Paper 2017/358

Almost Optimal Oblivious Transfer from QA-NIZK

Olivier Blazy, Céline Chevalier, and Paul Germouty


We show how to build a UC-Secure Oblivious Transfer in the presence of Adaptive Corruptions from Quasi-Adaptive Non-Interactive Zero-Knowledge proofs. Our result is based on the work of Jutla and Roy at Asiacrypt 2015, where the authors proposed a constant-size very efficient PAKE scheme. As a stepping stone, we first show how a two-flow PAKE scheme can be generically transformed in an optimized way, in order to achieve an efficient three-flow Oblivious-Transfer scheme. We then compare our generic transformations to existing OT constructions and see that we manage to gain at least a factor 2 to the best known constructions. To the best of our knowledge, our scheme is the first UC-secure Oblivious Transfer with a constant size flow from the receiver, and nearly optimal size for the server.

Note: Full version of the ACNS 2017 paper

Available format(s)
Public-key cryptography
Publication info
Published elsewhere. MAJOR revision.ACNS 2017
Oblivious TransferUniversal ComposabilityQA-NIZKPairing
Contact author(s)
olivier @ blazy eu
2017-04-26: received
Short URL
Creative Commons Attribution


      author = {Olivier Blazy and Céline Chevalier and Paul Germouty},
      title = {Almost Optimal Oblivious Transfer from QA-NIZK},
      howpublished = {Cryptology ePrint Archive, Paper 2017/358},
      year = {2017},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.