Journal of Cryptology

, Volume 20, Issue 3, pp 323–373 | Cite as

On Unconditionally Secure Distributed Oblivious Transfer

  • Carlo BlundoEmail author
  • Paolo D'ArcoEmail author
  • Alfredo De SantisEmail author
  • Douglas StinsonEmail author


This paper is about the oblivious transfer in the distributed model proposed by Naor and Pinkas. In this setting a Sender has n secrets and a Receiver is interested in one of them. During a set-up phase, the Sender gives informationabout the secrets to m Servers. Afterwards, in a recovering phase, the Receiver can compute the secret she wishes by interacting with any k of them. More precisely, from the answers received she computes the secret in which she is interested but she gets no information on the others and, at the same time, any coalition of k - 1 Servers can neither compute any secret nor figure out which one the Receiver has recovered. We present an analysis and new results holding for this model: lower bounds on the resources required to implement such a scheme (i.e., randomness, memory storage, communication complexity); some impossibility results for one-round distributed oblivious transfer protocols; two polynomial-based constructions implementing 1-out-of-n distributed oblivious transfer, which generalize and strengthen the two constructions for 1-out-of-2 given by Naor and Pinkas; as well as new one-round and two-round distributed oblivious transfer protocols, both for threshold and general access structures on the set of Servers, which are optimal with respect to some of the given bounds. Most of these constructions are basically combinatorial in nature.


Orthogonal Array Access Structure Secret Sharing Scheme Random String Oblivious Transfer 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© International Association for Cryptologic Research 2007

Authors and Affiliations

  1. 1.Dipartimento di Informatica ed Applicazioni, Universita di Salerno84084 Fisciano (SA)Italy
  2. 2.David R. Cheriton School of Computer Science, University of WaterlooWaterloo, Ontario, N2L 3G1Canada

Personalised recommendations