Paper 2022/1525

Endemic Oblivious Transfer via Random Oracles, Revisited

Zhelei Zhou, Zhejiang University
Bingsheng Zhang, Zhejiang University
Hong-Sheng Zhou, Virginia Commonwealth University
Kui Ren, Zhejiang University

The notion of Endemic Oblivious Transfer (EOT) was introduced by Masny and Rindal (CCS'19). EOT offers a weaker security guarantee than the conventional random OT; namely, the malicious parties can fix their outputs arbitrarily. The authors presented a 1-round UC-secure EOT protocol under a tailor-made and non-standard assumption, Choose-and-Open DDH, in the RO model. In this work, we systematically study EOT in the UC/GUC framework. We present a new 1-round UC-secure EOT construction in the RO model under the DDH assumption. Under the GUC framework, we propose the first 1-round EOT construction under the CDH assumption in the Global Restricted Observable RO (GroRO) model proposed by Canetti et al. (CCS'14). We also provide an impossibility result, showing there exist no 1-round GUC-secure EOT protocols in the Global Restricted Programmable RO (GrpRO) model proposed by Camenisch et al. (Eurocrypt'18). Subsequently, we provide the first round-optimal (2-round) EOT protocol with adaptive security under the DDH assumption in the GrpRO model. Finally, we investigate the relations between EOT and other cryptographic primitives. As side products, we present the first 2-round GUC-secure commitment in the GroRO model as well as a separation between the GroRO and the GrpRO models, which may be of independent interest.

Available format(s)
Cryptographic protocols
Publication info
A minor revision of an IACR publication in EUROCRYPT 2023
Endemic Oblivious TransferGlobal Random OraclesGUC
Contact author(s)
zl_zhou @ zju edu cn
bingsheng @ zju edu cn
hszhou @ vcu edu
kuiren @ zju edu cn
2023-03-11: revised
2022-11-04: received
See all versions
Short URL
Creative Commons Attribution-NonCommercial


      author = {Zhelei Zhou and Bingsheng Zhang and Hong-Sheng Zhou and Kui Ren},
      title = {Endemic Oblivious Transfer via Random Oracles, Revisited},
      howpublished = {Cryptology ePrint Archive, Paper 2022/1525},
      year = {2022},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.