On the Reversibility of Oblivious Transfer
- 2.5k Downloads
A ( 1 2 )-OT2 (one-out-of-two Bit Oblivious Transfer) is a technique by which a party S owning two secret bits b 0, b 1, can transfer one of them b c to another party R, who chooses c. This is done in a way that does not release any bias about b c to R nor any bias about c to S. How can one build a 2TO-( 1 2 ) (( 1 2 )-OT2 from R to S) given a ( 1 2 )-OT2 (from S to R)? This question is interesting because in many scenarios, one of the two parties will be much more powerful than the other.
In the current paper we answer this question and show a number of related extensions. One interesting extension of this transfer is the ( 1 2 )-OT 2 k (one-out-of-two String O.T.) in which the two secrets q 0, q 1 are elements of GF k(2) instead of bits We show that 2 k TO-( 1 2 ) can be obtained at about the same cost as ( 1 2 )-OT 2 k , in terms of number of calls to ( 1 2 )-OT2.
KeywordsSmart Card Expansion Factor Interesting Extension Oblivious Transfer Related Extension
- [BC91]G. Brassard and C. Crépeau. Quantum bit commitment and coin tossing protocols. In S. Vanstone, editor, Advances in Cryptology: Proceedings of Crypto’ 90, Springer-Verlag, 1991. to appear.Google Scholar
- [BCR86]G. Brassard, C. Crépeau, and J.-M. Robert. Information theoretic reductions among disclosure problems. In 27th Symp. of Found. of Computer Sci., pages 168–173, IEEE, 1986.Google Scholar
- [CGH*85]B. Chor, O. Goldreich, J. Hastad, J. Friedmann, S. Rudich, and R. Smolensky. The bit extraction problem or t-resilient functions. In Proceedings of the 26th IEEE Symposium on Foundations of Computer Science, pages 396–407, IEEE, Portland, 1985.Google Scholar
- [CM91]C. Crépeau and S. Micali. Secure two-party protocols. 1991. in preparation.Google Scholar
- [Cre90]C. Crépeau. Correct and Private Reductions among Oblivious Transfers. PhD thesis, Department of Elec. Eng. and Computer Science, Massachusetts Institute of Technology, 1990. Supervised by Silvio Micali.Google Scholar
- [CS]C. Crépeau and M. Sántha. Efficient reductions among oblivious transfer protocols. submitted to STOC 91.Google Scholar
- [EGL83]S. Even, O. Goldreich, and A. Lempel. A randomized protocol for signing contracts. In R. L. Rivest, A. Sherman, and D. Chaum, editors, Proceedings CRYPTO 82, pages 205–210, Plenum Press, New York, 1983.Google Scholar
- [GV88]O. Goldreich and R. Vainish. How to solve any protocol problem-an efficiency improvement (extended abstract). In C. Pomerance, editor, Advances in Cryptology: Proceedings of Crypto’ 87, pages 73–86. Springer-Verlag, 1988.Google Scholar
- [MS77]F.J. MacWilliams and N.J.A. Sloane. The Theory of Error-Correcting Codes. North-Holland, 1977.Google Scholar
- [OVY91]R. Ostrovsky, R. Venkatesan, and M. Yung. On the complexity of asymmetric games. In Proceedings of Sequences’ 91, 1991. to appear. This work was first presented at the DIMACS workshop on cryptography, October 1990.Google Scholar