Cryptology ePrint Archive: Report 1996/010

Oblivious Transfers and Intersecting Codes

Gilles Brassard, Claude Crepeau, Miklos Santha

Abstract: Assume A owns t secret k-bit strings. She is willing to disclose one of them to B, at his choosing, provided he does not learn anything about the other strings. Conversely, B does not want A to learn which secret he chose to learn. A protocol for the above task is said to implement One-out-of-t String Oblivious Transfer. An apparently simpler task corresponds to the case k=1 and t=2 of two one-bit secrets: this is known as One-out-of-two Bit OT. We address the question of implementing the former assuming the existence of the later. In particular, we prove that the general protocol can be implemented from O(tk) calls to One-out-of-two Bit OT. This is optimal up to a small multiplicative constant. Our solution is based on the notion of self-intersecting codes. Of independent interest, we give several efficient new constructions for such codes. Another contribution of this paper is a set of information-theoretic definitions for correctness and privacy of unconditionally-secure oblivious transfer.

Category / Keywords: Oblivious Transfer, Intersecting Codes, Protocols, Information Theory.

Publication Info: Appeared in the THEORY OF CRYPTOGRAPHY LIBRARY and has been included in the ePrint Archive. Appeared in IEEE Transactions on Information Theory, Nov. 1996.

Date: received July 26th, 1996.

Contact author: crepeau at iro umontreal ca

Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | BibTeX Citation

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]