Oblivious Transfer Based on the McEliece Assumptions

We implement one-out-of-two bit oblivious transfer (OT) based on the assumptions used in the McEliece cryptosystem: the hardness of decoding random binary linear codes, and the difficulty of distinguishing a permuted generating matrix of Goppa codes from a random matrix. To our knowledge this is the first OT reduction to these problems only.

[1]  Tanja Lange,et al.  Attacking and defending the McEliece cryptosystem , 2008, IACR Cryptol. ePrint Arch..

[2]  Oded Goldreich,et al.  Foundations of Cryptography: Volume 2, Basic Applications , 2004 .

[3]  Kazukuni Kobara,et al.  Semantically Secure McEliece Public-Key Cryptosystems-Conversions for McEliece PKC , 2001, Public Key Cryptography.

[4]  Stephen Wiesner,et al.  Conjugate coding , 1983, SIGA.

[5]  Robert H. Deng,et al.  On the equivalence of McEliece's and Niederreiter's public-key cryptosystems , 1994, IEEE Trans. Inf. Theory.

[6]  Jeroen van de Graaf,et al.  Committed Oblivious Transfer and Private Multi-Party Computation , 1995, CRYPTO.

[7]  Robert J. McEliece,et al.  The Theory of Information and Coding , 1979 .

[8]  Joe Kilian,et al.  Founding crytpography on oblivious transfer , 1988, STOC '88.

[9]  Yuval Ishai,et al.  Priced Oblivious Transfer: How to Sell Digital Goods , 2001, EUROCRYPT.

[10]  Silvio Micali,et al.  Non-Interactive Oblivious Transfer and Applications , 1989, CRYPTO.

[11]  Leonid A. Levin,et al.  A hard-core predicate for all one-way functions , 1989, STOC '89.

[12]  Iftach Haitner,et al.  Implementing Oblivious Transfer Using Collection of Dense Trapdoor Permutations , 2004, TCC.

[13]  Adi Shamir,et al.  An Efficient Identification Scheme Based on Permuted Kernels (Extended Abstract) , 1989, CRYPTO.

[14]  Moni Naor,et al.  Efficient oblivious transfer protocols , 2001, SODA '01.

[15]  Silvio Micali,et al.  How to play ANY mental game , 1987, STOC.

[16]  Michael O. Rabin,et al.  How To Exchange Secrets with Oblivious Transfer , 2005, IACR Cryptol. ePrint Arch..

[17]  Matthieu Finiasz,et al.  How to Achieve a McEliece-Based Digital Signature Scheme , 2001, ASIACRYPT.

[18]  Ivan Damgård,et al.  On the (Im)possibility of Basing Oblivious Transfer and Bit Commitment on Weakened Security Assumptions , 1998, EUROCRYPT.

[19]  Jacques Stern,et al.  An Efficient Pseudo-Random Generator Provably as Secure as Syndrome Decoding , 1996, EUROCRYPT.

[20]  Oded Regev,et al.  On lattices, learning with errors, random linear codes, and cryptography , 2005, STOC '05.

[21]  Donald Beaver,et al.  Precomputing Oblivious Transfer , 1995, CRYPTO.

[22]  Claude Crépeau,et al.  Equivalence Between Two Flavours of Oblivious Transfers , 1987, CRYPTO.

[23]  Andrei V. Kelarev,et al.  The Theory of Information and Coding , 2005 .

[24]  Moni Naor,et al.  Bit Commitment Using Pseudo-Randomness , 1989, CRYPTO.

[25]  Kazukuni Kobara,et al.  Oblivious Transfer via McEliece's PKC and Permuted Kernels , 2007, IACR Cryptol. ePrint Arch..

[26]  Robert J. McEliece,et al.  A public key cryptosystem based on algebraic coding theory , 1978 .

[27]  Moni Naor,et al.  Bit commitment using pseudorandomness , 1989, Journal of Cryptology.

[28]  Oded Goldreich,et al.  A randomized protocol for signing contracts , 1985, CACM.

[29]  Elwyn R. Berlekamp,et al.  On the inherent intractability of certain coding problems (Corresp.) , 1978, IEEE Trans. Inf. Theory.

[30]  Yael Tauman Kalai,et al.  Smooth Projective Hashing and Two-Message Oblivious Transfer , 2005, Journal of Cryptology.

[31]  Nicolas Sendrier,et al.  Finding the permutation between equivalent linear codes: The support splitting algorithm , 2000, IEEE Trans. Inf. Theory.

[32]  Anderson C. A. Nascimento,et al.  A CCA2 Secure Public Key Encryption Scheme Based on the McEliece Assumptions in the Standard Model , 2009, CT-RSA.

[33]  Kazukuni Kobara,et al.  Semantic security for the McEliece cryptosystem without random oracles , 2008, Des. Codes Cryptogr..

[34]  Richard J. Lipton,et al.  Cryptographic Primitives Based on Hard Learning Problems , 1993, CRYPTO.

[35]  Oded Goldreich,et al.  The Foundations of Cryptography - Volume 2: Basic Applications , 2001 .

[36]  Sampath Kannan,et al.  The relationship between public key encryption and oblivious transfer , 2000, Proceedings 41st Annual Symposium on Foundations of Computer Science.

[37]  Anne Canteaut,et al.  A New Algorithm for Finding Minimum-Weight Words in a Linear Code: Application to McEliece’s Cryptosystem and to Narrow-Sense BCH Codes of Length , 1998 .

[38]  F. Chabaud,et al.  A New Algorithm for Finding Minimum-Weight Words in a Linear Code: Application to Primitive Narrow-Sense BCH Codes of Length~511 , 1995 .