Paper 2022/1511

Round-Optimal Oblivious Transfer and MPC from Computational CSIDH

Saikrishna Badrinarayanan, LinkedIn (United States)
Daniel Masny, Meta
Pratyay Mukherjee, Supra
Sikhar Patranabis, IBM Research India
Srinivasan Raghuraman, Visa Research
Pratik Sarkar, Boston University

We present the first round-optimal and plausibly quantum-safe oblivious transfer (OT) and multi-party computation (MPC) protocols from the computational CSIDH assumption - the weakest and most widely studied assumption in the CSIDH family of isogeny-based assumptions. We obtain the following results: - The first round-optimal maliciously secure OT and MPC protocols in the plain model that achieve (black-box) simulation-based security while relying on the computational CSIDH assumption. - The first round-optimal maliciously secure OT and MPC protocols that achieves Universal Composability (UC) security in the presence of a trusted setup (common reference string plus random oracle) while relying on the computational CSIDH assumption. Prior plausibly quantum-safe isogeny-based OT protocols (with/without setup assumptions) are either not round-optimal, or rely on potentially stronger assumptions. We also build a 3-round maliciously-secure OT extension protocol where each base OT protocol requires only 4 isogeny computations. In comparison, the most efficient isogeny-based OT extension protocol till date due to Lai et al. [Eurocrypt 2021] requires 12 isogeny computations and 4 rounds of communication, while relying on the same assumption as our construction, namely the reciprocal CSIDH assumption.

Available format(s)
Cryptographic protocols
Publication info
A minor revision of an IACR publication in PKC 2023
IsogeniesCSIDHPost-QuantumOblivious TransferMPCRound Optimal
Contact author(s)
bsaikrishna7393 @ gmail com
daniel masny @ rub de
pratyay85 @ gmail com
sikhar patranabis @ ibm com
srini131293 @ gmail com
pratik93 @ bu edu
2023-02-06: revised
2022-11-02: received
See all versions
Short URL
Creative Commons Attribution


      author = {Saikrishna Badrinarayanan and Daniel Masny and Pratyay Mukherjee and Sikhar Patranabis and Srinivasan Raghuraman and Pratik Sarkar},
      title = {Round-Optimal Oblivious Transfer and MPC from Computational CSIDH},
      howpublished = {Cryptology ePrint Archive, Paper 2022/1511},
      year = {2022},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.