Paper 2020/545

Efficient and Round-Optimal Oblivious Transfer and Commitment with Adaptive Security

Ran Canetti, Pratik Sarkar, and Xiao Wang


We construct the most efficient two-round adaptively secure bit-OT in the Common Random String (CRS) model. The scheme is UC secure under the Decisional Diffie-Hellman (DDH) assumption. It incurs O(1) exponentiations and sends O(1) group elements, whereas the state of the art requires O(k^2) exponentiations and communicates poly(k) bits, where k is the computational security parameter. Along the way, we obtain several other efficient UC-secure OT protocols under DDH : - The most efficient yet two-round adaptive string-OT protocol assuming programmable random oracle. Furthermore, the protocol can be made non-interactive in the simultaneous message setting, assuming random inputs for the sender. - The first two-round string-OT with amortized constant exponentiations and communication overhead which is secure in the observable random oracle model. - The first two-round receiver equivocal string-OT in the CRS model that incurs constant computation and communication overhead. We also obtain the first non-interactive adaptive string UC-commitment in the CRS model which incurs a sublinear communication overhead in the security parameter. Specifically, we commit to polylog(k) bits while communicating O(k) bits. Moreover, it is additively homomorphic in nature. We can also extend our results to the single CRS model where multiple sessions share the same CRS. As a corollary, we obtain a two-round adaptively secure MPC protocol in this model.

Available format(s)
Cryptographic protocols
Publication info
A minor revision of an IACR publication in ASIACRYPT 2020
round optimaloblivious transfercommitment schemeadaptive corruptionsUC securityMPC
Contact author(s)
canetti @ bu edu
pratik93 @ bu edu
wangxiao @ cs northwestern edu
2020-09-12: revised
2020-05-15: received
See all versions
Short URL
Creative Commons Attribution


      author = {Ran Canetti and Pratik Sarkar and Xiao Wang},
      title = {Efficient and Round-Optimal Oblivious Transfer and Commitment with Adaptive Security},
      howpublished = {Cryptology ePrint Archive, Paper 2020/545},
      year = {2020},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.