Cut-and-Choose Bilateral Oblivious Transfer and Its Application

Oblivious transfer is a fundamental tool in cryptographic protocols, especially in secure two-party computation. In TCC 2011, Lindell and Pinkas proposed a variant called cut-and-choose oblivious transfer, which did a great job in solving the selective failure attack in secure two-party computation protocols based on cut-and-choose paradigm. In this paper, we present a new primitive called cut-and-choose bilateral oblivious transfer. As an extension to cut-and-choose oblivious transfer, in addition to overcoming the selective failure attack, this primitive also makes a contribution to reducing the round number of the protocols that invoke it. This is very important in the scenarios where interactions between parties are limited. Besides, the application of this primitive in the outer protocols enables us to present a more modular and clean high-level description of the protocol framework. Furthermore, we believe that the new primitive is of independent research interest itself and could be useful in many cut-and-choose scenarios. Based on homomorphic encryption, we construct an efficient instantiation of this primitive in malicious model, and present a formal rigorous proof of its security under ideal/real simulation paradigm.

[1]  Berry Schoenmakers,et al.  Efficient Committed Oblivious Transfer of Bit Strings , 2007, ISC.

[2]  Abhi Shelat,et al.  Simulatable Adaptive Oblivious Transfer , 2007, EUROCRYPT.

[3]  Brent Waters,et al.  A Framework for Efficient and Composable Oblivious Transfer , 2008, CRYPTO.

[4]  Berry Schoenmakers,et al.  A protocol issue for the malicious case of Yao's garbled circuit construction , 2006 .

[5]  Moni Naor,et al.  Efficient oblivious transfer protocols , 2001, SODA '01.

[6]  Michael O. Rabin,et al.  How To Exchange Secrets with Oblivious Transfer , 2005, IACR Cryptol. ePrint Arch..

[7]  Juan A. Garay Efficient and Universally Composable Committed Oblivious Transfer and Applications , 2004, TCC.

[8]  Yehuda Lindell,et al.  Secure Two-Party Computation via Cut-and-Choose Oblivious Transfer , 2010, IACR Cryptol. ePrint Arch..

[9]  Yuval Ishai,et al.  Extending Oblivious Transfers Efficiently , 2003, CRYPTO.

[10]  Claude Crépeau,et al.  Equivalence Between Two Flavours of Oblivious Transfers , 1987, CRYPTO.

[11]  Oded Goldreich,et al.  A randomized protocol for signing contracts , 1985, CACM.

[12]  Silvio Micali,et al.  Non-Interactive Oblivious Transfer and Applications , 1989, CRYPTO.

[13]  Andrew Chi-Chih Yao,et al.  How to generate and exchange secrets , 1986, 27th Annual Symposium on Foundations of Computer Science (sfcs 1986).

[14]  Moni Naor,et al.  Synthesizers and Their Application to the Parallel Construction of Pseudo-Random Functions , 1999, J. Comput. Syst. Sci..

[15]  Yehuda Lindell,et al.  An Efficient Protocol for Secure Two-Party Computation in the Presence of Malicious Adversaries , 2007, EUROCRYPT.

[16]  Oded Goldreich,et al.  Foundations of Cryptography: Volume 2, Basic Applications , 2004 .

[17]  Claudio Orlandi,et al.  A New Approach to Practical Active-Secure Two-Party Computation , 2012, IACR Cryptol. ePrint Arch..