Securing Yao’s Garbled Circuit Construction Against Active Adversaries

合集下载

英语作文金刚水有毒

英语作文金刚水有毒Title: Toxic Contamination in Kong Water。

Water contamination poses a severe threat to public health and environmental sustainability. Recently, concerns have been raised regarding the toxicity of water sourced from the Kong River. This issue demands immediate attention and comprehensive measures to safeguard both human health and ecological balance.Firstly, it is imperative to acknowledge the gravity of the situation. The presence of toxins in Kong River wateris a pressing concern that necessitates urgent action. Various pollutants, including industrial waste,agricultural runoff, and untreated sewage, contribute to the contamination of this vital waterway. The accumulation of harmful substances poses significant risks to aquatic life and human well-being.One of the primary pollutants found in Kong River wateris heavy metals. These toxic elements, such as lead, mercury, and cadmium, originate from industrial activities and urban runoff. The discharge of untreated wastewater containing heavy metals not only jeopardizes the health of aquatic organisms but also contaminates the water supply used for irrigation and drinking purposes. Prolonged exposure to heavy metals can lead to severe health issues, including neurological disorders, organ damage, and even cancer.Furthermore, the presence of agricultural pesticidesand fertilizers exacerbates the problem of water contamination in the Kong River. Runoff from agricultural lands carries a cocktail of chemicals, including herbicides, insecticides, and nitrogen-based fertilizers, into thewater system. These substances not only disrupt the natural balance of aquatic ecosystems but also pose risks to human health through the consumption of contaminated water and aquatic organisms.The contamination of Kong River water also has far-reaching consequences for the environment. Aquaticecosystems suffer as pollutants degrade water quality, diminish biodiversity, and disrupt ecological processes. Fish populations decline, aquatic plants wither, and sensitive habitats deteriorate in the face of pollution. Moreover, contaminated water poses a threat to terrestrial ecosystems when used for irrigation, leading to soil degradation and reduced agricultural productivity.Addressing the issue of toxic contamination in Kong River water requires a multi-faceted approach. Firstly, stringent regulations must be enforced to control industrial discharge and prevent the release of harmful pollutants into the environment. Industries must adopt cleaner production methods, implement effective waste treatment measures, and adhere to environmental standards to minimize their impact on water quality.Secondly, agricultural practices must be reformed to reduce the use of chemical fertilizers and pesticides. Farmers should adopt sustainable farming techniques, such as organic farming and integrated pest management, to minimize chemical inputs and mitigate runoff pollution.Additionally, the implementation of buffer zones and riparian vegetation along water bodies can help filter out contaminants and improve water quality.Furthermore, investment in water treatment infrastructure is essential to ensure the provision of safe and clean drinking water to communities reliant on the Kong River. Advanced treatment technologies, such as filtration, disinfection, and reverse osmosis, can effectively remove contaminants and safeguard public health. However, equitable access to clean water must be prioritized to address disparities in water quality and ensure social justice.Public awareness and community engagement are also crucial components of efforts to address water contamination in the Kong River. Educating the public about the sources and impacts of water pollution can foster a sense of responsibility and encourage individual and collective action to protect water resources. Community-based initiatives, such as river clean-up campaigns and water quality monitoring programs, empower citizens toactively participate in conservation efforts and hold polluters accountable.In conclusion, the presence of toxic contamination in Kong River water poses significant challenges to human health, environmental integrity, and sustainable development. Urgent action is required to address this pressing issue through regulatory measures, sustainable practices, infrastructure investment, and community engagement. By working together, we can mitigate the impacts of water pollution and ensure the preservation of our precious water resources for future generations.。

榫卯结构英语作文

The Essence of Chinese Craftsmanship: The Mortise and Tenon JointIn the heart of Chinese architecture and furniture design, lies a hidden gem known as the mortise and tenon joint. This ancient yet still relevant structural element is a testament to the ingenuity and precision of Chinese craftsmen. The mortise and tenon joint is not just a means of connecting two wooden pieces; it is a symbol of harmony, balance, and durability.The mortise is a recess cut into one piece of wood, while the tenon is a protruding part that fits into the mortise. The perfect fit between the two creates a strong, yet flexible bond that can withstand the test of time. This joint is the backbone of Chinese wooden structures, from the grandeur of the Forbidden City to the simplicity of a rural hut.The beauty of the mortise and tenon joint lies in its simplicity and functionality. It requires no nails, glue, or screws to hold the pieces together. Instead, it relies on the intricate fit of the mortise and tenon, ensuringthat the structure remains sturdy even under extremeconditions. This joint is not just a means of construction; it is an art form that has been perfected over thousands of years.The history of the mortise and tenon joint dates backto the Neolithic period, when the earliest forms of wooden structures were constructed using this technique. Over the centuries, the Chinese craftsmen perfected this joint, incorporating it into various designs and structures. From temples and palaces to furniture and everyday objects, the mortise and tenon joint has been a constant feature, representing the essence of Chinese craftsmanship.The mortise and tenon joint is not just a structural element; it is a symbol of Chinese culture and philosophy.It embodies the principles of yin and yang, representingthe harmonious union of opposing forces. The mortise and tenon joint also represents the Chinese belief in the interconnectedness of all things,强调事物之间的相互联系和相互依赖。

晶体结构被破坏英语作文

晶体结构被破坏英语作文1. Oh no! The crystal structure has been completely destroyed! It's a total mess now. I can't believe this happened. Everything was so perfectly arranged before, and now it's all chaotic and disordered.2. It's like a beautiful symphony that has suddenly turned into a cacophony of noise. The once elegant and organized lattice has been shattered into countless fragments. It's heartbreaking to see something so delicate and intricate reduced to such a state of disarray.3. The destruction of the crystal structure is a stark reminder of the fragility of order in our world. It's a harsh reality check that even the most stable and structured systems can be easily disrupted. It's a testament to the unpredictable nature of life and the constant need for adaptation and resilience.4. The loss of the crystal structure also signifies theloss of its inherent properties and functionality. The carefully arranged atoms that gave the crystal its unique characteristics are now scattered and disconnected. It's like a puzzle with missing pieces, rendering it incomplete and ineffective.5. The destruction of the crystal structure also has implications beyond its physical appearance. It symbolizes the breakdown of a larger system or organization. It's a metaphor for the collapse of order and harmony in society, where chaos and disorder prevail.6. However, amidst the destruction, there may be an opportunity for something new to emerge. Just as a forest fire clears the way for new growth, the destruction of the crystal structure may pave the way for a fresh start. It's a chance to rebuild and reimagine, to create something even more beautiful and resilient.7. The destruction of the crystal structure serves as a reminder that nothing lasts forever. Change is inevitable, and sometimes it comes in the form of destruction. It's acall to appreciate and cherish the beauty and order that exist in our lives, as they can be easily shattered and lost.8. In the end, the destruction of the crystal structure is a powerful reminder of the impermanence of everything.It's a wake-up call to embrace the present moment and find beauty in the midst of chaos. Life is unpredictable, andit's up to us to navigate through the broken pieces andfind meaning in the ruins.。

拒绝盗版英文作文

拒绝盗版英文作文英文：As someone who values the hard work and creativity of artists and content creators, I firmly believe in rejecting piracy. Not only is it illegal, but it also undermines the very industries that provide us with the entertainment and media we enjoy.Piracy not only robs artists of their rightful earnings, but it also discourages them from creating new content. Why bother creating something new when it will just be stolen and distributed without compensation? This is why it's important to support legitimate channels of distribution, such as purchasing music and movies from reputable sources.Furthermore, piracy can also be harmful to your own computer. Pirated software and media often come bundledwith malware and viruses, putting your personal information and security at risk. It's simply not worth the risk tosave a few dollars.In short, piracy is not only illegal, but it also harms the very industries that provide us with the entertainment and media we enjoy. By rejecting piracy and supporting legitimate channels of distribution, we can ensure that artists and content creators are fairly compensated for their hard work and creativity.中文：作为一个重视艺术家和内容创作者辛勤劳动和创造力的人，我坚决反对盗版。

Reusable garbled circuits and succinct functional encryption

. . . . . . . .
. . . . . . . .
. . . . . . . .
. . . . . . . .
. . . . . . . .
. . . . . . . .
. . . . . . . .
. . . . . . . .
. . . . . . . .
. . . . . . . .
March 24, 2013
Abstract Garbled circuits, introduced by Yao in the mid 80s, allow computing a function f on an input x without leaking anything about f or x besides f (x). Garbled circuits found numerous applications, but every known construction suffers from one limitation: it offers no security if used on multiple inputs x. In this paper, we construct for the first time reusable garbled circuits. The key building block is a new succinct single-key functional encryption scheme. Functional encryption is an ambitious primitive: given an encryption Enc(x) of a value x, and a secret key skf for a function f , anyone can compute f (x) without learning any other information about x. We construct, for the first time, a succinct functional encryption scheme for any polynomial-time function f where succinctness means that the ciphertext size does not grow with the size of the circuit for f , but only with its depth. The security of our construction is based on the intractability of the Learning with Errors (LWE) problem and holds as long as an adversary has access to a single key skf (or even an a priori bounded number of keys for different functions). Building on our succinct single-key functional encryption scheme, we show several new applications in addition to reusable garbled circuits, such as a paradigm for general function obfuscation which we call token-based obfuscation, homomorphic encryption for a class of Turing machines where the evaluation runs in input-specific time rather than worst-case time, and a scheme for delegating computation which is publicly verifiable and maintains the privacy of the computation.

保护传统文化火药英语作文范文模板

保护传统文化火药英语作文范文模板In a world where modernity often overshadows tradition, safeguarding cultural heritage becomes paramount.Traditional cultures serve as repositories of wisdom, identity, and collective memory, enriching humanity's tapestry with their unique colors and patterns. Among these cultural treasures lies the vibrant tapestry of Chinese traditions, a blend of customs, beliefs, and practices woven intricately through centuries. Yet, amidst the rapid march of progress, there arises a pressing need to protect and preserve these invaluable legacies for future generations.At the heart of this endeavor lies the recognition of the profound significance of traditional culture. It is not merely a relic of the past but a living, breathingtestament to the resilience and creativity of our ancestors. From the graceful movements of Tai Chi to the melodious strains of traditional music, every facet of Chineseculture reflects a profound connection to nature, community, and spirituality. These cultural expressions serve asbridges across time, connecting contemporary audiences with the wisdom and beauty of ages past.However, the preservation of traditional culture faces numerous challenges in the modern era. The onslaught of globalization, urbanization, and technological advancement threatens to erode the foundations of traditional knowledge and practices. As younger generations gravitate towards the allure of Westernization, there is a risk of cultural homogenization, where diversity gives way to a monolithic global culture devoid of nuance and depth. Additionally, economic pressures and changing social dynamics often marginalize traditional artisans and practitioners, further endangering the survival of intangible cultural heritage.In response to these challenges, concerted efforts are underway to safeguard and promote traditional culture. Governments, NGOs, and communities are mobilizing resources to document, preserve, and transmit cultural practices across generations. Initiatives such as cultural festivals, heritage tours, and educational programs seek to raise awareness and appreciation for traditional arts and crafts.Moreover, the integration of traditional knowledge systems into modern domains such as healthcare, agriculture, and environmental sustainability demonstrates the relevance and resilience of traditional culture in addressing contemporary challenges.Yet, the task of protecting traditional culture extends beyond mere preservation; it necessitates a revitalization and reimagining of cultural practices in light of changing times. This entails striking a delicate balance between tradition and innovation, honoring the essence of cultural heritage while embracing the dynamism of the present. In doing so, traditional culture can evolve and adapt without losing its essence, remaining relevant and meaningful to successive generations.In conclusion, the protection of traditional culture is not merely a nostalgic endeavor but a vital imperative for the preservation of human diversity and creativity. By valuing and safeguarding our cultural heritage, we honor the legacy of our ancestors and enrich the tapestry of humanity with the richness of tradition. Through collective action andindividual commitment, we can ensure that the flame of tradition continues to illuminate the path forward for generations to come.。

防盗网科学知识英语作文

防盗网科学知识英语作文The Scientific Aspects of Security Grilles.In the modern age, security has become a paramount concern for individuals and communities alike. One of the most visible manifestations of this concern is the widespread use of security grilles, commonly known as burglar bars or anti-theft screens. These structures, typically made of metal, are installed on windows and doors to deter unauthorized entry and protect against burglaries. However, their effectiveness and design involve more than just their physical presence. This essay delves into the scientific aspects of security grilles, exploring their materials, design principles, installation methods, and their role in crime prevention.Materials Used in Security Grilles.The choice of material for security grilles is crucial in determining their durability, strength, and resistanceto corrosion. The most commonly used materials arestainless steel, aluminum, and wrought iron. Stainlesssteel is preferred due to its high tensile strength, corrosion resistance, and durability. Aluminum, on the other hand, is lighter and more cost-effective, while still providing adequate security. Wrought iron, though visually appealing, is heavier and more prone to rusting, requiring regular maintenance.The thickness and gauge of the material also play.。

英语作文绳纹三足灰陶罐儿

英语作文绳纹三足灰陶罐儿In the annals of Japanese history, the Jomon period, spanning from approximately 14,000 to 300 BCE, stands as a testament to the ingenuity and artistry of its inhabitants. Among the remarkable cultural artifacts from this era are the Jomon pottery vessels, renowned for their intricate cord-marked patterns and organic forms. One such masterpiece is the Jomon Three-legged Gray Pottery Jar, a captivating vessel that embodies the essence of this ancient civilization.Crafted from a coarse-grained clay, the jar exhibits a distinct gray coloration, a result of the firing process that imbued it with durability and a timeless patina. Its squat, bulbous body rests upon three sturdy legs, adding a touch of stability and grounding the vessel's presence. The jar's most striking feature is undoubtedly its intricate surface ornamentation, a testament to the exceptional skill of the Jomon artisans.The entire exterior of the jar is adorned with an elaborate pattern of cord-marking, created by pressing twisted cords into the wet clay before firing. The cords, varying in thickness and orientation, intersect and intertwine, forming a mesmerizing tapestry of geometric designs. The patterns are reminiscent of the woven textiles and basketry that played an integral role in Jomon society.The cord-marking technique not only enhanced thevessel's aesthetic appeal but also served a practical purpose. By creating a textured surface, the cords increased the friction between the jar and its contents, preventing slippage and ensuring stability. Additionally, the raised patterns provided insulation, helping to maintain the temperature of the jar's contents.The Jomon Three-legged Gray Pottery Jar is not merely a functional object but also a profound expression ofartistic creativity. Its organic form, reminiscent of natural elements, reflects the deep connection between the Jomon people and their surroundings. The intricate cord-marking patterns, with their rhythmic repetitions andvariations, evoke a sense of dynamism and fluidity.The jar's three legs, a common feature in Jomon pottery, add a sculptural element to the vessel. They suggest asense of movement and lightness, as if the jar were poisedto dance or skip across the ground. This playful and energetic quality imbues the jar with a uniquely Jomon spirit.In addition to its aesthetic and functional qualities, the Jomon Three-legged Gray Pottery Jar also holdshistorical significance. It provides valuable insights into the daily life and rituals of the Jomon people. The vessel likely served multiple purposes, from storing and transporting food to preparing and serving meals. Its presence in archaeological sites sheds light on the dietary habits and culinary practices of this ancient society.Furthermore, the jar's cord-marking patterns offerclues about the social and cultural dynamics of the Jomon period. Some scholars believe that the intricate designs may have held symbolic meanings or served as markers ofidentity or status within the community. The patterns may have represented clan affiliations, geographic origins, or spiritual beliefs.The Jomon Three-legged Gray Pottery Jar stands as a magnificent testament to the artistry and ingenuity of the Jomon people. Its intricate cord-marking patterns, organic form, and three legs embody the unique aesthetic sensibilities and cultural practices of this ancient civilization. As a treasured artifact, the jar continues to inspire awe and admiration, bridging the gap between the present and the distant past.。

我的奇思妙想英语作文防震加固胶囊

我的奇思妙想英语作文防震加固胶囊Seismic activities have always posed a significant threat to human lives and infrastructure. To counter this challenge, I propose the development of a revolutionary solution called the Seismic Strengthening Capsule.The Seismic Strengthening Capsule is a technology-driven approach aimed at minimizing the impact of seismic events on buildings and ensuring the safety of occupants. This innovative system involves the installation of specialized capsules within the structure of buildings that possess exceptional resistance to seismic forces. Let's delve into how this system works.Firstly, the capsules are composed of a reinforced synthetic material that demonstrates superior structural stability. This material is fabricated with a combination of carbon fiber and high-density polymers, forming a robustshield against seismic vibrations. The capsules are strategically placed at key points within the building, such as load-bearing walls and support columns.Secondly, the capsules are equipped with an intelligent control system that utilizes real-time data to assess the intensity and frequency of seismic waves. This data is obtained through an array of highly sensitive sensors embedded within the capsules. The control system employs advanced algorithms to analyze the sensor data and determine the appropriate response to the seismic activity.Upon detecting seismic waves, the capsules initiate a series of protective measures. One such measure involves the release of a specialized gel-like substance within the capsules. This substance possesses unique properties that allow it to rapidly transform into a resilient solid material upon exposure to vibrations. As a result, it enhances the overall structural integrity of the building by reinforcingweak points and reducing the strain on the primary construction elements.Additionally, the capsules are equipped with an air compression system that actively counteracts the vertical and horizontal forces exerted during seismic events. This system instantly adjusts the air pressure within the capsules to provide opposing forces that stabilize the building. By effectively neutralizing the impact of seismic forces, this technology significantly reduces the potential for structural damage and collapse.Moreover, the Seismic Strengthening Capsule employs a wireless communication network to ensure seamless coordination between all installed capsules. This network facilitates the swift exchange of information during seismic events, allowing for synchronized responses and optimal utilization of resources. As a result, the system provides a comprehensive and unified approach to seismic resistance.In conclusion, the Seismic Strengthening Capsule is a groundbreaking solution that addresses the challenges posed by seismic events. With its advanced materials, intelligent control system, gel-like reinforcement substance, air compression mechanism, and wireless communication network, this technology enhances the structural stability of buildings, reduces the risk of damage, and protects human lives. By incorporating the Seismic Strengthening Capsule in our infrastructure, we can mitigate the devastating effects of earthquakes and create a safer and more resilient environment for our communities.。

冶炼铜器的英语作文

冶炼铜器的英语作文Title: The Process of Smelting Copper: A Comprehensive Overview。

Introduction:Copper, a versatile metal with a rich history, has been used by civilizations for thousands of years. Its malleability, conductivity, and corrosion resistance makeit indispensable in various industries, from electronics to construction. The process of smelting copper, extracting it from its ore and refining it into a usable form, is a fascinating journey that combines science, engineering, and tradition.The Mining Stage:The journey of copper begins deep within the earth's crust, where it is found in the form of copper ore deposits. These deposits are typically mined through open-pit orunderground methods, depending on factors such as ore grade, accessibility, and environmental considerations. Once the ore is extracted from the ground, it is transported to the smelting facility for further processing.Crushing and Grinding:Before the smelting process can begin, the copper ore must undergo several preparatory steps. The first of theseis crushing and grinding, where the ore is broken down into smaller particles to increase its surface area for chemical reactions. This is typically achieved using crushers andball mills, which reduce the ore to a fine powder.Concentration:After crushing and grinding, the next step is concentration, where the copper minerals are separated from the surrounding gangue (waste) minerals. This is usually done through a process called flotation, where chemicalsare added to the ore slurry to selectively adhere to the copper minerals, allowing them to be separated from therest of the ore.Smelting:Once the copper minerals have been concentrated, the next stage is smelting, where the copper is extracted from the ore concentrate. Smelting is a high-temperature process that involves heating the ore concentrate in a furnace along with a reducing agent such as coke (carbon) and a fluxing agent such as limestone. The heat and chemicals react with the ore, causing the copper minerals to separate from the sulfur and other impurities and form a molten copper matte.Refining:The molten copper matte produced in the smelting process contains impurities such as sulfur, iron, and other metals, which must be removed to produce pure copper. This is achieved through refining, where the matte is further heated and treated with additional fluxes and chemicals to remove the impurities. One common method of refining iselectrolysis, where an electric current is passed through the molten copper to selectively deposit pure copper metal on the cathode.Casting and Forming:Once the copper has been refined to the desired purity, it is cast into ingots or other shapes for further processing. These ingots can then be used to manufacture a wide range of copper products, from electrical wires to plumbing fixtures to industrial machinery.Conclusion:The process of smelting copper is a complex yet essential part of the copper production chain. From mining to refining, each stage requires careful planning,technical expertise, and environmental stewardship to ensure the efficient and sustainable production of this valuable metal. As technology advances and environmental regulations evolve, the copper industry continues toinnovate and adapt, striving to meet the growing demand for copper while minimizing its environmental impact.。

科学实验,电路检测器作文

科学实验,电路检测器作文英文回答：As a science enthusiast, I have always been fascinated by conducting experiments and exploring the world of electronics. One of the most interesting experiments I have done is creating a circuit detector.To build a circuit detector, I first gathered all the necessary materials such as resistors, capacitors, transistors, and a breadboard. I carefully followed the circuit diagram and connected the components on the breadboard. Once the circuit was set up, I used a multimeter to test the conductivity of different parts of the circuit.The circuit detector works by detecting the flow of electricity through the circuit. When the circuit is complete and electricity can flow through it, the detector will indicate that the circuit is functioning properly. Ifthere is a break in the circuit or a component is not connected correctly, the detector will show that there is no conductivity.I remember one time when I was testing a circuit detector I had built, and I couldn't figure out why it wasn't working. After some troubleshooting, I realized that I had connected a resistor incorrectly, which was causing the circuit to break. Once I fixed the mistake, the detector worked perfectly, and I was able to detectcircuits with ease.Building and testing a circuit detector not only helped me understand the principles of electronics better but also improved my problem-solving skills. It was a rewarding experience to see the detector in action and know that I had built it myself.中文回答：作为一个科学爱好者，我一直对进行实验和探索电子世界充满了兴趣。

淘金探险英语作文

淘金探险英语作文The California Gold Rush of the 19th century was a period of excitement, risk-taking, and adventure for thousands of individuals seeking their fortunes in the untamed wilds ofthe American West. From all corners of the world, people flocked to the hills and rivers of California in search ofthe precious metal that promised them wealth and success. The lure of gold drew them to the harsh and unforgiving landscape, where they would face countless hardships and dangers. This period in history, known as the "Gold Rush," is a testamentto the human spirit of determination, perseverance, and the relentless pursuit of one's dreams.The journey to the gold fields of California was aperilous one, fraught with countless challenges and obstacles. Most prospectors had to travel long distances, often on footor horseback, through rough terrain and adverse weatherconditions. They had to endure the elements, the threat of disease, and the constant danger posed by bandits and hostile Native American tribes. Many lost their lives along the way, succumbing to illness, accidents, or violent encounters. Yet, despite the immense risks involved, the dream of striking it rich was enough to compel these brave souls to press on, undeterred by the perils that lay ahead.Once they arrived in California, the prospectors faced a whole new set of challenges. The work of panning for gold was grueling and backbreaking, requiring long hours of labor and patience. Many individuals found themselves disappointed and discouraged by the minimal amount of gold they managed to extract from the earth. However, for those who were willing to persevere and endure the hardships, the rewards could be substantial. Some fortunate few struck it rich, discovering large deposits of gold that made them wealthy beyond their wildest dreams. These success stories served as inspirationto countless others, who continued to toil away in the hopes of finding their own fortunes.Life in the gold fields was a chaotic and lawless affair, with scarce resources and a constant struggle for survival. The influx of thousands of prospectors led to overcrowding, competition, and conflicts over claims and territory. Lawlessness, theft, and violence were rampant, and the lack of a strong governing authority only served to exacerbate the situation. Nevertheless, amidst the chaos, communities began to form, as people from all walks of life came together in a common pursuit. These frontier towns sprung up practically overnight, becoming bustling hubs of activity and commerce. Saloons, gambling halls, and other establishments catered to the needs and vices of the prospectors, providing a temporary escape from the harsh realities of gold mining.The gold rush also had a profound impact on the social and cultural landscape of California and the nation as awhole. The influx of people from diverse backgrounds and ethnicities created a melting pot of cultures, traditions,and languages. The resulting fusion of ideas and customs helped to shape the development of the American West, leaving a lasting legacy that continues to resonate to this day. The gold rush also played a significant role in the expansion and settlement of the western frontier, as it drew settlers and entrepreneurs seeking new opportunities and a better life.In conclusion, the California Gold Rush of the 19thcentury stands as a testament to the indomitable spirit ofthe human quest for wealth and success. Despite the immense risks and hardships involved, thousands of individuals fromall walks of life ventured to the untamed wilds of the American West in search of their fortunes. Their perseverance, determination, and relentlessness in the pursuit of their dreams have left an enduring legacy that continues to inspire and captivate our imaginations. The gold rush remains a cherished chapter in the annals of American history, a symbolof the boundless possibilities that await those who dare to dream and pursue their ambitions.。

搭建蜘蛛池简单吗英文作文

搭建蜘蛛池简单吗英文作文Setting up a spider pool is not as simple as it may seem. It requires careful planning and attention to detail. First, you need to find a suitable location for the pool.It should be an area that is easily accessible and safe for both the spiders and the people who will be maintaining the pool. Once you have found the perfect spot, you will need to prepare the area by clearing away any debris or obstacles that could pose a danger to the spiders.Next, you will need to choose the right materials for the spider pool. This includes selecting a sturdy and durable structure that can withstand the weight of the spiders and the water. You will also need to consider the type of water filtration system you will use to keep the pool clean and free from any harmful bacteria or debris. Additionally, you will need to provide the spiders with a suitable habitat, such as rocks or plants, to make themfeel at home in their new environment.After setting up the structure and filtration system, you will need to carefully introduce the spiders into the pool. This can be a delicate process, as you need to ensure that the spiders are not stressed or harmed during the transfer. It is important to handle the spiders gently and avoid any sudden movements that could startle them. Once the spiders are safely in the pool, you will need to monitor their behavior and health regularly to ensure they are thriving in their new environment.Maintaining a spider pool is an ongoing task that requires regular care and attention. This includes testing and adjusting the water chemistry to ensure it is within the appropriate range for the spiders. You will also need to clean and maintain the filtration system to prevent any buildup of debris or bacteria. Additionally, you will need to provide the spiders with a regular supply of food to ensure their health and wellbeing.In conclusion, setting up a spider pool is not a simple task. It requires careful planning, attention to detail, and ongoing maintenance. However, with the right knowledgeand resources, it can be a rewarding and fascinating experience to create a safe and comfortable habitat for these unique creatures.。

火药的介绍英文作文

火药的介绍英文作文下载温馨提示:该文档是我店铺精心编制而成，希望大家下载以后，能够帮助大家解决实际的问题。

文档下载后可定制随意修改，请根据实际需要进行相应的调整和使用，谢谢!并且，本店铺为大家提供各种各样类型的实用资料，如教育随笔、日记赏析、句子摘抄、古诗大全、经典美文、话题作文、工作总结、词语解析、文案摘录、其他资料等等，如想了解不同资料格式和写法，敬请关注!Download tips: This document is carefully compiled by theeditor. I hope that after you download them,they can help yousolve practical problems. The document can be customized andmodified after downloading,please adjust and use it according toactual needs, thank you!In addition, our shop provides you with various types ofpractical materials,such as educational essays, diaryappreciation,sentence excerpts,ancient poems,classic articles,topic composition,work summary,word parsing,copyexcerpts,other materials and so on,want to know different data formats andwriting methods,please pay attention!Gunpowder is really something amazing. It has a long history and has had a huge impact on the world. You know,it can make a big explosion and has been used in many ways.It's kind of crazy how powerful gunpowder is. It can be used for things like fireworks, which are really fun to watch. But it's also been used in weapons and stuff, which can be kind of scary.And gunpowder has led to all kinds of technological advancements. People have been constantly figuring out new ways to use it and make it better. It's like a never-ending story.But we also have to be careful with it. Because if it's not used properly, it can cause a lot of damage and danger. So, we need to respect it and handle it with caution.。

做电路实验的箱子作文英语

做电路实验的箱子作文英语The Circuit Experiment Box。

Introduction:In today's technologically advanced world, the study of circuits has become an integral part of scientific education. To facilitate learning and experimentation, a circuit experiment box has been designed. This box is equipped with various components that allow students to explore and understand the principles of electrical circuits.Features of the Circuit Experiment Box:1. Safety Measures: The circuit experiment box is designed with utmost consideration for safety. It is made of non-conductive material, ensuring that users are protected from electrical shocks. Additionally, the box has built-in safety features to prevent overheating and shortcircuits.2. Versatility: The experiment box is versatile and can be used for a wide range of experiments. It containsvarious components such as resistors, capacitors, transistors, diodes, and integrated circuits. These components can be easily connected using jumper wires to create different circuit configurations.3. Breadboard: The experiment box features a breadboard, which allows users to create temporary circuits without soldering. This makes it convenient for students to experiment with different circuit designs and modify themas needed.4. Power Supply: The box includes a power supply unit that provides a stable voltage for the circuits. It has adjustable voltage and current settings, allowing users to vary the input parameters according to their experiment requirements.5. Measurement Tools: To analyze the behavior ofcircuits, the experiment box is equipped with measurement tools such as voltmeters and ammeters. These tools enable users to measure voltage and current at different points in the circuit, helping them understand the flow of electricity.Benefits of the Circuit Experiment Box:1. Hands-On Learning: The circuit experiment box promotes hands-on learning, allowing students to actively engage in the learning process. By building circuits and observing their behavior, students gain a deeper understanding of circuit concepts.2. Practical Application: The experiment box enables students to apply theoretical knowledge to practical situations. They can design and build circuits to solvereal-world problems, fostering creativity and critical thinking skills.3. Safe Environment: The experiment box provides a safe environment for students to experiment with circuits. Withbuilt-in safety measures, students can explore and learn without the risk of accidents or damage to equipment.4. Flexibility: The versatility of the experiment box allows students to explore various circuit configurations and experiment with different components. This flexibility encourages exploration and innovation, enhancing the learning experience.Conclusion:The circuit experiment box is an invaluable tool for students studying electrical circuits. It provides a safe and practical environment for hands-on learning, allowing students to explore, experiment, and understand the principles of circuits. With its versatility and measurement tools, the experiment box facilitates a comprehensive understanding of electrical circuits, preparing students for future endeavors in the field of electronics.。

遵守规律,炼就技艺作文

遵守规律,炼就技艺作文英文回答：In the pursuit of artistic excellence, unwavering discipline and dedicated practice are the cornerstones of mastery. By adhering to a structured regimen, artists cultivate the necessary skills and techniques to translate their creative vision into tangible masterpieces.The benefits of disciplined practice extend beyond the technical proficiency it imparts. It fosters a sense of purpose and direction, guiding the artist's creative journey. Consistency in practice reinforces habits that enhance focus, endurance, and the ability to overcome challenges.Furthermore, structured practice provides a framework for experimentation and innovation. By working within established parameters, artists can explore the boundaries of their craft, pushing the limits of their abilities. Therepetition and refinement inherent in disciplined practice foster a deep understanding of the medium, allowing artists to manipulate it with precision and artistry.In essence, disciplined practice is the crucible in which artistic excellence is forged. It is a transformative process that empowers artists to harness their talents, refine their skills, and achieve their full creative potential.中文回答：遵循规律，炼就技艺。

踪迹装置烘烤腐蚀帷幕写作文

踪迹装置烘烤腐蚀帷幕写作文英文回答：The scent-tracing device, corroded and veined with age, softly clicks as its needle oscillates erratically. It had been a faithful companion through countless adventures, carrying the whisper of forgotten footsteps upon its metallic body. But now, as the glow of dawn pierces through the windowpanes, casting an ethereal glow on the cluttered desk, the device seems to sigh under the weight of its memories.The aged parchment beside it crackles as I gingerly unroll it, its edges yellowed and brittle with time. It is a map, annotated with fading ink and cryptic symbols known only to the most accomplished trackers. Each line and mark narrates the intricate tale of the scent's journey, snaking through time and space, connecting disparate moments into a coherent narrative.I follow the scent-trail meticulously, my mind weaving together the fragments of information like an intricate tapestry. The device, once merely a tool, becomes an extension of my senses, guiding me through the labyrinthine corridors of memory. The whiff of ozone and damp earth transports me to a moonlit meadow, where whispers of a forgotten conversation dance in the breeze. The tang ofbrine and seaweed evokes the crash of waves against adistant shore, where laughter echoes amidst the salty spray.But as I delve deeper into the scent's history, a disquieting unease settles within me. The trail leads me to a desolate wasteland, where the acrid stench of decaylingers in the air. It is a place of shadows and secrets, where the echo of past horrors still reverberates throughthe wind. I stumble upon a half-buried object, its surface scarred with the passage of time a locket, tarnished and encrusted with rust.With trembling hands, I pry it open, revealing a faded photograph. It depicts two smiling faces, their eyes filled with the promise of a future that never came to be. Thesight of their youthful innocence, now lost to the ravages of time, stirs a profound sadness within me. It is a reminder of the ephemeral nature of existence, of the countless lives that have passed through this world, leaving only scattered traces of their presence.As the scent-trail fades into oblivion, I am left contemplating the weight of the past and the fleeting nature of the present. The scent-tracing device, once a beacon guiding me through the annals of time, now rests silently upon the desk, its purpose fulfilled. But the memories it has unveiled will forever be etched in my consciousness, a testament to the enduring power of the human experience.中文回答：古老的追踪装置，饱经风霜，腐蚀不堪，针状指示器不规则地摆动着，发出轻微的咔哒声。

我想发明真假手电筒200字作文

我想发明真假手电筒200字作文英文回答：I present to you an innovative invention that will revolutionize the world of illumination: the True-False Flashlight. This groundbreaking device has the remarkable ability to determine the authenticity of any object it shines upon, making it an indispensable tool for collectors, counterfeiters, and anyone who values authenticity.When the True-False Flashlight is pointed at an object, it emits a special beam of light that interacts with the atomic structure of the material. This interaction createsa unique pattern that is analyzed by the flashlight'sbuilt-in computer. The computer then compares this patternto a database of known materials and determines whether the object is genuine or a counterfeit.The True-False Flashlight is not only capable of detecting counterfeits, but it can also reveal hiddeninformation about objects. By shining the flashlight on a painting, for example, it can detect whether the canvas has been restored or the paint has been altered. It can even identify the pigments used in the painting and the artist's technique.This revolutionary invention has countless applications in various fields. Collectors can use it to verify the authenticity of their prized possessions, ensuring that they are not purchasing valuable counterfeits. Jewelers can use it to identify genuine diamonds from fakes, protecting customers from fraud. Archaeologists can use it to determine the age and origin of artifacts, shedding light on civilizations past.The True-False Flashlight is a powerful tool that has the potential to change the way we perceive authenticity.It is a device that will empower collectors, protect consumers, and advance our understanding of the world around us.中文回答：现在，我向大家隆重介绍一项划时代的发明——真假手电筒。

1、下载文档前请自行甄别文档内容的完整性，平台不提供额外的编辑、内容补充、找答案等附加服务。
2、"仅部分预览"的文档,不可在线预览部分如存在完整性等问题,可反馈申请退款(可完整预览的文档不适用该条件!)。
3、如文档侵犯您的权益，请联系客服反馈,我们会尽快为您处理(人工客服工作时间：9:00-18:30)。

Securing Yao’s Garbled Circuit ConstructionAgainst Active AdversariesMehmet S.Kiraz and Berry SchoenmakersDept.of Mathematics and Computing Science,TU EindhovenP.O.Box513,5600MB Eindhoven,The Netherlandsm.kiraz@tue.nl,berry@win.tue.nlAbstract.We propose a new two-party computation protocol using Yao’s garbled circuits,which is secure in the case of malicious behavior.To illustrate the need for the new protocol,weﬁrst discuss security issues of three existing protocols for secure two-party computationusing garbled circuits,in the case of malicious behavior.Theﬁrst is a protocol by Pinkas(Eurocrypt2003),and the other two are the committed-input scheme and the k-leaked model,both presented by Mohassel and Franklin(PKC2006).We address securityﬂaws in allschemes,which allow leaking of information on the private inputs.In the k-leaked modelleaking of some information is permitted if a participant is cheating,but then the honestparticipant should be aware of it.We show that this is not the case.After discussing thesesecurity issues of the known schemes,we describe our new protocol.It is based on theprotocol by Pinkas,and the correction of theﬂaw of the scheme by Pinkas makes our protocolnot only more secure,but also more eﬃcient.We provide a detailed informal security analysisof our new protocol.Keywords:Secure two-party computation,Yao’s garbled circuit,active adversary1IntroductionIn secure two-party computation we have two participants who are interested in evaluating a public function f(x,y)where x and y are their respective private inputs.They want to know the value f(x,y)without disclosing more information about their inputs than is implied by the output. We consider Yao’s garbled circuit approach in which one of the participants,Bob,constructs the garbled circuit by assigning two random(garbled)bit strings to all the wires which are represented by0and1respectively and sends it to the other participant,Alice.Before Alice can evaluate the circuit she needs to learn her corresponding garbled input string.To do so,they run a1-out-of-2 oblivious transfer(OT21)for Alice to receive her input in garbled form.Alice then evaluates the garbled circuit and sends Bob’s output back.They both translate the garbled output strings for their output wires into output bits.Malicious behavior is a fundamental problem in secure two-party computation.The main diﬃculty in secure two-party computation is to construct an eﬃcient and a simple protocol to achieve security against malicious behavior.Some of the literature on this subject also deals with fairness. Fairness simply means that whenever a malicious party quits a protocol he/she should not gain any(considerable)advantage of it.In this paper we will not discuss fairness,but focus on obtaining a protocol which is secure against malicious users.Although there are a number of papers[7,6,4] which discuss the issues of secure two-party computation,we show that so far there is no secure two-party protocol against malicious parties using garbled circuits which has an exponentially small cheating probability.Yao’s garbled circuit approach originally dealt with passive adversaries(honest-but-curious par-ticipants)[9,10].Theﬁrst implemented application for secure two-party computation using Yao’s garbled circuit technique is Fairplay[7]by Malkhi et al.,which also deals with active adversaries.It uses a basic cut-and-choose approach,called the1-out-of-m technique.However it has aﬂaw regarding the use of oblivious transfer which was discussed and solved by Kiraz and Schoenmakers in[2].Pinkas[6]presented a more advanced protocol against malicious behavior which uses the m/2-out-of-m cut-and-choose technique to achieve exponentially small cheating probability.The m/2-out-of-m technique can be described brieﬂy as follows:Bob constructs m garbled circuits and sends them to Alice.Alice chooses m/2circuits randomly for evaluation and tells Bob to open the remaining ones.She veriﬁes whether the remaining circuits are correctly prepared.If so,they run OT21in order for Alice to receive her garbled input values for the chosen circuits.Bob then sends his garbled input values to Alice so that she can evaluate the chosen m/2circuits and compute her and Bob’s garbled output values.She sends the output value of only one of the chosen m/2circuits to Bob but this circuit should be correctly chosen with high probability,not revealing illegitimate information to Bob.To do this,both Alice and Bob run a procedure where Alice generates called a majority circuit that outputs a circuit index of one of the chosen m/2circuits.Finally,she sends only the output values of the chosen circuit of the speciﬁed index.Theﬂaw with the use of OT in Fairplay,as presented in[2],also exists in the protocol by Pinkas, and in other protocols that use OT as a building block,but can beﬁxed as described in[2]. However,in this paper we address a newﬂaw in the protocol by Pinkas concerning the majority circuit computation.Recently,Mohassel and Franklin[4]presented the committed-input scheme for secure two-party computation using garbled circuits with malicious behavior.We show that this scheme has aﬂaw. In the same paper[4]they also presented the k-leaked model,which permits leaking of some extra bits of information to a malicious party to achieve a simpler protocol and improve the eﬃciency. However,we show that whenever a participant cheats(and thereby gains extra bits of information), the honest participant does not notice that cheating has occurred.Lindell and Pinkas recently gave a simulation-based proof of security for the garbled circuit con-struction for the passive case[3].But,so far there is no formal proof of security for the garbled circuit for the malicious case.Our ContributionsThe main goal of this paper is to present a secure two-party protocol against malicious behavior using garbled circuits,that has an exponentially small cheating probability.To design it we will take the most advanced protocol of Pinkas as a basis.We present an alternative solution for the ﬂawed majority circuit computation in the protocol by Pinkas.Moreover,this correction makes our protocol more eﬃcient than the original protocol,since the majority circuit computation in our new protocol does not require an additional interactive procedure,as is the case in the protocol by Pinkas.Besides our new protocol,the other contributions of this paper are the descriptions of the newﬂaws found in the existing two-party protocols using garbled circuits,that are the motivation for the design of a new protocol.Outline of the PaperThe rest of the paper is organized as follows.In Section2,we discuss the majority circuit in the protocol by Pinkas and demonstrate a problem in the majority circuit computation in his protocol. In this section,we also discuss theﬂaws with the committed-input scheme and the k-leaked model. We end this section by introducing a modiﬁcation to deal with the majority circuit computation.In Section3,we present our new secure two-party protocol in the case of malicious behavior.Section 4analyzes the security of our secure two-party protocol.In Section5,we discuss its complexity. Finally,Section6concludes the paper.2Problem DescriptionIn this section,we start by sketching the reason why the majority circuit is computed in the protocol by Pinkas[6]and then show theﬂaw in his protocol.We continue by discussing theﬂawsin the committed-input scheme and the k-leaked model[4].Finally,we present the modiﬁcation of the garbled circuit such that we can remove the procedure of the majority circuit computation in[6],which will be used later in our new protocol.2.1Majority Circuit ComputationTo show the need of majority circuit and theﬂaw weﬁrst give a brief description of the protocol by Pinkas[6]where we focus on the majority circuit computation.For preliminaries on garbled circuits we refer to Appendix A.In the beginning of the protocol,Bob sends the garbled circuits GC j for j∈{1,...,m}to Alice. Alice then chooses a random set U⊂{1,...,m}of size m/2.The indices j∈U show the circuits GC j that will be evaluated and the indices j/∈U the circuits GC j that will be opened.Note that opening the circuits means verifying if Bob has constructed these circuits correctly.After Alice evaluates the circuits GC j for j∈U,she learns a set of output values for each of Bob’s output wires.It is not secure for her to send all the output values of the chosen circuits GC j where j∈U to Bob,since he might compute illegitimate information.For example,Bob could have constructed m−1circuits that compute the function f(x,y)and a single circuit which simply outputs Alice’s input values.Since Alice evaluates m/2out of m circuits,the probability would be1/2that this single circuit is selected by Alice.Therefore,Bob receives the outputs of the incorrect circuit from Alice with high probability at the end of the evaluation.Pinkas proposed the following procedure to remove this problem by considering Bob’s cheating: The goal is toﬁnd a circuit GC r for r∈U which is’most likely to be correct’.This means that the outcome of each i-th output wire of GC r agrees with the majority of the outcomes of the i-th output wires of all circuits GC j for j∈U.After that,Bob receives only the output of the circuit GC r and with high probability this circuit computes correct output,which means that he learns no information.To obtain this GC r,Alice constructs a new circuit called the majority circuit which outputs the index r after interaction between Alice and Bob.Pinkas lets Alice construct this majority circuit since this procedure is included to prevent Bob from cheating.But in the next section,we will show that this gives Alice an opportunity to cheat instead.2.2A Flaw in the Protocol by PinkasAfter the brief description of the majority circuit in Section2.1,we now point out the problem. Of all the circuits GC j for j∈U and each of Bob’s output wires,Bob knows a random bit k ij and Alice knows the value b ij⊕k ij,where b ij is the actual output bit for the i-th wire in the circuit GC j.This values are the outputs of the evaluation of the garbled circuits.Then,Alice and Bob run a procedure in which their respective private inputs are b ij⊕k ij and k ij,and whose output is an index r such that the outcome of each i-th output wire of GC r agrees with the majority of the outcomes of the i-th output wires of all the circuits GC j for j∈U.Note that with high probability at least m/4circuits compute the function f(x,y)which assures the existence of the circuit GC r with high probability.It is essential that after the procedure,Alice and Bob do not learn any more information besides r.But if Alice constructs the majority circuit,nothing prevents her from constructing a circuit which reveals some of Bob’s input values and hence some of the k i,j values.Then Alice learns Bob’s actual output bits,which should not be possible.In any case,one would need to avoid this by applying the same m/2-out-of-m technique again to remove cheating by Alice,but this would give rise to yet another majority circuit and this causes an inﬁnite loop.2.3Flaws in the Committed-Input SchemeMohassel and Franklin[4]presented a committed-input scheme to achieve a secure two-party protocol for the malicious model.This scheme is based on the protocol by Pinkas[6]which has a genericﬂaw with the use of oblivious transfer which is described in[2].In this section,we address another security problem in the committed-input scheme,in which a malicious Bob can cheat using his garbled input values.The scheme uses proofs of equality of discrete-log commitments[5]as a building block to let Bob show that his inputs are consistent.The goal of the scheme is to obtain a better eﬃciency,by using an alternative solution for the proofs of partial knowledge method by Cramer,Damg˚ard and Schoenmakers[1],and avoid expensive zero-knowledge proofs.The overall idea of the problem is that Bob can control which circuits can be evaluated by Alice. By this,Alice may evaluate a wrong majority circuit.The garbled circuits are constructed in such a way that the commitments will be Bob’s garbled input values.He has the possibility to send some bogus values instead of garbled input values,while the proof check(of equality of the discrete-log commitments)still passes.Alice accepts the proof but she cannot evaluate the circuits that have wrong input values.See Appendix B for a more detailed description over the problem. The problem can be easilyﬁxed in such a way that if Alice cannot evaluate a circuit then she aborts the protocol.Besides this,we also note that in the description of the protocol,the use of a majority circuit is mentioned.Although the details of computing the majority circuit are not given in the paper[4],one should realize that when it is done in the same way as in the protocol by Pinkas,the sameﬂaw as described in Section2.2appears.2.4A Flaw in the k-leaked ModelIn the paper by Mohassel and Franklin[4]the k-leaked Model is presented which permits a malicious party to learn some extra information.They claim that in this way the eﬃciency increases substantially.In this section,we show that a party can cheat in their protocol without being noticed which should not be possible.In their construction,both parties Alice and Bob are constructor and evaluator where a party Bob constructs a single garbled circuit and sends it to Alice.Alice evaluates it and computes the output values.This work is then repeated for a constructor Alice and evaluator Bob.Finally,it is only checked whether the actual outputs are equal or not.We show that Bob can change some of his input wires.For instance,he may use an input bit0 in the oblivious transfer for obtaining the garbled value for evaluating the circuit constructed by Alice,and use1for the same wire for the circuit he constructed(and to be evaluated by Alice). Then he may learn something from the fact that the output values of the two evaluations match or not.For example,suppose Alice and Bob agreed to run the millionaires protocol.Assume that a malicious Bob constructs his garbled circuit correctly.Assume also that a malicious Bob has input B=100and an honest Alice has input A=110.A malicious Bob can send the wrong input B =101in garbled form for his”correct”circuit and can use the correct input B=101for Alice’s circuit.The output of two circuits would be the same(namely that Alice is richer)and she cannot detect that Bob cheated,so Alice would think that everything ran correctly.However,Bob learnt that Alice’s input value is bigger than101instead of only bigger than100.(For example, only the values110and111are greater than101and therefore,the second bit of Alice must be 1.)Hence,diﬀerent inputs might result in extra information for a malicious participant without detection.Therefore the leakage is not limited to just1bit when going from the semi-honest case to the malicious case.2.5The Modiﬁcation of the Circuit to Correct the Majority ComputationIn this section,we present the modiﬁcation over the circuit C f which computes the original function f and explain how Alice can compute the majority of Bob’s output wires without interaction with Bob.Before we state the solution we introduce some deﬁnitions for concepts related to the majority.Fig.1.The modiﬁcation of a circuit C f to construct RC fMajority Value.Majority value for an output wire is the bit value that occurs most frequently for that wire considered over all circuits.(If the value occurs the same number of times,then let 0be the majority value.)Majority Wire.A wire is called a majority wire if its value is the majority value.Majority Circuit.A circuit is called a majority circuit if all of its wires are majority wires. Instead of permuting Bob’s output wires as in the protocol by Pinkas,Bob constructs the circuit C f with the following modiﬁcation:the circuit C f is modiﬁed into a so called randomized circuit RC f in which Bob’s output wires are randomized.Let|RC f|denote the number of gates.Also, denote I A for Alice’s input wires and I B for Bob’s input wires.Similarly,O A denotes Alice’s output wires and O B for Bob’s output ly,Bob’s i-th output wire W i and the additional new input wires W i are computed by exclusive-OR which results in Bob’s new output wires W i(see Figure1).Note that the i-th additional input wire W i will be contained in the set I B and the set of randomized output wires W i will be Bob’s new output wires O B.We use the notation commit P(r;s)to refer to a perfectly binding commitment scheme generated by the party P to a value r,using a random bit string mitments to Bob’s ordered pairs OP i,j=(w0i,j,w1i,j)by Bob for his i-th output wire and for the j-th garbled circuit are denoted COP i,j=(commit B(w0i,j,w1i,j;αi,j)).Bob then converts the randomized circuit RC f into garbled randomized circuits GRC j,j=1,...,m deﬁned byGRC j= PEG-4-Tuple i,j:1≤i≤|RC f| , OP i,j:i∈O A , COP i,j:i∈O B= t i,j:1≤i≤|RC f| , u i,j:i∈O A , v i,j:i∈O Bwhere t i,j denotes the permuted-encrypted-4-tuple i,j(note that this tuple is generated for each gate in the circuit RC f to construct the garbled circuit GRC f,for more details see Appendix A), u i,j denotes the ordered pair for Alice’s output wires I A and v i,j denotes the committed ordered pair for Bob’s randomized output wires O B.When Bob constructs the garbled circuits he chooses secretly and randomly a bit for each additional input wire.He assigns garbled input values to the additional input wires and to the additional output wires as in the original garbled circuit.In the same way as his original inputs,he then commits to them.Bob is required to prove that all garbled inputs for each circuit of the same wire are taken from the same set with the proofs of partial knowledge method in[1].Hence,he must choose the same bit b for all additional wires in the garbled circuits.This modiﬁcation of the m/2-out-of-m technique assures Alice that,with high probability,at least half of the circuits compute the right function and receive the same additional input values from Bob.They do not need a procedure that computes the majority circuit using interaction with Bob like in[6],since Alice can now compute the majority output values by herself.The majority circuit is then determined as follows:after Alice evaluates the circuits GRC j for j∈U she computes garbled output values.She then matches the garbled output values with the OP i,j and gets output bits.She then computes the number of0’s and1’s for Bob’s i th output wire for each of the circuits GRC j for j∈U and chooses majority wires.She applies this to all output wires and determines a majority circuit.Note that the m/2-out-of-m technique guarantees with very high probability that there exist at least m/4correct circuits GRC j for j∈U which implies the existence of a majority circuit.3The New ProtocolIn this section we present a description of our new secure two-party protocol against active ad-versaries.Our protocol is similar to the construction of Pinkas[6].We use committing OT toﬁx theﬂaw in his paper which is described in[2]and replace the majority circuit computation by the modiﬁcation presented in Section2.3.Before we give the description of the protocol,let us highlight the major diﬀerence in comparison with the protocol by Pinkas,which are related to(safely)computing the majority circuit.In our protocol,we need commitments twice for the computation of the majority circuit,to prevent both Alice and Bob from cheating.First of all,let us stress the importance of the committed ordered pairs COP i,j,that Bob sends (in Phase1in the protocol below)for each of his i-th output wires in the circuit GRC j.On the one hand,the COP i,j’s are necessary to prevent Bob from cheating,since Alice has to determine a majority circuit from randomized output values,and she needs to be ensured that the randomized output values that Bob sends are consistent with the actual output values.Since she can check if the committed ordered pairs were correctly prepared for the opened circuits,she knows with high probability that the randomized output values of the unopened circuits are also related to the actual output values.On the other hand,the hiding property of the commitment scheme assures Bob that Alice cannot learn the other garbled output value.Secondly,we use commitments called D j in another phase of the protocol,namely Phase5.This is because Alice has to commit to the garbled output values of all the evaluated circuits and send these commitments to Bob before he opens the committed ordered pairs.By the binding property, this ensures Bob that Alice cannot change the output values once the commitments are received. After the commitments COP i,j have been opened,Alice can determine the majority circuit GC r, and she opens only the commitment D r to Bob.Hence,the protocol that we will now describe,has Pinkas’original protocol as a basis,but is improved by using Committing OT(following[2])and by using the commitments with our modi-ﬁcation over the circuit C f as explained above.Description of our protocolLet b∈{0,1}.In Phase1,Bob prepares the garbled randomized circuits GRC j for j=1,...,m. He also generates the commitments to his garbled input values as A b i,j.He sends these circuits and the commitments to Alice.In Phase2,Committing OT is run in order for Alice to learn her garbled input values.Bob is the sender with private input w0i,j,w1i,j,and Alice is the receiver with private input b∈{0,1}.At the end of committing OT Alice receives w x ifor her input bit x i and Bob gets no information abouti,jwhich one is chosen.Also,the common output for them is commit B(w0i,j,w1i,j;δi,j)[2].In Phase3,Alice randomly chooses a set U of size m/2.She asks Bob to open the circuits GRC j for j/∈U.She also asks Bob to open the commitments commit B(w0i,j,w1i,j;δi,j)for j/∈U to check whether they are correct.In Phase4,Bob sends the sets C1j to Alice to open all the circuits and all the commitments for j/∈U so that Alice can check whether they are correct in Phase5.Note that Bob also opens the committed ordered pairs COP j,j/∈U since it is a part of the construction of GRC j.He also sends the set C2j that contains his garbled input values for the circuits GRC j,j∈U.Then Bob has to prove to Alice the consistency of the commitment per his input wire in each circuit GRC j,j∈U. This proof has to be applied since a malicious Bob might send diﬀerent inputs for the circuits GRC j where j∈U.For example,for most of the circuits GRC j,j∈U Bob might use garbled input values w0i,j for his input bit1where i∈I B and therefore,when Alice evaluates the circuits GRC j,j∈U she could determine an incorrect majority circuit.Hence,Alice must be ensured that Bob uses exactly the same input in each of the circuits GRC j,j∈U.Therefore,Bob sends his inputs with a proof of consistency of the commitments A b i,j published before.The consistency proof can be done with the proofs of partial knowledge method[1]in which Bob proves that either all m/2garbled values correspond to a0input,or all m/2garbled values correspond to a1input using the commitments A b i,j without revealing his private input.In Phase5,Alice veriﬁes the circuits and the commitments for j/∈U.She detects wrong gar-bled input values mitting OT is veriﬁed as follows:Bob opens the commitments commit B(w0i,j,w1i,j;δi,j)for i∈I A and j/∈U and Alice checks that her garbled input values w0i,j,w1i,j used in committing OT are equal to the corresponding circuit garbled input values,and theﬁrst garbled input value w0i,j in committing OT represents0and the second value represents w1i,j in committing OT represents1.If any of the veriﬁcation fails Alice aborts the protocol.If the proof checking succeeds,she evaluates the circuits GRC j for j∈U using the set C2j that contains garbled input values of Bob.and computes the garbled output values.She then commits to his output values as D j=commit A( w i,j:i∈O B ;γi,j)for j∈U and sends them to Bob.The commitments D j are generated to assure Bob that the committed values in D j are circuit output values.After Bob receives the commitments D j he opens the committed ordered pairs COP j for j∈U by sending C3j= w b i,j,αb i,j:i∈O B,b∈{0,1} for j∈U in ter Alice will check this commitment opening in Phase7.In Phase7,Aliceﬁrst checks the opening of the commitments COP i,j for j∈U.If the check succeeds,then she determines a majority circuit GRC r for some r∈U.Note that she can determine the majority circuit GRC r without further interaction with Bob since the additional input wires that were used to randomize Bob’s output wires are all the same for the same wire in each of the circuits GRC j where j∈U.Sheﬁnally matches her outputs with the OP i,r where i∈O A and gets f1(x,y).Bobﬁrst checks whether the commitments D r are correct in Phase8.He then veriﬁes that w i,r’s are one of his garbled output values for the same i wire in the circuit GRC r which ensures Bob that w i,r is correct(since Alice cannot compute the other garbled output value).Bob then matchesthe garbled output values that are received from Alice with the corresponding OP i,r for i ∈O B and the additional wire values in terms of bits (he knows how he made them garbled).Bob ﬁnally computes his output f 2(x,y )by XORing his randomized output wire for the circuit GRC r with the corresponding additional wires.Precise Description of the New Protocol Notation:–(c,d )=commit P (m ;r )refers to a perfectly binding commitment scheme to a message m using a random number r generated by the party P ,where c is the commitment and d is the decommitment information needed to open the commitment.Typically d =(m,r ).–I A denotes Alice’s input wires and O A her output wires.Similarly,I B denotes Bob’s input wires and O B his output wires.C f is the boolean circuit which computes the function f .RC f is the randomized boolean circuit which computes the function f and |RC f |denotes the number of gates in the circuit RC f .W RC f denotes all the wires and |W RC f |denotes the number of wires in the circuit RC f .–Commitment to an ordered pair OP i,j =(w 0i,j,w 1i,j )is denoted COP i,j =(commit B (w 0i,j ,w 1i,j ;αi,j )).–Randomized circuit RC f is converted into garbled randomized circuits GRC j ,j =1,...,m deﬁned byGRC j = PEG-4-Tuple i,j :1≤i ≤|RC f | , OP i,j :i ∈O A , COP i,j :i ∈O Bwhere PEG-4-Tuple i,j denotes the permuted-encrypted-garbled-4-tuple i,j (this is generated in the construction phase of the garbled circuit,see Appendix A for more details),OP i,j denotes the ordered pair and COP i,j denotes the committed ordered pair.Common Input:f Compute:f (x,y )=(f 1(x,y ),f 2(x,y ))AliceBob Private Input:x =x 1...x l Private Input:y =y 1...y lPhase 1-ConstructionConstruct GRC j for j =1,...,mSet A b i,j =commit B (w b i,j ;βb i,j )for i ∈I B ,b ∈{0,1},j =1,...,m←−−−−−− GRC j :j ∈{1,...,m } −−−−−−−−−−−−−−−−−−−−−−−−−−←− A b i,j :i ∈I B ,j ∈{1,...,m },b ∈{0,1} −−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−Phase 2-Oblivious Transfer Run l times in parallel,for all i ∈I APriv.Input:x iPriv.Input: w 0i,j ,w 1i,j :j =1,...,m Committing OT←→Priv.Output: w x i i,j :j =1,...,mPriv.Output: δi,j :j =1,...,m Common Output:B i,j = commit B (w 0i,j ,w 1i,j ;δi,j ):j =1,...,mPhase 3-Random SelectionU ∈R {V ⊆{1,...,m }:|V |=m/2}−U −−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−→Phase 4-Opening and ProofC 1j = w b i,j :i ∈W RC f , αb i,j :i ∈O B , βb i,j :i ∈I B ,δb i,j :i ∈I A ,b ∈{0,1} for j /∈UC 2j = w y i i,j :i ∈I B for j ∈UOR-Proof:∀i ∈I B ∃z i ∈{0,1}∀j ∈U ∃βi,j :A zi i,j =commit B (w y i i,j ;βi,j )←−C 1j ,C 2j ,OR-Proof −−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−Phase 5-Veriﬁcation and Evaluation of the CircuitsCheck GRC j for j /∈UA b i,j ?=commit B (w b i,j ;βb i,j )for i ∈I B ,j /∈U,b ∈{0,1}B i,j ?=commit B (w 0i,j ,w 1i,j ;δi,j )for i ∈I A ,j /∈UVerify OR-Proof Evaluate GRC j for j ∈U ,using C 2jCompute D j =commit A ( w i,j :i ∈O B ;γj )for j ∈U−D j ,j ∈U −−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−→Phase 6-Opening of COP i,jC 3j = w b i,j ,αb i,j :i ∈O B ,b ∈{0,1} for j ∈U←−−C 3j ,j ∈U −−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−Phase 7-Veriﬁcation of COP i,j and Decision of Majority CircuitCOP b i,j?=commit B (w b i,j ;αb i,j )for i ∈O B ,j ∈U,b ∈{0,1}Determine majority circuit GRC r where r ∈U −−−−−−−−−−r, w i,r :i ∈O B ,γr −−−−−−−−−−−−−−−−−−−−−−−−−→Phase 8-Veriﬁcation of the Garbled OutputD r ?=commit A ( w i,r :i ∈O B ;γr )Match w i,r with (w 0i,r ,w 1i,r )for all i ∈O A tocompute actual outputs.Private Output:f 1(x,y )Match w i,r with (w 0i,r ,w 1i,r )for all i ∈O B andapply XOR with the additional input wires tocompute actual outputs.Private Output:f 2(x,y )。