Chicago Journal of Theoretical Computer Science

Volume 2008

Article 6

Published by Dept. CS U. Chicago. Copyright 2008 CJTCS and the author.

Efficient Fully-Simulatable Oblivious Transfer

Yehuda Lindell
Department of Computer Science
Bar-Ilan University

December 2, 2008
Oblivious transfer, first introduced by Rabin, is one of the basic building blocks of cryptographic protocols. In an oblivious transfer (or more exactly, in its 1-out-of-2 variant), one party known as the sender has a pair of messages and the other party, known as the receiver, obtains one of them. Somewhat paradoxically, the receiver obtains exactly one of the messages (and learns nothing of the other), and the sender does not know which of the messages the receiver obtained. Due to its importance as a building block for secure protocols, the efficiency of oblivious transfer protocols has been extensively studied. However, todate, there are almost no known oblivious transfer protocols that are secure in the presence of malicious adversaries under the real/ideal model simulation paradigm (without using general zero-knowledge proofs). Thus, efficient protocols that reach this level of security are of great interest. In this paper we present efficient oblivious transfer protocols that are secure according to the ideal/real model simulation paradigm. We achieve constructions under the DDH, Nth residuosity, and quadratic residuosity assumptions, as well as under the assumption that homomorphic encryption exists.

DOI: 10.4086/cjtcs.2008.006
[] Volume 2008, Article 5
[back] Volume 2008 [back] Published articles
[CJCTS home]