Universally Composable Oblivious Transfer Based on a Variant of LPN

Oblivious transfer OT is a fundamental two-party cryptographic primitive that implies secure multiparty computation. In this paper, we introduce the first OT based on the Learning Parity with Noise LPN problem. More specifically, we use the LPN variant that was introduced by Alekhnovich FOCS 2003. We prove that our protocol is secure against active static adversaries in the Universal Composability framework in the common reference string model. Our constructions are based solely on a LPN style assumption and thus represents a clear next step from current code-based OT protocols, which require an additional assumption related to the indistinguishability of public keys from random matrices. Our constructions are inspired by the techniques used to obtain OT based on the McEliece cryptosystem.

[1]  Ran Canetti,et al.  Universally Composable Commitments , 2001, CRYPTO.

[2]  Marc Fischlin,et al.  Topics in Cryptology – CT-RSA 2009 , 2009 .

[3]  Kaoru Kurosawa,et al.  Public-Key Cryptography – PKC 2013 , 2013, Lecture Notes in Computer Science.

[4]  Moni Naor,et al.  Efficient oblivious transfer protocols , 2001, SODA '01.

[5]  Michael O. Rabin,et al.  How To Exchange Secrets with Oblivious Transfer , 2005, IACR Cryptol. ePrint Arch..

[6]  Ran Canetti,et al.  Universal Composition with Joint State , 2003, CRYPTO.

[7]  Nico Döttling,et al.  IND-CCA Secure Cryptography Based on a Variant of the LPN Problem , 2012, ASIACRYPT.

[8]  Michael Alekhnovich More on Average Case vs Approximation Complexity , 2011, computational complexity.

[9]  Ran Canetti,et al.  Universally composable security: a new paradigm for cryptographic protocols , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[10]  Helger Lipmaa New Communication-Efficient Oblivious Transfer Protocols Based on Pairings , 2008, ISC.

[11]  Martijn Stam Beyond Uniformity: Better Security/Efficiency Tradeoffs for Compression Functions , 2008, CRYPTO.

[12]  Claude Cripeaut Equivalence Between Two Flavours of Oblivious Transfers , 1988 .

[13]  Yehuda Lindell,et al.  Efficient Fully-Simulatable Oblivious Transfer , 2008, Chic. J. Theor. Comput. Sci..

[14]  Jeroen van de Graaf,et al.  Committed Oblivious Transfer and Private Multi-Party Computation , 1995, CRYPTO.

[15]  Aggelos Kiayias,et al.  Self Protecting Pirates and Black-Box Traitor Tracing , 2001, CRYPTO.

[16]  Stephen Wiesner,et al.  Conjugate coding , 1983, SIGA.

[17]  Oded Goldreich,et al.  More Constructions of Lossy and Correlation-Secure Trapdoor Functions , 2010, Journal of Cryptology.

[18]  Aggelos Kiayias,et al.  Multi-query Computationally-Private Information Retrieval with Constant Communication Rate , 2010, Public Key Cryptography.

[19]  Stephan Krenn,et al.  Commitments and Efficient Zero-Knowledge Proofs from Learning Parity with Noise , 2012, ASIACRYPT.

[20]  Yehuda Lindell,et al.  Universally composable two-party and multi-party secure computation , 2002, STOC '02.

[21]  Vitaly Shmatikov,et al.  Efficient Two-Party Secure Computation on Committed Inputs , 2007, EUROCRYPT.

[22]  Juan A. Garay Efficient and Universally Composable Committed Oblivious Transfer and Applications , 2004, TCC.

[23]  Rafail Ostrovsky,et al.  Cryptography with constant computational overhead , 2008, STOC.

[24]  Harald Niederreiter,et al.  Probability and computing: randomized algorithms and probabilistic analysis , 2006, Math. Comput..

[25]  Martijn Stam,et al.  Understanding Adaptivity: Random Systems Revisited , 2012, ASIACRYPT.

[26]  Oded Goldreich,et al.  A randomized protocol for signing contracts , 1985, CACM.

[27]  Anderson C. A. Nascimento,et al.  A CCA2 Secure Public Key Encryption Scheme Based on the McEliece Assumptions in the Standard Model , 2009, CT-RSA.

[28]  Anderson C. A. Nascimento,et al.  Oblivious Transfer Based on the McEliece Assumptions , 2008, ICITS.

[29]  Cong Wang,et al.  Practical Fully Simulatable Oblivious Transfer with Sublinear Communication , 2013, Financial Cryptography.

[30]  Iftach Haitner,et al.  Semi-honest to Malicious Oblivious Transfer - The Black-Box Way , 2008, TCC.

[31]  Yuval Ishai,et al.  Priced Oblivious Transfer: How to Sell Digital Goods , 2001, EUROCRYPT.

[32]  Silvio Micali,et al.  Non-Interactive Oblivious Transfer and Applications , 1989, CRYPTO.

[33]  Moni Naor Advances in Cryptology - EUROCRYPT 2007, 26th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Barcelona, Spain, May 20-24, 2007, Proceedings , 2007, EUROCRYPT.

[34]  Silvio Micali,et al.  Probabilistic Encryption , 1984, J. Comput. Syst. Sci..

[35]  Michael Wiener,et al.  Advances in Cryptology — CRYPTO’ 99 , 1999 .

[36]  Joseph Bonneau,et al.  What's in a Name? , 2020, Financial Cryptography.

[37]  Yehuda Lindell,et al.  More Efficient Constant-Round Multi-Party Computation from BMR and SHE , 2016, IACR Cryptol. ePrint Arch..

[38]  Dan Boneh,et al.  Advances in Cryptology - CRYPTO 2003 , 2003, Lecture Notes in Computer Science.

[39]  Joe Kilian,et al.  Founding crytpography on oblivious transfer , 1988, STOC '88.

[40]  Shlomo Shamai,et al.  Information Theoretic Security , 2009, Found. Trends Commun. Inf. Theory.

[41]  Anderson C. A. Nascimento,et al.  Universally Composable Oblivious Transfer from Lossy Encryption and the McEliece Assumptions , 2012, ICITS.

[42]  Eike Kiltz,et al.  Secure Hybrid Encryption from Weakened Key Encapsulation , 2007, CRYPTO.

[43]  Kazukuni Kobara,et al.  Semantic security for the McEliece cryptosystem without random oracles , 2008, Des. Codes Cryptogr..

[44]  Yael Tauman Kalai,et al.  Smooth Projective Hashing and Two-Message Oblivious Transfer , 2005, Journal of Cryptology.

[45]  Nico Döttling,et al.  A CCA2 Secure Variant of the McEliece Cryptosystem , 2012, IEEE Transactions on Information Theory.

[46]  Ivan Damgård,et al.  Essentially Optimal Universally Composable Oblivious Transfer , 2009, ICISC.

[47]  Yuval Ishai,et al.  Founding Cryptography on Oblivious Transfer - Efficiently , 2008, CRYPTO.

[48]  Silvio Micali,et al.  How to play ANY mental game , 1987, STOC.

[49]  Brent Waters,et al.  A Framework for Efficient and Composable Oblivious Transfer , 2008, CRYPTO.

[50]  Jonathan Katz,et al.  Efficient, Adaptively Secure, and Composable Oblivious Transfer with a Single, Global CRS , 2013, Public Key Cryptography.

[51]  Yehuda Lindell,et al.  Black-box constructions for secure computation , 2006, STOC '06.

[52]  Robert J. McEliece,et al.  A public key cryptosystem based on algebraic coding theory , 1978 .

[53]  Tal Malkin Topics in Cryptology - CT-RSA 2008, The Cryptographers' Track at the RSA Conference 2008, San Francisco, CA, USA, April 8-11, 2008. Proceedings , 2008, CT-RSA.

[54]  Carl Pomerance,et al.  Advances in Cryptology — CRYPTO ’87 , 2000, Lecture Notes in Computer Science.

[55]  Tal Malkin,et al.  Simple, Black-Box Constructions of Adaptively Secure Protocols , 2009, TCC.

[56]  Peter W. Shor,et al.  Algorithms for quantum computation: discrete logarithms and factoring , 1994, Proceedings 35th Annual Symposium on Foundations of Computer Science.

[57]  Yehuda Lindell,et al.  On the Limitations of Universally Composable Two-Party Computation without Set-up Assumptions , 2003, EUROCRYPT.