In this paper, we introduce a new primitive called cut-and-choose bilateral oblivious transfer, which transfers all necessary keys of garbled circuits in one process. Specifically, in our oblivious transfer protocol, the sender inputs two pairs $(x_0,x_1)$, $(y_0,y_1)$ and a bit $\tau$; the receiver inputs two bits $\sigma$ and $j$. After the protocol execution, the receiver obtains $x_{\tau},y_{\sigma}$ for $j=1$, and $x_0,x_1,y_0,y_1$ for $j=0$.
By the introduction of this new primitive, the round complexity of secure two-party computation protocol can be decreased; the cut-and-choose challenge $j$ is no need to be opened anymore, therefore the consistency proof of $j$ is omitted. In addition, the primitive is of independent interest and could be useful in many cut-and-choose scenarios.
Category / Keywords: cryptographic protocols / Secure Two-party Computation, Round Complexity, Cut-and-choose Inverse OT, Cut-and-choose Bilateral OT Date: received 29 Sep 2014 Contact author: jianghan at sdu edu cn Available format(s): PDF | BibTeX Citation Version: 20140930:124651 (All versions of this report) Short URL: ia.cr/2014/768 Discussion forum: Show discussion | Start new discussion