Practical Oblivious Transfer Protocols

  • Christian Tobias
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2578)


We consider 1-out-N Oblivious Transfer (OT) for strings. Oblivious Transfer is a primitive used in a variety of cryptographic protocols and applications (e.g. [11], 1, 10, 17, 12, [13]).

We present a new highly efficient two-pass (one-round) protocol for 1- out-N OT. Our protocol has a constant online computational complexity (for the chooser as well as for the sender). This is a surprising property, since in our protocol the sender’s computational complexity does not depend on the number N of strings. The privacy of chooser and sender is protected computational under the Decisional Diffie-Hellman assumption.

We also sketch how to apply the techniques of [1] to our protocol to get a protocol for priced OT.


Random Oracle Random Oracle Model Oblivious Transfer Protocol Execution Oblivious Transfer Protocol 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [1]
    B. Aiello, Y. Ishai, O. Reingold, “Priced Oblivious Transfer: How to Sell Digital Goods”, Advances in Cryptology-Eurocrypt 2001, LNCS 2045, pp. 119–135 415, 416, 417, 423, 425Google Scholar
  2. [2]
    D. Beaver, “How to Break a’ secure’ Oblivious Transfer Protocol”, Advances in Cryptology-Crypto’ 92, LNCS 658, pp. 285–296 418Google Scholar
  3. [3]
    M. Bellare, P. Rogaway, “Random Oracles are Practical: a paradigm for designing efficient protocols”, Proceedings of the 1st ACM Conference on Computer and Communications Security, pp. 62–73, Fairfax (Virginia) USA, 1993, ACM Press 418Google Scholar
  4. [4]
    R. Canetti, “Towards Realizing Random Oracles: Hash Functions That Hide All Partial Information”, Proceedings of Advances in Cryptology-Crypto’ 97, pp. 455–469 418Google Scholar
  5. [5]
    R. Canetti, O. Goldreich, S. Halevi, “The Random Oracle Methodology, Revisited”, Proceedings of the 30th Annual ACM Symposium on Theory of Computing (STOC) 1998, pp. 209–218, ACM Press 418Google Scholar
  6. [6]
    C. Dwork, M. Naor, O. Reingold, L. Stockmeyer, “Magic Functions”, Proceedings of the 40th Symposium of Foundations of Computer Science (FOCS) 1999, pp. 23–534 418Google Scholar
  7. [7]
    T. ElGamal, “A public key cryptosystem and a signature scheme based on discrete logarithms”, Advances in Cryptology-Crypto’ 84, LNCS 196 417, 426Google Scholar
  8. [8]
    T. ElGamal, “A public key cryptosystem and a signature scheme based on discrete logarithms” IEEE Transactions on Information Theory, 31 (1985), An earlier version appeared in [7] 417Google Scholar
  9. [9]
    O. Goldreich, “Secure Multi-Party Computation”, Working Draft, Version 1.2, March 2000Google Scholar
  10. [10]
    O. Goldreich, M. Micali, A. Widgerson, “How to Play any Mental Game”, Proceedings of the 19th ACM symposium on Theory of Computing (STOC), 1987, pp. 218–299 415Google Scholar
  11. [11]
    J. Kilian, “Founding Cryptography on Oblivious Transfer”, Proceedings of the 20th ACM Symposium on Theory of Computing, 1988, pp. 20–31 415Google Scholar
  12. [12]
    M. Naor, B. Pinkas, “Oblivious Transfer and Polynomial Evaluation”, Proceedings of the 31st ACM symposium on Theory of Computing (STOC), 1999, pp. 245–254 415Google Scholar
  13. [13]
    M. Naor, B. Pinkas, “Privacy Preserving Auctions and Mechanism Design”, Proceedings of the 1st ACM Conference on Electronic Commerce, 1999, pp 129–139 415Google Scholar
  14. [14]
    M. Naor, B. Pinkas, “Efficient Oblivious Transfer Protocols”, Proceedings of the 12th ACM-SIAM Symposium on Discrete Algorithms (SODA) 2001, pp. 448–457 416Google Scholar
  15. [15]
    M. Naor, O. Reingold, “Number-Theoretic Constructions of Efficient Pseudo-Random Functions”, Proceedings of the 38th Symposium of Foundations of Computer Science (FOCS) 1997, pp. 458–467 417Google Scholar
  16. [16]
    W. Tzeng, “Efficient 1-out-n oblivious transfer schemes”, Workshop on Practice and Theory in Public-Key Cryptography (PKC 02), LNCS, 2002 416Google Scholar
  17. [17]
    A. C. Yao, “How to Generate and Exchange Secrets”, Proceedings of the 27th IEEE Symposium on Foundations of Computer Science, 1986, pp. 162–167 415Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 203

Authors and Affiliations

  • Christian Tobias
    • 1
  1. 1.Department of MathematicsJustus Liebig University GiessenGiessenGermany

Personalised recommendations