Paper 2020/819

UC-Secure OT from LWE, Revisited

Willy Quach


We build a two-round, UC-secure oblivious transfer protocol (OT) in the common reference string (CRS) model under the Learning with Errors assumption (LWE) with sub-exponential modulus-to-noise ratio. We do so by instantiating the dual-mode encryption framework of Peikert, Vaikuntanathan and Waters (CRYPTO'08). The resulting OT can be instantiated in either one of two modes: one providing statistical sender security, and the other statistical receiver security. Furthermore, our scheme allows the sender and the receiver to reuse the CRS across arbitrarily many executions of the protocol. To the best of our knowledge, this gives the first construction of a UC-secure OT from LWE that achieves both statistical receiver security and unbounded reusability of the CRS. For comparison, there was, until recently, no such construction from LWE satisfying either one of these two properties. In particular, the construction of UC-secure OT from LWE of Peikert, Vaikuntanathan and Waters only provides computational receiver security and bounded reusability of the CRS. Our main technical contribution is a public-key encryption scheme from LWE where messy public keys (under which encryptions hide the underlying message statistically) can be recognized in time essentially independent of the LWE modulus $q$.

Available format(s)
Cryptographic protocols
Publication info
Published elsewhere. Minor revision. SCN'20
Oblivious TransferLWE
Contact author(s)
quach w @ husky neu edu
2020-07-06: received
Short URL
Creative Commons Attribution


      author = {Willy Quach},
      title = {{UC}-Secure {OT} from {LWE}, Revisited},
      howpublished = {Cryptology ePrint Archive, Paper 2020/819},
      year = {2020},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.