Skip to main content
SpringerLink
Log in

Information-theoretically secure oblivious polynomial evaluation in the commodity-based model

  • Regular Contribution
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

Oblivious polynomial evaluation (OPE) consists of a two-party protocol where a sender inputs a polynomial \(p(x)\) and a receiver inputs a single value \(x_{0}\). At the end of the protocol, the sender learns nothing and the receiver learns \(p(x_{0})\). This paper deals with the problem of oblivious polynomial evaluation under an information-theoretic perspective, which is based on the definitions of unconditional security developed by Crépeau et al. (Information-theoretic conditions for two-party secure function evaluation. EUROCRYPT 2006, LNCS 4004. Springer, Berlin, Heidelberg, pp 538–554, 2006). In this paper, we propose an information-theoretic model for oblivious polynomial evaluation relying on pre-distributed data and prove very general lower bounds on the size of the pre-distributed data, as well as the size of the communications in any protocol. It is demonstrated that these bounds are tight by obtaining a round-optimal OPE protocol, which meets the lower bounds simultaneously. We present a natural generalization to OPE called oblivious linear functional evaluation.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5

Similar content being viewed by others

Notes

  1. In the computational security setting, OT can be based on various assumptions [3, 1113, 16, 20, 27, 28, 30].

References

  1. Ahlswede, R., Csiszár, I.: On oblivious transfer capacity. ISIT 2007, pp. 2061–2064. (2007)

  2. Beaver, D.: Commodity-based cryptography (extended abstract). STOC 1997, pp. 446–455. (1997)

  3. Bellare, M., Micali, S.: Non-interactive oblivious transfer and applications. CRYPTO 89, 547–557 (1990)

  4. Bleichenbacher, D., Nguyen, P.: Noisy Polynomial Interpolation and Noisy Chinese Remaindering. EUROCRYPT 2000, LNCS. Springer, New York (2000)

    Google Scholar 

  5. Blundo, C., Masucci, B., Stinson, D.R., Wei, R.: Constructions and bounds for unconditionally secure non-interactive commitment schemes. Des Codes Cryptogr 26(1–3), 97–110 (2002)

    Article  MATH  MathSciNet  Google Scholar 

  6. Chang, Yan-Cheng, Lu, Chi-Jen: Oblivious Polynomial Evaluation and Oblivious Neural Learning. ASIACRYPT 2001, LNCS. Springer, New York (2001)

    Google Scholar 

  7. Crépeau, C.: Efficient cryptographic protocols based on noisy channels. EUROCRYPT 1997, pp. 306–317. (1997)

  8. Crépeau, C., Morozov, K., Wolf, S.: Efficient unconditional oblivious transfer from almost any noisy channel. SCN 2004, pp. 47–59. (2004)

  9. Crépeau, C., Savvides, G., Schaffner, G., Wullschleger, J.: Information-theoretic conditions for two-party secure function evaluation. EUROCRYPT 2006, LNCS, 4004, Springer, Berlin, Heidelberg, pp. 538–554. (2006)

  10. Crépeau, C., Wullschleger, J.: Statistical security conditions for two-party secure function evaluation. ICITS 2008, LNCS, vol. 5155, pp. 86–99. Springer, New York (2008)

  11. Dowsley, R., van de Graaf, J., Müller-Quade, J., Nascimento, A.C.A.: Oblivious transfer based on the McEliece assumptions. ICITS 2008, pp. 107–117. (2008)

  12. Dowsley, R., van de Graaf, J., Müller-Quade, J., Nascimento, A.C.A.: Oblivious transfer based on the McEliece assumptions. IEICE Trans. Fundam. Electron. Commun. Comput. Sci. E95–A(2), 567–575 (2012)

    Article  Google Scholar 

  13. Even, S., Goldreich, O., Lempel, A.: A randomized protocol for signing contracts. CRYPTO 82, pp. 205–210. (1983)

  14. Freedman, M.J., Ishai, Y., Pinkas, B., Reingold, O.: Keyword search and oblivious pseudorandom functions. TCC 2005, pp. 303–324. (2005)

  15. Gilboa, N.: Two party RSA key generation. CRYPTO 1999, pp. 116–129. (1999)

  16. Haitner, I.: Implementing oblivious transfer using collection of dense trapdoor permutations. TCC 2004, pp. 394–409. (2004)

  17. Hanaoka, G., Imai, H., Müller-Quade, J., Nascimento, A.C.A., Otsuka, A., Winter, A.: Information theoretically secure oblivious polynomial evaluation: model, bounds, and constructions. ACISP 2004, pp. 62–73. (2004)

  18. Hanaoka, G., Shikata, J., Zheng, Y., Imai, H.: Unconditionally secure digital signature schemes admitting transferability. ASIACRYPT 2000, LNCS, vol. 1976, pp. 130–142. Springer, New York (2000)

  19. Imai, H., Morozov, K., Nascimento, A.C.A.: On the oblivious transfer capacity of the erasure channel. ISIT 2006, pp. 1428–1431. (2006)

  20. Kalai, Y.T.: Smooth projective hashing and two-message oblivious transfer. EUROCRYPT 2005, pp. 78–95. (2005)

  21. Kilian, J.: Founding cryptography on oblivious transfer. STOC 1988, pp. 20–31. (1988)

  22. Matsumoto, T., Imai, H.: On the key predistribution systems. A practical solution to the key distribution problem. CRYPTO 1987, LNCS, vol. 293, pp. 185–193. Springer, New York (1988)

  23. Lindell, Y., Pinkas, B.: Privacy preserving data mining. J. Cryptol. 15(19), 177–206 (2002)

    Article  MATH  MathSciNet  Google Scholar 

  24. Nascimento, A.C.A., Morozov, K., Imai, H.: Efficient oblivious transfer protocols achieving a non-zero rate from any non-trivial noisy correlation. ICITS. (2007)

  25. Nascimento, A.C.A., Winter, A.: On the oblivious-transfer capacity of noisy resources. IEEE Trans. Inf. Theory 54(6), 2572–2581 (2008)

    Article  MathSciNet  Google Scholar 

  26. Naor, M., Pinkas, B.: Oblivious transfer and polynomial evaluation. STOC 1999, pp. 245–254. (1999)

  27. Naor, M., Pinkas, B.: Efficient oblivious transfer protocols. In 12th annual ACM-SIAM symposium on discrete algorithms, pp. 448–457. (2001)

  28. Peikert, C., Vaikuntanathan, V., Waters, B.: A framework for efficient and composable oblivious transfer. CRYPTO 2008, pp. 554–571. (2008)

  29. Pinto, A.C.B., Dowsley, R., Morozov, K., Nascimento, A.C.A.: Achieving oblivious transfer capacity of generalized erasure channels in the malicious model. IEEE Trans. Inf. Theory 57(8), 5566–5571 (2011)

    Article  MathSciNet  Google Scholar 

  30. Rabin, M.O.: How to exchange secrets by oblivious transfer. Technical Report TR-81, Harvard. (1981)

  31. Rivest, R.: Unconditionally secure commitment and oblivious transfer schemes using concealing channels and a trusted initializer. Preprint available at http://people.csail.mit.edu/rivest/Rivest-commitment

Download references

Author information

Authors and Affiliations

  1. Department of Electrical Engineering, University of Brasilia, Campus Darcy Ribeiro, Brasília , 70910-900, Brazil

    Rafael Tonicelli & Anderson C. A. Nascimento

  2. Institute of Theoretical Informatics, Karlsruhe Institute of Technology, Am Fasanengarten 5, 76128 , Karlsruhe, Germany

    Rafael Dowsley & Jörn Müller-Quade

  3. National Institute of Advanced Industrial Science and Technology (AIST), 1-18-13, Sotokanda, Chyioda-ku, Tokyo , 101-0021, Japan

    Hideki Imai, Goichiro Hanaoka & Akira Otsuka

Authors
  1. Rafael Tonicelli
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Anderson C. A. Nascimento
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Rafael Dowsley
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Jörn Müller-Quade
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Hideki Imai
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Goichiro Hanaoka
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Akira Otsuka
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Rafael Dowsley.

Additional information

A preliminary, conference version of this work appeared in [17]. We would like to point out that this journal version uses a more strict, simulation-based model of security for the positive results which implies the security of sequential compositions of the protocol. In addition, the proofs of the lower bounds are generalized to cover also protocols with multiple rounds instead of being for one-round protocols only.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Tonicelli, R., Nascimento, A.C.A., Dowsley, R. et al. Information-theoretically secure oblivious polynomial evaluation in the commodity-based model. Int. J. Inf. Secur. 14, 73–84 (2015). https://doi.org/10.1007/s10207-014-0247-8

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-014-0247-8

Keywords

Search

Navigation