Paper 2005/349

Oblivious Transfer and Linear Functions

Ivan B. Damgaard, Serge Fehr, Louis Salvail, and Christian Schaffner

Abstract

We study unconditionally secure 1-out-of-2 Oblivious Transfer (1-2 OT). We first point out that a standard security requirement for 1-2 OT of bits, namely that the receiver only learns one of the bits sent, holds if and only if the receiver has no information on the XOR of the two bits. We then generalize this to 1-2 OT of strings and show that the security can be characterized in terms of binary linear functions. More precisely, we show that the receiver learns only one of the two strings sent if and only if he has no information on the result of applying any binary linear function (which non-trivially depends on both inputs) to the two strings. We then argue that this result not only gives new insight into the nature of 1-2 OT, but it in particular provides a very powerful tool for analyzing 1-2 OT protocols. We demonstrate this by showing that with our characterization at hand, the reduceability of 1-2 OT (of strings) to a wide range of weaker primitives follows by a very simple argument. This is in sharp contrast to previous literature, where reductions of 1-2 OT to weaker flavors have rather complicated and sometimes even incorrect proofs.

Metadata
Available format(s)
PDF PS
Category
Foundations
Publication info
Published elsewhere. Full version of the Crypto 2006 paper.
Keywords
Oblivious transferinformation theory
Contact author(s)
Serge Fehr @ cwi nl
History
2006-08-28: last of 2 revisions
2005-10-05: received
See all versions
Short URL
https://ia.cr/2005/349
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2005/349,
      author = {Ivan B.  Damgaard and Serge Fehr and Louis Salvail and Christian Schaffner},
      title = {Oblivious Transfer and Linear Functions},
      howpublished = {Cryptology {ePrint} Archive, Paper 2005/349},
      year = {2005},
      url = {https://eprint.iacr.org/2005/349}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.