Paper 2020/924

Ferret: Fast Extension for coRRElated oT with small communication

Kang Yang, Chenkai Weng, Xiao Lan, Jiang Zhang, and Xiao Wang


Correlated oblivious transfer (COT) is a crucial building block for secure multi-party computation (MPC) and can be generated efficiently via OT extension. Recent works based on the pseudorandom correlation generator (PCG) paradigm presented a new way to generate random COT correlations using only communication sublinear to the output length. However, due to their high computational complexity, these protocols are only faster than the classical IKNP-style OT extension under restricted network bandwidth. In this paper, we propose new COT protocols in the PCG paradigm that achieve unprecedented performance. With 50 Mbps network bandwidth, our maliciously secure protocol can produce one COT correlation in 22 nanoseconds. More specifically, our results are summarized as follows: - We propose a semi-honest COT protocol with sublinear communication and linear computation. This protocol assumes primal-LPN and is built upon a recent VOLE protocol with semi-honest security by Schoppmann et al. (CCS 2019). We are able to apply various optimizations to reduce its communication cost by roughly 15x, not counting a one-time setup cost that diminishes as we generate more COTs. - We strengthen our COT protocol to malicious security with no loss of efficiency. Among all optimizations, our new protocol features a new checking technique that ensures correctness and consistency essentially for free. In particular, our maliciously secure protocol is only 1-3 nanoseconds slower for each COT. - We implemented our protocols, and the code will be publicly available at EMP-toolkit. We observe at least 9x improvement in running time compared to the state-of-the-art protocol by Boyle et al. (CCS 2019) in both semi-honest and malicious settings under any network faster than 50 Mbps. With this new record of efficiency for generating COT correlations, we anticipate new protocol designs and optimizations will flourish on top of our protocol.

Available format(s)
Cryptographic protocols
Publication info
Published elsewhere. MINOR revision.2020 ACM SIGSAC Conference on Computer and Communications Security (CCS'20)
correlated oblivious transfersecure computation
Contact author(s)
wangxiao @ cs northwestern edu
2020-09-06: last of 3 revisions
2020-07-26: received
See all versions
Short URL
Creative Commons Attribution


      author = {Kang Yang and Chenkai Weng and Xiao Lan and Jiang Zhang and Xiao Wang},
      title = {Ferret: Fast Extension for coRRElated oT with small communication},
      howpublished = {Cryptology ePrint Archive, Paper 2020/924},
      year = {2020},
      doi = {10.1145/3372297.3417276},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.