Oblivious and fair server-aided two-party computation

We show efficient, practical (server-aided) secure two-party computation protocols ensuring privacy, correctness and fairness in the presence of malicious (Byzantine) faults. Our requirements from the server are modest. To ensure privacy and correctness, we only assume a circuit evaluation service, executing an initialisation program provided by both parties. To ensure fairness, we further assume a trusted-decryption service, providing decryption service using a known public key. Our fairness-ensuring protocol is optimistic, i.e., the decryption service is invoked only in case of faults.Both of these trusted services are feasible in practice, and may be useful for additional tasks; both can also be distributed, with linear overhead, for redundancy. We believe that the protocols are sufficiently efficient, to allow deployment, in particular for financial applications. We also propose applications which constitute natural candidates to benefit from our protocols.