Sequences II pp 360-368 | Cite as

Efficient Reduction among Oblivious Transfer Protocols based on New Self-Intersecting Codes

  • Claude Crépeau
  • Miklós Sántha


A 1 2 -OT2 (one-out-of-two Bit Oblivious Transfer) is a technique by which a party S owning two secret bits b 0, b 1, can transfer one of them b c to another party R, who chooses c. This is done in a way that does not release any bias about b c to R nor any bias about c to S. One interesting extension of this transfer is the 1 2 -OT 1 k (one-out-of-two String O.T.) in which the two secrets q 0, q 1 are elements of GF k (2) instead of bits. A reduction of 1 2 -OT 1 k to 1 2 -OT2 presented in [BCR86] uses O(k lo 2 3) calls to 1 2 -OT2 and thus raises an interesting combinatorial question: how many calls to 1 2 -OT2 are necessary and sufficient to achieve a 1 2 -OT 1 k ?

In the current paper we answer this question quite precisely. We accomplish this reduction using Θ(k) calls to 1 2 -OT2. First, we show by probabilistic methods how to obtain such a reduction with probability essentially 1 and second, we give a deterministic polynomial time construction based on the algebraic codes of Goppa [Gop81].


Covariance Zink 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [BCR86]
    G. Brassard, C. Crépeau, and J.-M. Robert. Information theoretic reductions among disclosure problems. In 27th Symp. of Found, of Computer Sci., pages 168–173, IEEE, 1986.Google Scholar
  2. [BET78]
    E.R. Berlekamp, R.J. Mc Eliece, and H.C.A. Van Tilborg. On the inherent intractability of certain coding problems. IEEE Transaction on Information Theory, 384–386, 1978.Google Scholar
  3. [CK88]
    C. Crépeau and J. Kilian. Achieving oblivious transfer using weakened security assumptions. In 28 th Symp. on Found, of Computer Sci., pages 42–52, IEEE, 1988.Google Scholar
  4. [CL85]
    G. Cohen and A. Lempel. Linear intersecting codes. Discrete Mathematics, 56:35–43, 1985.MathSciNetMATHCrossRefGoogle Scholar
  5. [Cré88]
    C. Crépeau. Equivalence between two flavours of oblivious transfers (abstract). In C. Pomerance, editor, Advances in Cryptology: Proceedings of Crypto ’87, pages 350–354, Springer-Verlag, 1988.Google Scholar
  6. [Cré89]
    C. Crépeau. Verifiable disclosure of secrets and application. In Advances in Cryptology: Proceedings of Eurocrypt ’89, Springer-Verlag, 1989.Google Scholar
  7. [EGL83]
    S. Even, O. Goldreich, and A. Lempel. A randomized protocol for signing contracts. In R. L. Rivest, A. Sherman, and D. Chaum, editors, Proceedings CRYPTO 82, pages 205–210, Plenum Press, New York, 1983.Google Scholar
  8. [Gop81]
    V.D. Goppa. Codes on algebraic curves. Soviet Mathematical Dokl, 24(1):170–172, 1981.MATHGoogle Scholar
  9. [Kil88]
    J. Kilian. Founding cryptography on oblivious transfer. In Proc. 20th ACM Symposium on Theory of Computing, pages 20–31, ACM, Chicago, 1988.Google Scholar
  10. [KS83]
    G. Katona and J. Srivastava. Minimal 2-coverings of finite affine spaces based on GF(2). Journal of Statist. Plann. Inference, 8:375–388, 1983.MathSciNetMATHCrossRefGoogle Scholar
  11. [KTV84]
    G.L. Katsman, M.A. Tsfasman, and S.G. Vlădut. Modular curves and codes with a polynomial construction. IEEE Transaction on Information Theory, IT-30(2):353–355, 1984.CrossRefGoogle Scholar
  12. [Mik84]
    D. Miklós. Linear binary codes with intersecting properties. Discrete Applied Mathematics, 9(2):187–196, 1984.MathSciNetMATHCrossRefGoogle Scholar
  13. [MS77]
    F.J. Mac Williams and N.J.A. Sloane. The Theory of Error-Correcting Codes. North-Holland, 1977.Google Scholar
  14. [MV84]
    Yu.I. Manin and S.G. Vlădut. Linear codes and modular curves (in Russian). Soυr. Prob. Mat, VINITI, 1984.Google Scholar
  15. [Ret86]
    C.T. Retter. Intersecting goppa codes. 1986. manuscript.Google Scholar
  16. [TVZ82]
    M.A. Tsfasman, S.G. Vlădut, and Th. Zink. Modular curves, Shimura curves, and Goppa codes, better than Varshamov-Gilbert bound. Math. Nachr., 109:21–28, 1982.MathSciNetMATHCrossRefGoogle Scholar
  17. [Vaz87]
    U. Vazirani. Efficiency considerations in using semi-random sources. In Proc. 19th ACM Symposium on Theory of Computing, pages 160–168, ACM, New York City, 1987.Google Scholar

Copyright information

© Springer-Verlag New York, Inc. 1993

Authors and Affiliations

  • Claude Crépeau
    • 1
  • Miklós Sántha
    • 1
  1. 1.Laboratoire de Recherche en InformatiqueUniversité Paris-SudOrsayFrance

Personalised recommendations