Paper 2007/382

Oblivious Transfer via McEliece's PKC and Permuted Kernels

K. Kobara, K. Morozov, and R. Overbeck


We present two efficient protocols for two flavors of oblivious transfer (OT): the Rabin and 1-out-of-2 OT using the McEliece cryptosystem and Shamir's zero-knowledge identification scheme based on permuted kernels. This is a step towards diversifying computational assumptions on which OT -- the primitive of central importance -- can be based. Although we obtain a weak version of Rabin OT (where the malicious receiver may decrease his erasure probability), it can nevertheless be reduced to secure 1-out-of-2 OT. Elaborating on the first protocol, we provide a practical construction for 1-out-of-2 OT.

Available format(s)
Cryptographic protocols
Publication info
Published elsewhere. Unknown where it was published
Oblivious transfercoding-based cryptographyMcEliece cryptosystempermuted kernel problem.
Contact author(s)
overbeck @ cdc informatik tu-darmstadt de
kirill morozov @ aist go jp
2008-06-30: last of 2 revisions
2007-09-27: received
See all versions
Short URL
Creative Commons Attribution


      author = {K.  Kobara and K.  Morozov and R.  Overbeck},
      title = {Oblivious Transfer via {McEliece}'s {PKC} and Permuted Kernels},
      howpublished = {Cryptology ePrint Archive, Paper 2007/382},
      year = {2007},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.