Paper 2017/993

A Framework for Efficient Adaptively Secure Composable Oblivious Transfer in the ROM

Paulo S. L. M. Barreto, Bernardo David, Rafael Dowsley, Kirill Morozov, and Anderson C. A. Nascimento


Oblivious Transfer (OT) is a fundamental cryptographic protocol that finds a number of applications, in particular, as an essential building block for two-party and multi-party computation. We construct a universally composable (UC) protocol for oblivious transfer secure against active adaptive adversaries from any OW-CPA secure public-key encryption scheme with certain properties in the random oracle model (ROM). In terms of computation, our protocol only requires the generation of a public/secret-key pair, six encryption operations and two decryption operation, apart from a few calls to the random oracle. In~terms of communication, our protocol only requires the transfer of one public-key, four ciphertexts, six binary strings of size equal to the security parameter, and two binary strings of size equal to the OT's messages. Next, we show how to instantiate our construction under the low noise LPN, McEliece, QC-MDPC, and CDH assumptions. Our instantiations based on the low noise LPN, McEliece, and QC-MDPC assumptions are the first UC-secure OT protocols based on coding assumptions to achieve: 1) adaptive security, 2) low round complexity, 3) low communication and computational complexities. Previous results in this setting only achieved static security and used costly cut-and-choose techniques. Our CDH-based instantiation is the first UC-secure OT protocol based on this assumption.

Note: Fixed an issue in the security proof identified by the anonymous reviewers of PKC 2018, making public a solution that had been privately communicated to the reviewers early in the review process.

Available format(s)
Cryptographic protocols
Publication info
Contact author(s)
rafael @ cs au dk
2017-12-21: last of 3 revisions
2017-10-11: received
See all versions
Short URL
Creative Commons Attribution


      author = {Paulo S.  L.  M.  Barreto and Bernardo David and Rafael Dowsley and Kirill Morozov and Anderson C.  A.  Nascimento},
      title = {A Framework for Efficient Adaptively Secure Composable Oblivious Transfer in the ROM},
      howpublished = {Cryptology ePrint Archive, Paper 2017/993},
      year = {2017},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.