Cryptology ePrint Archive: Report 2013/552

More Efficient Oblivious Transfer and Extensions for Faster Secure Computation

Gilad Asharov and Yehuda Lindell and Thomas Schneider and Michael Zohner

Abstract: Protocols for secure computation enable parties to compute a joint function on their private inputs without revealing anything but the result. A foundation for secure computation is oblivious transfer (OT), which traditionally requires expensive public key cryptography. A more efficient way to perform many OTs is to extend a small number of base OTs using OT extensions based on symmetric cryptography. In this work we present optimizations and efficient implementations of OT and OT extensions in the semi-honest model. We propose a novel OT protocol with security in the standard model and improve OT extensions with respect to communication complexity, computation complexity, and scalability. We also provide specific optimizations of OT extensions that are tailored to the secure computation protocols of Yao and Goldreich-Micali-Wigderson and reduce the communication complexity even further. We experimentally verify the efficiency gains of our protocols and optimizations. By applying our implementation to current secure computation frameworks, we can securely compute a Levenshtein distance circuit with 1.29 billion AND gates at a rate of 1.2 million AND gates per second. Moreover, we demonstrate the importance of correctly implementing OT within secure computation protocols by presenting an attack on the FastGC framework.

Category / Keywords: cryptographic protocols / oblivious transfer; implementation

Original Publication (with minor differences): ACM CCS 2013

Date: received 3 Sep 2013

Contact author: michael zohner at ec-spride de

Available format(s): PDF | BibTeX Citation

Version: 20130904:141912 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]