Unfair Noisy Channels and Oblivious Transfer

In a paper from EuroCrypt’99, Damgard, Kilian and Salvail show various positive and negative results on constructing Bit Commitment (BC) and Oblivious Transfer (OT) from Unfair Noisy Channels (UNC), i.e., binary symmetric channels where the error rate is only known to be in a certain interval [γ..δ] and can be chosen adversarily. They also introduce a related primitive called PassiveUNC. We prove in this paper that any OT protocol that can be constructed based on a PassiveUNC and is secure against a passive adversary can be transformed using a generic “compiler” into an OT protocol based on a UNC which is secure against an active adversary. Apart from making positive results easier to prove in general, this also allows correcting a problem in the EuroCrypt’99 paper: There, a positive result was claimed on constructing from UNC an OT that is secure against active cheating. We point out that the proof sketch given for this was incomplete, and we show that a correct proof of a much stronger result follows from our general compilation result and a new technique for transforming between weaker versions of OT with different parameters.

[1]  Joe Kilian,et al.  A note on efficient zero-knowledge proofs and arguments (extended abstract) , 1992, STOC '92.

[2]  Olivier Danvy A Rational Deconstruction of Landin's SECD Machine , 2004, IFL.

[3]  Hoi-Kwong Lo,et al.  Is Quantum Bit Commitment Really Possible? , 1996, ArXiv.

[4]  David Chaum,et al.  Minimum Disclosure Proofs of Knowledge , 1988, J. Comput. Syst. Sci..

[5]  Philipp Gerhardy,et al.  Extracting Herbrand disjunctions by functional interpretation , 2005, Arch. Math. Log..

[6]  Ivan Damgård,et al.  Unfair Noisy Channels and Oblivious Transfer , 2003 .

[7]  Stefan Wolf,et al.  Efficient oblivious transfer from any non-trivial binary-symmetric channel , 2002, Proceedings IEEE International Symposium on Information Theory,.

[8]  Olivier Danvy,et al.  A functional correspondence between monadic evaluators and abstract machines for languages with computational effects , 2003, Theor. Comput. Sci..

[9]  Christian Kirkegaard,et al.  A Runtime System for XML Transformations in Java , 2003 .

[10]  Silvio Micali,et al.  How to play ANY mental game , 1987, STOC.

[11]  Silvio Micali,et al.  Proofs that yield nothing but their validity and a methodology of cryptographic protocol design , 1986, 27th Annual Symposium on Foundations of Computer Science (sfcs 1986).

[12]  Joe Kilian,et al.  Founding crytpography on oblivious transfer , 1988, STOC '88.

[13]  Ivan Damgård,et al.  On the (Im)possibility of Basing Oblivious Transfer and Bit Commitment on Weakened Security Assumptions , 1998, EUROCRYPT.

[14]  David Chaum,et al.  Multiparty Computations Ensuring Privacy of Each Party's Input and Correctness of the Result , 1987, CRYPTO.

[15]  Kirill Morozov,et al.  Generalized Oblivious Transfer Protocols Based on Noisy Channels , 2001, MMM-ACNS.

[16]  Dominic Mayers Unconditionally secure quantum bit commitment is impossible , 1997 .

[17]  Bas Luttik,et al.  CCS with Hennessy's merge has no finite-equational axiomatization , 2005, Theor. Comput. Sci..

[18]  Kim G. Larsen,et al.  Regular languages definable by Lindström quantifiers , 2003, RAIRO Theor. Informatics Appl..

[19]  Joe Kilian,et al.  Achieving oblivious transfer using weakened security assumptions , 1988, [Proceedings 1988] 29th Annual Symposium on Foundations of Computer Science.

[20]  Luca Aceto,et al.  Nested Semantics over Finite Trees are Equationally Hard: Invited Talk , 2003, EXPRESS.

[21]  Ran Canetti,et al.  Universally composable security: a new paradigm for cryptographic protocols , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[22]  Claude Crépeau,et al.  Efficient Cryptographic Protocols Based on Noisy Channels , 1997, EUROCRYPT.