Cryptology ePrint Archive: Report 2014/692

Extending Oblivious Transfer Efficiently, or - How to get active security with constant cryptographic overhead

Enrique Larraia

Abstract: On top of the passively secure extension protocol of [IKNP03] we build a new construction secure against active adversaries. We can replace the invocation of the hash function that is used to check the receiver is well-behaved with the XOR of bit strings. This is possible by applying a cut-and-choose technique on the length of the bit strings that the receiver sends in the reversed OT. We also improve on the number of seeds required for the extension, both asymptotically and practically. Moreover, the protocol used to test receiver's behaviour enjoys unconditional security.

Category / Keywords: cryptographic protocols / Oblivious Transfer, Extension

Original Publication (in the same form): Latincrypt 2014

Date: received 3 Sep 2014

Contact author: cseldv at bristol ac uk

Available format(s): PDF | BibTeX Citation

Version: 20140904:061154 (All versions of this report)

Short URL: ia.cr/2014/692

Discussion forum: Show discussion | Start new discussion