Cryptology ePrint Archive: Report 2013/491

Improved OT Extension for Transferring Short Secrets

Vladimir Kolesnikov and Ranjit Kumaresan

Abstract: We propose an optimization and generalization of OT extension of Ishai et al. of Crypto 2003. For computational security parameter k, our OT extension for short secrets off ers O(log k) factor performance improvement in communication and computation, compared to prior work. In concrete terms, for today's security parameters, this means approx. factor 2-3 improvement. This results in corresponding improvements in applications relying on such OT. In particular, for two-party semi-honest SFE, this results in O(log k) factor improvement in communication over state of the art Yao Garbled Circuit, and has the same asymptotic complexity as the recent multi-round construction of Kolesnikov and Kumaresan of SCN 2012. For multi-party semi-honest SFE, where their construction is inapplicable, our construction implies O(log k) factor communication and computation improvement over best previous constructions. As with our OT extension, for today's security parameters, this means approximately factor 2 improvement in semi-honest multi-party SFE. Our building block of independent interest is a novel IKNP-based framework for 1-out-of-n OT extension, which o ffers O(log n) factor performance improvement over previous work (for n<=k), and concrete factor improvement of up to 5 for today's security parameters (n=k=128). Our protocol is the first practical OT with communication/computation cost sublinear in the security parameter (prior sublinear constructions of Ishai et al. are not efficient in concrete terms).

Category / Keywords: cryptographic protocols / OT extension, 1-out-of-2 OT, 1-out-of-n OT.

Original Publication (in the same form): IACR-CRYPTO-2013

Date: received 12 Aug 2013

Contact author: ranjit at cs technion ac il

Available format(s): PDF | BibTeX Citation

Version: 20130815:072254 (All versions of this report)

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]