Paper 2020/635

Two-Round Oblivious Linear Evaluation from Learning with Errors

Pedro Branco, Nico Döttling, and Paulo Mateus


Oblivious Linear Evaluation (OLE) is the arithmetic analogue of the well-know oblivious transfer primitive. It allows a sender, holding an affine function $f(x)=a+bx$ over a finite field or ring, to let a receiver learn $f(w)$ for a $w$ of the receiver's choice. In terms of security, the sender remains oblivious of the receiver's input $w$, whereas the receiver learns nothing beyond $f(w)$ about $f$. In recent years, OLE has emerged as an essential building block to construct efficient, reusable and maliciously-secure two-party computation. In this work, we present efficient two-round protocols for OLE over large fields based on the Learning with Errors (LWE) assumption, providing a full arithmetic generalization of the oblivious transfer protocol of Peikert, Vaikuntanathan and Waters (CRYPTO 2008). At the technical core of our work is a novel extraction technique which allows to determine if a non-trivial multiple of some vector is close to a $q$-ary lattice.

Available format(s)
Cryptographic protocols
Publication info
A minor revision of an IACR publication in PKC 2022
Contact author(s)
pmbranco @ math tecnico ulisboa pt
doettling @ cispa saarland
pmat @ math ist utl pt
2022-02-18: last of 3 revisions
2020-06-03: received
See all versions
Short URL
Creative Commons Attribution


      author = {Pedro Branco and Nico Döttling and Paulo Mateus},
      title = {Two-Round Oblivious Linear Evaluation from Learning with Errors},
      howpublished = {Cryptology ePrint Archive, Paper 2020/635},
      year = {2020},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.