Paper 2008/182

Restricted Adaptive Oblivious Transfer

Javier Herranz


In this work we consider the following primitive, that we call {\it restricted adaptive oblivious transfer}. On the one hand, the owner of a database wants to restrict the access of users to this data according to some policy, in such a way that a user can only obtain information satisfying the restrictions imposed by the owner. On the other hand, a legitimate user wants to privately retrieve allowed parts of the data, in a sequential and adaptive way, without letting the owner know which part of the data is being obtained. After having formally described the components and required properties of a protocol for restricted adaptive oblivious transfer, we propose two generic ways to realize this primitive. The first one uses a cryptographic tool which has received a lot of attention from the literature in the last years: cryptosystems which are both multiplicatively and additively homomorphic. Our second generic construction is based on secret sharing schemes.

Note: Some updates and publication info

Available format(s)
Cryptographic protocols
Publication info
Published elsewhere. Theoretical Computer Science, Vol. 412, pp. 6498–6506 (2011)
Oblivious transferhomomorphic encryptionsecret sharing
Contact author(s)
jherranz @ ma4 upc edu
2011-09-27: revised
2008-04-21: received
See all versions
Short URL
Creative Commons Attribution


      author = {Javier Herranz},
      title = {Restricted Adaptive Oblivious Transfer},
      howpublished = {Cryptology ePrint Archive, Paper 2008/182},
      year = {2008},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.