Colloquium, ICALP \u201908, pp. 486\u2013498 (2008)","DOI":"10.1007\/978-3-540-70583-3_40"},{"key":"9201_CR30","unstructured":"B. Kreuter, A. Shelat, C.H. Shen, Billion-gate secure computation with malicious adversaries, in Security\u201912: Proceedings of the 21st USENIX conference on Security Symposium, pp. 14\u201314 (2012)"},{"key":"9201_CR31","doi-asserted-by":"crossref","unstructured":"Y. Lindell, B. Pinkas, N. Smart, Implementing two-party computation efficiently with security against malicious adversaries, in SCN \u201908, pp. 2\u201320 (Sep 2008)","DOI":"10.1007\/978-3-540-85855-3_2"},{"key":"9201_CR32","doi-asserted-by":"crossref","unstructured":"Y. Lindell, B. Pinkas, An efficient protocol for secure two-party computation in the presence of malicious adversaries, in Advances in Cryptology\u2014EUROCRYPT 2007, pp. 52\u201378 (2007)","DOI":"10.1007\/978-3-540-72540-4_4"},{"key":"9201_CR33","doi-asserted-by":"crossref","unstructured":"Y. Lindell, B. Pinkas, A proof of security of yao\u2019s protocol for two-party computation. J. Cryptol. 22(2), 161\u2013188 (2009)","DOI":"10.1007\/s00145-008-9036-8"},{"key":"9201_CR34","doi-asserted-by":"crossref","unstructured":"L. Malka, J. Katz, Vmcrypt\u2014Modular software architecture for scalable secure computation, in CCS \u201911, pp. 715\u2013724 (2011)","DOI":"10.1145\/2046707.2046787"},{"key":"9201_CR35","unstructured":"D. Malkhi, N. Nisan, B. Pinkas, Y. Sella, Fairplay\u2014A secure two-party computation system, in Proc. of 13th USENIX Security Symposium, pp. 287\u2013302 (2004)"},{"key":"9201_CR36","doi-asserted-by":"crossref","unstructured":"U.M. Maurer, Indistinguishability of random systems, in Advances in Cryptology\u2014EUROCRYPT 2002, pp. 110\u2013132 (2002)","DOI":"10.1007\/3-540-46035-7_8"},{"key":"9201_CR37","doi-asserted-by":"crossref","unstructured":"M. Naor, B. Pinkas, Oblivious transfer with adaptive queries, in Advances in Cryptology\u2014CRYPTO 1999, pp. 573 \u2013590 (1999)","DOI":"10.1007\/3-540-48405-1_36"},{"key":"9201_CR38","doi-asserted-by":"crossref","unstructured":"M. Naor, B. Pinkas, R. Sumner, Privacy preserving auctions and mechanism design, in Proc. 1st ACM Conference on Electronic Commerce, pp. 129\u2013139 (1999)","DOI":"10.1145\/336992.337028"},{"key":"9201_CR39","doi-asserted-by":"crossref","unstructured":"J.B. Nielsen, C. Orlandi, LEGO for two-party secure computation, in Theory of Cryptography, 6th Theory of Cryptography Conference, TCC 2009, pp. 368\u2013386 (2009)","DOI":"10.1007\/978-3-642-00457-5_22"},{"key":"9201_CR40","doi-asserted-by":"crossref","unstructured":"B. Pinkas, T. Schneider, N. Smart, S. Williams, Secure two-party computation is practical, in Advances in Cryptology\u2014ASIACRYPT 2009, pp. 250\u2013267 (2009)","DOI":"10.1007\/978-3-642-10366-7_15"},{"key":"9201_CR41","unstructured":"P. Rogaway, The Round Complexity of Secure Protocols. Ph.D. thesis, MIT (June 1991)"},{"key":"9201_CR42","doi-asserted-by":"crossref","unstructured":"A. Shelat, C.H. Shen, Two-output secure computation with malicious adversaries, in Advances in Cryptology\u2014EUROCRYPT 2011, pp. 386\u2013405 (2011)","DOI":"10.1007\/978-3-642-20465-4_22"},{"key":"9201_CR43","doi-asserted-by":"crossref","unstructured":"D.A. Spielman, Linear-time encodable and decodable error-correcting codes, in Proc. 27th STOC, pp. 388\u2013397 (1995)","DOI":"10.1145\/225058.225165"},{"key":"9201_CR44","doi-asserted-by":"crossref","unstructured":"A.C. Yao, Theory and application of trapdoor functions, in Proc. 23rd FOCS, pp. 80\u201391 (1982)","DOI":"10.1109\/SFCS.1982.45"},{"key":"9201_CR45","doi-asserted-by":"crossref","unstructured":"A.C. Yao, How to generate and exchange secrets, in Proc. 27th FOCS, pp. 162\u2013167 (1986)","DOI":"10.1109\/SFCS.1986.25"}],"container-title":["Journal of Cryptology"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00145-015-9201-9.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s00145-015-9201-9\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00145-015-9201-9","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00145-015-9201-9.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,5,21]],"date-time":"2025-05-21T04:27:31Z","timestamp":1747801651000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s00145-015-9201-9"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015,3,20]]},"references-count":45,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2016,7]]}},"alternative-id":["9201"],"URL":"https:\/\/doi.org\/10.1007\/s00145-015-9201-9","relation":{},"ISSN":["0933-2790","1432-1378"],"issn-type":[{"type":"print","value":"0933-2790"},{"type":"electronic","value":"1432-1378"}],"subject":[],"published":{"date-parts":[[2015,3,20]]},"assertion":[{"value":"30 June 2013","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"20 March 2015","order":2,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}