Paper 2009/074

Computational Oblivious Transfer and Interactive Hashing

Kirill Morozov and George Savvides


We use interactive hashing to achieve the most efficient OT protocol to date based solely on the assumption that trapdoor permutations (TDP) exist. Our protocol can be seen as the following (simple) modification of either of the two famous OT constructions: 1) In the one by Even et al (1985), a receiver must send a random domain element to a sender through IH; 2) In the one by Ostrovsky et al (1993), the players should use TDP instead of one-way permutation. A similar approach is employed to achieve oblivious transfer based on the security of the McEliece cryptosystem. In this second protocol, the receiver inputs a public key into IH, while privately keeping the corresponding secret key. Two different versions of IH are used: the computationally secure one in the first protocol, and the information-theoretically secure one in the second.

Note: This version only includes some corrected errata and minor revisions, as compared to the previous version.

Available format(s)
Publication info
Published elsewhere. Unknown where it was published
Oblivious transferinteractive hashingtrapdoor permutationMcEliece cryptosystem
Contact author(s)
kirill morozov @ aist go jp
2009-05-29: last of 2 revisions
2009-02-16: received
See all versions
Short URL
Creative Commons Attribution


      author = {Kirill Morozov and George Savvides},
      title = {Computational Oblivious Transfer and Interactive Hashing},
      howpublished = {Cryptology ePrint Archive, Paper 2009/074},
      year = {2009},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.