Paper 2018/648

Secure Oblivious Transfer from Semi-Commutative Masking

Cyprien Delpech de Saint Guilhem and Emmanuela Orsini and Christophe Petit and Nigel P. Smart

Abstract

In this work we first define semi-commutative (invertible) masking structures which present a simple abstraction to capture the various examples of protocol design that are based on exponentiation-only style operations (such as discrete logarithm and isogeny based cryptography). We discuss two possible instantiations of our structure: The first is based on commutative group actions and captures both the action of exponentiation in the discrete logarithm setting and also the action of the class group of commutative endomorphism rings of elliptic curves, in the style of the CSIDH key-exchange protocol; the second is based on the semi-commutative action of isogenies of supersingular elliptic curves, in the style of the SIDH key-exchange protocol. We then design two oblivious transfer protocols using this structure and prove that they securely UC-realise the standard OT-functionality in the Random-Oracle-hybrid model against passive adversaries with static corruptions. This paper thus introduces the first oblivious transfer protocol based on supersingular isogenies that is proven secure in the UC framework.