Essentially Optimal Universally Composable Oblivious Transfer
نویسندگان
چکیده
Oblivious transfer is one of the most important cryptographic primitives, both for theoretical and practical reasons and several protocols were proposed during the years. We provide the first oblivious transfer protocol which is simultaneously optimal on the following list of parameters: Security: it has universal composition. Trust in setup assumptions: only one of the parties needs to trust the setup (and some setup is needed for UC security). Trust in computational assumptions: only one of the parties needs to trust a computational assumption. Round complexity: it uses only two rounds. Communication complexity: it communicates O(1) group elements to transfer one out of two group elements. The Big-O notation hides 32, meaning that the communication is probably not optimal, but is essentially optimal in that the overhead is at least constant. Our construction is based on pairings, and we assume the presence of a key registration authority.
منابع مشابه
Universally Composable Oblivious Transfer in the Multi-party Setting
We construct efficient universally composable oblivious transfer protocols in the multi-party setting for honest majorities. Unlike previous proposals our protocols are designed in the plain model (i.e., without a common reference string), are secure against malicious adversaries from scratch (i.e., without requiring an expensive compiler), and are based on weaker cryptographic assumptions than...
متن کاملOblivious Transfer in the Universally Composable Security Model
A new promising direction in cryptography, started almost twenty years ago, is the field of Secure Multiparty Computation. In this scenario a set of players want to compute some functions on their inputs, but they don’t trust each other so they don’t want to disclose their inputs to each other. The purpose of this thesis is to investigate the Oblivious Transfer primitive, one of the fundamental...
متن کاملUniversally Composable Adaptive Priced Oblivious Transfer
An adaptive k-out-of-N Priced Oblivious Transfer (POT) scheme is a two-party protocol between a vendor and a buyer. The vendor sells a set of messages m1, . . . ,mN with prices p1, . . . , pN . In each transfer phase i = 1, . . . , k, the buyer chooses a selection value σi ∈ {1, . . . ,N } and interacts with the vendor to buy message mσi in such a way that the vendor does not learn σi and the b...
متن کاملUniversally Composable Adaptive Priced Oblivious Transfer
An adaptive k-out-of-N Priced Oblivious Transfer (POT) scheme is a two-party protocol betweena vendor and a buyer. The vendor sells a set of messagesm1, . . .,mN with pricesp1, . . . ,pN . Ineach transfer phase i = 1, . . . , k, the buyer chooses a selection value σi ∈ {1, . . . ,N } and interactswith the vendor to buy messagemσi in such a way that the vendor doe...
متن کاملDavid & Goliath Oblivious Affine Function Evaluation - Asymptotically Optimal Building Blocks for Universally Composable Two-Party Computation from a Single Untrusted Stateful Tamper-Proof Hardware Token
Cryptographic assumptions regarding tamper-proof hardware tokens have gained increasing attention. Even if the tamper-proof hardware is issued by one of the parties, and hence not necessarily trusted by the other, many tasks become possible: Tamper proof hardware is sufficient for universally composable protocols, for information-theoretically secure protocols, and even can be used to create so...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2008 شماره
صفحات -
تاریخ انتشار 2008