New Communication-Efficient Oblivious Transfer Protocols Based on Pairings

  • Helger Lipmaa
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5222)


We construct two simple families of two-message (n,1)-oblivious transfer protocols based on degree-t homomorphic cryptosystems with the communication of respectively 1 + ⌈n/t⌉ and 3 + ⌈n/(t + 1)⌉ ciphertexts. The construction of both families relies on efficient cryptocomputable conditional disclosure of secret protocols; the way this is done may be of independent interest. The currently most interesting case t = 2 can be based on the Boneh-Goh-Nissim cryptosystem. As an important application, we show how to reduce the communication of virtually any existing oblivious transfer protocols by proposing a new related communication-efficient generic transformation from computationally-private information retrieval protocols to oblivious transfer protocols.


Computationally-private information retrieval conditional disclosure of secrets homomorphic encryption oblivious transfer 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. Aiello, W., Ishai, Y., Reingold, O.: Priced Oblivious Transfer: How to Sell Digital Goods. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 119–135. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  2. Boneh, D., Franklin, M.K.: Identity-Based Encryption from The Weil Pairing. SIAM Journal of Computing 32(3), 586–615 (2003)zbMATHCrossRefMathSciNetGoogle Scholar
  3. Boneh, D., Goh, E.-J., Nissim, K.: Evaluating 2-DNF Formulas on Ciphertexts. In: Kilian [Kil05], pp. 325–341Google Scholar
  4. Damgård, I., Jurik, M.: A Generalisation, A Simplification And Some Applications of Pailliers Probabilistic Public-Key System. In: Kim, K. (ed.) PKC 2001. LNCS, vol. 1992, pp. 119–136. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  5. Freedman, M.J., Ishai, Y., Pinkas, B., Reingold, O.: Keyword Search And Oblivious Pseudorandom Functions. In: Kilian [Kil05], pp. 303–324.Google Scholar
  6. Gertner, Y., Ishai, Y., Kushilevitz, E., Malkin, T.: Protecting Data Privacy in Private Information Retrieval Schemes. Journal of Computer and System Sciences 60(3), 592–629 (2000)zbMATHCrossRefMathSciNetGoogle Scholar
  7. Groth, J., Ostrovsky, R., Sahai, A.: Perfect Non-Interactive Zero-Knowledge for NP. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 338–359. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  8. Gentry, C., Ramzan, Z.: Single-Database Private Information Retrieval with Constant Communication Rate. In: Caires, L., Italiano, G.F., Monteiro, L., Palamidessi, C., Yung, M. (eds.) ICALP 2005. LNCS, vol. 3580, pp. 803–815. Springer, Heidelberg (2005)Google Scholar
  9. Ishai, Y., Paskin, A.: Evaluating Branching Programs on Encrypted Data. In: Vadhan, S. (ed.) TCC 2007. LNCS, vol. 4392, pp. 575–594. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  10. Kilian, J.: Founding Cryptography on Oblivious Transfer. In: Proceedings of the Twentieth Annual ACM Symposiumon Theory of Computing, Chicago, Illinois, USA, 2-4 May 1988, pp. 20–31. ACM Press, New York (1988)CrossRefGoogle Scholar
  11. Kilian, J. (ed.): TCC 2005. LNCS, vol. 3378. Springer, Heidelberg (2005)zbMATHGoogle Scholar
  12. Lipmaa, H.: An Oblivious Transfer Protocol with Log-Squared Communication. In: Zhou, J., López, J., Deng, R.H., Bao, F. (eds.) ISC 2005. LNCS, vol. 3650, pp. 314–328. Springer, Heidelberg (2005)Google Scholar
  13. Lipmaa, H.: Private Branching Programs: On Communication-Efficient Cryptocomputing. Technical Report 2008/107, International Association for Cryptologic Research (2008),
  14. Laur, S., Lipmaa, H.: A New Protocol for Conditional Disclosure of Secrets And Its Applications. In: Katz, J., Yung, M. (eds.) ACNS 2007. LNCS, vol. 4521, pp. 207–225. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  15. Naor, M., Pinkas, B.: Computationally Secure Oblivious Transfer. Journal of Cryptology 18(1), 1–35 (2005)zbMATHCrossRefMathSciNetGoogle Scholar
  16. Paillier, P.: Public-Key Cryptosystems Based on Composite Degree Residuosity Classes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 223–238. Springer, Heidelberg (1999)Google Scholar
  17. Stern, J.P.: A New And Efficient All Or Nothing Disclosure of Secrets Protocol. In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998. LNCS, vol. 1514, pp. 357–371. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  18. Yao, A.C.-C.: Protocols for Secure Computations (Extended Abstract). In: 23rd Annual Symposium onFoundations of Computer Science, Chicago, Illinois, USA, 3–5 November 1982, pp. 160–164. IEEE Computer Society Press, Los Alamitos (1982)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Helger Lipmaa
    • 1
  1. 1.University College LondonUK

Personalised recommendations