-
Notifications
You must be signed in to change notification settings - Fork 47
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Implement miTCCR #7
Comments
My understanding is that we don't need to worry about miTCCR, here's why:
|
I realized that the emp-tool author hasn't responded to my q about this matter: emp-toolkit/emp-tool#179 I think we should play it safe and implement the random sampling |
There are 3 things I learned from the "multi-instance (MI)" paper (https://eprint.iacr.org/2019/1168)
In light of this, we should both:
|
miTCCR explained by one of the authors: https://www.youtube.com/watch?v=MKGqA0K9d8M |
We need to examine how findings of this paper https://eprint.iacr.org/2024/163 apply to us. |
The latest paper 2024/163 proves some security bounds when using miTCCR hash with a leaky delta (like the delta in KOS). Regardless of the 2024/163 findings, we still need to
|
Rereading https://eprint.iacr.org/2019/1168.pdf it occurs to me that we never implemented the recommendation to randomly sample the initial gate id while garbling a circuit. We should do this to achieve multi-instance TCCR.
The text was updated successfully, but these errors were encountered: