The Simplest Protocol for Oblivious Transfer

Conference paper

DOI: 10.1007/978-3-319-22174-8_3

Part of the Lecture Notes in Computer Science book series (LNCS, volume 9230)
Cite this paper as:
Chou T., Orlandi C. (2015) The Simplest Protocol for Oblivious Transfer. In: Lauter K., Rodríguez-Henríquez F. (eds) Progress in Cryptology -- LATINCRYPT 2015. LATINCRYPT 2015. Lecture Notes in Computer Science, vol 9230. Springer, Cham


Oblivious Transfer (OT) is the fundamental building block of cryptographic protocols. In this paper we describe the simplest and most efficient protocol for 1-out-of-n OT to date, which is obtained by tweaking the Diffie-Hellman key-exchange protocol. The protocol achieves UC-security against active and adaptive corruptions in the random oracle model. Due to its simplicity, the protocol is extremely efficient and it allows to perform m 1-out-of-n OTs using only:
  • Computation:\((n+1)m+2\) exponentiations (mn for the receiver, \(mn+2\) for the sender) and

  • Communication:\(32(m+1)\) bytes (for the group elements), and 2mn ciphertexts.

We also report on an implementation of the protocol using elliptic curves, and on a number of mechanisms we employ to ensure that our software is secure against active attacks too. Experimental results show that our protocol (thanks to both algorithmic and implementation optimizations) is at least one order of magnitude faster than previous work.

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  1. 1.Technische Universieit EindhovenEindhovenThe Netherlands
  2. 2.Aarhus UniversityAarhusDenmark

Personalised recommendations