Paper 2007/215

Extending Oblivious Transfers Efficiently - How to get Robustness Almost for Free

Jesper Buus Nielsen

Abstract

At Crypto 2003 Ishai et al. gave a protocol which given a small number of (possibly extremely inefficient) oblivious transfers implements an essentially unbounded number of oblivious transfers for an additional overhead, per oblivious transfer, of computing and sending only two hash values. This highly efficient protocol is however only passive secure. To get active security, except with probability $2^{-m}$, the protocol had to suffer an additional overhead of a factor $1+m$. We introduce a new approach to adding robustness. For practical security parameters this approach allows to add robustness while suffering only a small constant overhead over the passive secure protocol. As an example we can generate one million oblivious transfers with security $2^{-42}$ with an amortized cost of just $9$ hash values per oblivious transfer.

Metadata
Available format(s)
PDF PS
Category
Cryptographic protocols
Publication info
Published elsewhere. Unknown where it was published
Keywords
oblivious transfer
Contact author(s)
buus @ daimi au dk
History
2007-07-11: revised
2007-06-08: received
See all versions
Short URL
https://ia.cr/2007/215
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2007/215,
      author = {Jesper Buus Nielsen},
      title = {Extending Oblivious Transfers Efficiently - How to get Robustness Almost for Free},
      howpublished = {Cryptology ePrint Archive, Paper 2007/215},
      year = {2007},
      note = {\url{https://eprint.iacr.org/2007/215}},
      url = {https://eprint.iacr.org/2007/215}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.