Abstract
Building on a previous important work of Cachin, Crépeau, and Marcil [15], we present a provably secure and more efficient protocol for (2 1)-Oblivious Transfer with a storage-bounded receiver. A public random string of n bits long is employed, and the protocol is secure against any receiver who can store γn bits, γ < 1. Our work improves the work of CCM [15] in two ways. First, the CCM protocol requires the sender and receiver to store O(n c) bits, c ~ 2/3. We give a similar but more efficient protocol that just requires the sender and receiver to store O(√kn) bits, where k is a security parameter. Second, the basic CCM Protocol was proved in [15] to guarantee that a dishonest receiver who can store O(n) bits succeeds with probability at most O(n ™d), d ~ 1/3, although repitition of the protocol can make this probability of cheating exponentially small [20]. Combining the methodologies of [24] and [15], we prove that in our protocol, a dishonest storage-bounded receiver succeeds with probability only 2™O(k), without repitition of the protocol. Our results answer an open problem raised by CCM in the affirmative.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Y. Aumann and M. O. Rabin. Information Theoretically Secure Communication in the Limited Storage Space Model. In Advances in Cryptology-CRYPTO’ 99, pages 65–79, 1999.
Y. Aumann, Y. Z. Ding, and M. O. Rabin. Everlasting Security in the Bounded Storage Model. Accepted to IEEE Transactions on Information Theory, 2001.
Y. Aumann and U. Feige. One message proof systems with known space verifier. In Advances in Cryptology-CRYPTO’ 93, pages 85–99, 1993.
Y. Aumann and M. O. Rabin. Clock Construction in Fully Asynchronous Parallel Systems and PRAM Simulation. TCS, 128(1):3–30, 1994.
D. Beaver. Commoditiy-Based Cryptography. In Proc. 29th ACM Symposium on Theory of Computing, pages 446–455, 1997.
M. Bellare and S. Micali. Non-interactive oblivious transfer and applications. In Advances in Cryptology-CRYPTO’ 89, pages 200–215, 1989.
C. H. Bennett, G. Brassard, C. Cr’épeau, and M.H. Skubiszewska. Practical quantum oblivious transfer protocols. In Advances in Cryptology-CRYPTO’ 91, pages 351–366, 1991.
M. Blum. How to exchange (secret) keys. ACM Transactions of Computer Systems, 1(20): 175–193, 1983.
G. Brassard and C. Crépeau. Oblivious transfers and privacy amplification. In Advances in Cryptology-EUROCRYPT’ 97, pages 334–347, 1997.
G. Brassard, C. Crépeau, and J-M. Roberts. Information theoretic reductions among disclosure problems. In Proc. 27th IEEE Symposium on the Foundations of Computer Science, pages 168–173, 1986.
G. Brassard, C. Crépeau, and J-M. Roberts. All-or-nothing disclosure of secrets. In Advances in Cryptology-CRYPTO’ 86, pages 234–238, 1986.
G. Brassard, C. Crépeau, and M. Sántha. Oblivious transfers and intersecting codes. IEEE Transactions on Information Theory, 42(6): 1769–80, 1996.
C. Cachin. Entropy Measures and Unconditional Security in Cryptography, volume 1 of ETH Series in Information Security and Cryptography. Hartun-Gorre Verlag, Konstanz, Germany, 1997.
C. Cachin. On the foundations of oblivious transfer. In Advances in Cryptology-EUROCRYPT’ 98, pages 361–374, 1998.
C. Cachin, C. Crépeau, and J. Marcil. Oblivious transfer with a memory-bounded receiver. In Proc. 39th IEEE Symposium on Foundations of Computer Science, pages 493–502, 1998.
C. Cachin and U. Maurer. Unconditional security against memory bounded adversaries. In Advances in Cryptology-CRYPTO’ 97, pages 292–306, 1997.
A. Condon. Bounded Space Probabilistic Games. JACM, 38(2):472–494, 1991.
A. Condon, and R. Ladner. Probabilistic Game Automata. JCSS, 36(3):452–489, 1987.
C. Crépeau. Equivalence between two flavours of oblivious transfer. In Advances in Cryptology-CRYPTO’ 87, pages 351–368, 1987.
C. Crépeau and J. Kilian. Achieving oblivious transfer using weakened security assumptions. In Proc. 29th IEEE Symposium on the Foundations of Computer Science, 42–52, 1988.
C. Crépeau and M. Sántha. On the reversibility of oblivious transfer. In Advances in Cryptology-EUROCRYPT’ 91, pages 106–113, 1991.
C. Crépeau, J. van de Graff, and A. Tapp. Committed oblivious transfer and private multi-party computations. In Advances in Cryptology-CRYPTO’ 95, pages 110–123, 1995.
A. De-Santis, G. Persiano, and M. Yung. One-message statistical zero-knowledge proofs with space-bounded verifier. In Proc. 19th ICALP, pages 28–40, 1992.
Y. Z. Ding and M. O. Rabin. Provably Secure and Non-Malleable Encryption. To appear, 2001.
Y. Dodis and S. Micali. Lower bounds for oblivious transfer reductions. In Advances in Cryptology-EUROCRYPT’ 99, pages 42–55, 1999.
C. Dwork and L. J. Stockmeyer. Finite State Verifiers I: The Power of Interaction. JA CM 39(4): 800–828, 1992
C. Dwork and L. J. Stockmeyer. Finite State Verifiers II: Zero Knowledge. JACM 39(4): 829–858, 1992.
S. Even, O. Goldreich, and A. Lempel. A randomized protocol for signing contracts. In Advances in Cryptology-CRYPTO’ 82, pages 205–210, 1982.
J. A. Garay and P. Mackenzie. Concurrent Oblivious Transfer. In Proc. 41th IEEE Symposium on the Foundations of Computer Science, pages 314–324, 2000.
O. Goldreich, S. Micali, and A. Wigderson. How to play any mental game or a completeness theorem for protocols with honest majority. In Proc. 19th ACM Symposium on Theory of Computing, pages 218–229, 1987.
O. Goldreich and R. Vainish. How to solve any protocol problem-an efficiency improvement. In Advances in Cryptology-CRYPTO’ 87, pages 73–86, 1987.
S. Goldwasser and L. Levin. Fair Computation of General Functions in Presence of Immoral Majority. In Advances in Cryptology-CRYPTO’ 90, pages 77–93, 1990.
J. Kilian. Founding cryptography on oblivious transfer. In Proc. 20th ACM Symposium on Theory of Computing, pages 20–31, 1988.
J. Kilian. Zero-knowledge with Log-Space Verifiers. In Proc. 29th IEEE Symposium on the Foundations of Computer Science, pages 25–35, 1988.
J. Kilian. A general completeness theorem for two-party games. In Proc. 23th ACM Symposium on Theory of Computing, pages 553–560, 1991.
J. Kilian, E. Kushilevitz, S. Micali, and R. Ostrovsky. Reducibility and completeness in private computations. SIAM Journal on Computing, 29(4): 1189–1208, 2000.
U. Maurer. Conditionally-perfect secrecy and a provably-secure randomized cipher. Journal of Cryptology, 5(1):53–66, 1992.
U. Maurer. Secret key agreement by public discussion from common information. IEEE Transactions on Information Theory, 39(3):733–742, 1993.
U. Maurer and S. Wolf. Toward characterizing when information-theoretic secret key agreement is possible. In Advances in Cryptology-ASIACRYPT’96, pages 196–209, 1996.
U. Maurer. Information-theoretically secure secret-key agreement by NOT authenticated public discussion. Advances in Cryptology-EUROCRYPT’ 97, pages 209–225, 1997.
U. Maurer and S. Wolf. Unconditional secure key agreement and the intrinsic conditional information. IEEE Transaction on Information Theory, 45(2): 499–514, 1999.
U. Maurer and S. Wolf. Information-Theoretic Key Agreement: From Weak to Strong Secrecy for Free. In Advances in Cryptology-EUROCRYPT’ 00, pages 351–368, 2000.
M. Naor, R. Ostrovsky, R. Venkatesan, and M. Yung. Perfect zero-knowledge arguments for NP using any one-way function. Journal of Cryptology, 11(2): 87–108, 1998.
M. Naor and B. Pinkas. Distributed Oblivious Transfer. In Advances in Cryptology-ASIACRYPT’ 00, pages 205–219, 2000.
N. Nisan. Pseudorandom generators for space-bounded computation. In Proc. 22rd ACM Symposium on Theory of Computing, pages 204–212, 1990.
N. Nisan and D. Zuckerman. Randomness is linear in space. JCSS 52(1): 43–52, 1996.
M. O. Rabin. How to exchange secrets by oblivious transfer. Technical Report TR-81, Harvard University, 1981.
M. O. Rabin. Transaction Protection by Beacons. JCSS 27(2): 256–267, 1983.
R. Rivest. Unconditionally Secure Commitment and Oblivious Transfer Schemes Using Private Channels and a Trusted Initializer. Manuscript, 1999.
P. W. Shor. Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM J. Computing, 26(5): 1484–1509, 1997.
L. G. Valiant and V. V. Vazirani. NP is as easy as detecting unique solutions. In Proc. ACM Symposium on Theory of Computing, pages 458–463, 1985.
A. C. Yao. How to generate and exchange secrets. In Proc. 27th IEEE Symposium on the Foundations of Computer Science, pages 162–167, 1986.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2001 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Ding, Y.Z. (2001). Oblivious Transfer in the Bounded Storage Model. In: Kilian, J. (eds) Advances in Cryptology — CRYPTO 2001. CRYPTO 2001. Lecture Notes in Computer Science, vol 2139. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-44647-8_9
Download citation
DOI: https://doi.org/10.1007/3-540-44647-8_9
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-42456-7
Online ISBN: 978-3-540-44647-7
eBook Packages: Springer Book Archive