Paper 2013/099

Constant-round secure two-party computation from a linear number of oblivious transfer

Samuel Ranellucci and Alain Tapp


We construct a protocol for constant round Two-Party Secure Function Evaluation in the standard model which improves previous protocols in several ways. We are able to reduce the number of calls to Oblivious Transfer by a factor proportional to the security parameter. In addition to being more efficient than previous instantiations, our protocol only requires black box calls to OT and Commitment. This is achieved by the use of a faulty variant of the Cut-and-Choose OT. The concepts of Garbling Schemes, faulty Cut-and-Choose Oblivious Transfer and Privacy Amplification are combined using the Cut-and-Choose paradigm to obtain the final protocol.

Note: More efficient protocol.

Available format(s)
Cryptographic protocols
Publication info
Published elsewhere. Unknown status
Secure Function EvaluationOblivious TransferPrivacy AmplificationUniversal ComposabilityGarbling Schemes
Contact author(s)
alain tapp @ gmail com
2013-09-18: last of 3 revisions
2013-02-27: received
See all versions
Short URL
Creative Commons Attribution


      author = {Samuel Ranellucci and Alain Tapp},
      title = {Constant-round secure two-party computation from a linear number of oblivious transfer},
      howpublished = {Cryptology ePrint Archive, Paper 2013/099},
      year = {2013},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.