A preprint posted to arXiv on June 17, 2026 by Baigang Chen and Nicholas Hopper describes G-Lox, short for group-adaptive Lox, a system for distributing access bridges that keeps the distributor blind to which user belongs to which group while still allowing the system to adapt its assignments at the group level. The work sits squarely in the applied-cryptography lane: its core contribution is an arrangement of secure-computation protocols that lets a stateful policy run without any single party seeing the data that would deanonymize users.

The starting point is Lox, a prior bridge-distribution design whose defining property is distributor blindness — the entity handing out bridges does not learn the identities or groupings of the users it serves. The authors extend that property. As the abstract puts it, G-Lox preserves Lox-style distributor blindness while enabling hidden, stateful group-level adaptation, and it does so by splitting the adaptive assignment logic across two servers so that neither one alone holds the sensitive state.

"G-Lox places adaptive assignment logic behind a two-server privacy wall, so no single server learns group identifiers or group-to-bridge assignments."— G-Lox abstract, arXiv, source

The cryptographic machinery named in the abstract is specific. Private state access and state-dependent updates use two-server distributed point function and function secret sharing (DPF/FSS) protocols together with secure two-party computation. DPF and FSS are techniques that let two non-colluding servers jointly answer queries against, or update, a secret-shared table without either server learning which entry was touched; secure two-party computation lets the two servers evaluate a function on their shared inputs without revealing those inputs to each other. The authors report that this combination supports three concrete operations: blockage reporting, transport-aware reassignment, and privacy-preserving group splitting — that is, the system can react to bridges being blocked, move users to alternatives that match their transport, and split groups, all while the per-user grouping stays hidden behind the two-server wall.

The reported measurements

The paper evaluates G-Lox through system measurements and policy simulation. For the system side, the authors describe a C++/EMP implementation running over real TCP sockets, and they report that private state access carries low client-visible overhead. Across state sizes up to 2^16, the abstract states that communication remains in the low-KiB range per iteration. At a state size denoted M=1024, the reported figures are concrete: the client sends 1,968 bytes, receives 1,280 bytes, and completes an iteration in about 0.25 seconds. Those numbers describe a single private-state-access iteration in the authors' setup, not an end-to-end deployment benchmark, and the abstract frames them as evidence that the privacy wall is cheap from the client's perspective rather than as a throughput claim for a full network.

The second half of the evaluation is simulation. The authors run policy simulations with group-specific blocking and Sybil enumeration — a setting where an adversary both blocks bridges targeted at particular groups and floods the system with fake identities to enumerate assignments. Under those conditions, the abstract states that G-Lox improves robustness over Lox- and rBridge-like baselines among systems that maintain broad issuance. The comparison is qualified twice: it is against named baseline families (Lox-like and rBridge-like), and it is scoped to systems that maintain broad issuance, which is the design regime the authors are operating in. The paper reports an improvement in robustness within that comparison rather than a general superiority claim.

Why the two-server split is the point

For readers tracking secure-computation deployments, the load-bearing design choice in G-Lox is the two-server, non-collusion model. The privacy guarantee in the abstract is stated as no single server learning group identifiers or group-to-bridge assignments — a guarantee that holds when the two servers do not collude, which is the standard trust assumption for DPF/FSS and two-party-computation systems of this shape. That model is what lets the system keep stateful, adaptive policy logic (reassignment, splitting) running over data that, in a single-server design, the operator would have to see in the clear. The authors' framing throughout is that the adaptivity and the blindness are usually in tension, and the contribution is making the adaptive logic run behind the privacy wall rather than in front of it.

Several bounds are worth keeping straight, all stated by the authors. The system is an implementation and simulation study, not a fielded deployment report; the throughput claim is anchored to private-state-access iterations at the stated state sizes; and the robustness comparison is against Lox-like and rBridge-like baselines under a broad-issuance regime, with group-specific blocking and Sybil enumeration as the modeled adversary. The non-collusion assumption between the two servers underpins the entire privacy claim. Readers who want the protocol details — the DPF/FSS constructions, the two-party-computation circuits for reassignment and splitting, and the full measurement and simulation methodology — can consult the preprint at the canonical arXiv record linked below.

The three operations the abstract names also map cleanly onto the threat model the simulations exercise, which is what makes the system more than a generic private-database exercise. Blockage reporting is the input channel an adversary's group-specific blocking creates work on: when bridges aimed at a particular group go dark, the system needs to learn that without learning which group reported it. Transport-aware reassignment is the response — moving affected users to alternatives that match their transport — and privacy-preserving group splitting is the structural lever that limits how much a single compromised or enumerated group can leak. Running all three behind the two-server wall means the policy can react to an active adversary while the per-user grouping that the adversary is trying to recover never materializes in the clear on either server. That is the design tension the paper foregrounds: a blind distributor is easy if it never adapts, and an adaptive distributor is easy if it can see groups, and G-Lox's reported result is keeping both properties at the per-iteration cost the measurements record.