Cryptology ePrint Archive: Report 2014/692
Extending Oblivious Transfer Efficiently, or - How to get active security with constant cryptographic overhead
Abstract: On top of the passively secure extension protocol of [IKNP03] we build
a new construction secure against active adversaries.
We can replace the invocation of the hash function that is used
to check the receiver is well-behaved with the XOR of bit strings.
This is possible by applying a cut-and-choose
technique on the length of the bit strings that the receiver sends
in the reversed OT. We also improve on the number
of seeds required for the extension, both asymptotically and practically.
Moreover, the protocol used to test receiver's behaviour enjoys
Category / Keywords: cryptographic protocols / Oblivious Transfer, Extension
Original Publication (in the same form): Latincrypt 2014
Date: received 3 Sep 2014
Contact author: cseldv at bristol ac uk
Available format(s): PDF | BibTeX Citation
Version: 20140904:061154 (All versions of this report)
Short URL: ia.cr/2014/692
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]