Advertisement

Oblivious-Transfer Amplification

  • Jürg Wullschleger
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4515)

Abstract

Oblivious transfer (OT) is a primitive of paramount importance in cryptography or, more precisely, two- and multi-party computation due to its universality. Unfortunately, OT cannot be achieved in an unconditionally secure way for both parties from scratch. Therefore, it is a natural question what information-theoretic primitives or computational assumptions OT can be based on.

The results in our paper are threefold. First, we give an optimal proof for the standard protocol to realize unconditionally secure OT from a weak variant of OT called universal OT, for which a malicious receiver can virtually obtain any possible information he wants, as long as he does not get all the information. This result is based on a novel distributed leftover hash lemma which is of independent interest.

Second, we give conditions for when OT can be obtained from a faulty variant of OT called weak OT, for which it can occur that any of the parties obtains too much information, or the result is incorrect. These bounds and protocols, which correct on previous results by Damgård et. al., are of central interest since in most known realizations of OT from weak primitives, such as noisy channels, a weak OT is constructed first.

Finally, we carry over our results to the computational setting and show how a weak OT that is sometimes incorrect and is only mildly secure against computationally bounded adversaries can be strengthened.

Keywords

oblivious-transfer amplification universal oblivious transfer weak oblivious transfer computational weak oblivious transfer distributed leftover hash lemma hard-core lemma 

References

  1. 1.
    Beaver, D.: Foundations of secure interactive computing. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 377–391. Springer, Heidelberg (1992)Google Scholar
  2. 2.
    Beaver, D.: Precomputing oblivious transfer. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 97–109. Springer, Heidelberg (1995)Google Scholar
  3. 3.
    Bennett, C.H., Brassard, G., Crépeau, C., Maurer, U.: Generalized privacy amplification. IEEE Transactions on Information Theory 41 (1995)Google Scholar
  4. 4.
    Bennett, C.H., Brassard, G., Crépeau, C., Skubiszewska, M.-H.: Practical quantum oblivious transfer. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 351–366. Springer, Heidelberg (1992)Google Scholar
  5. 5.
    Bennett, C.H., Brassard, G., Robert, J.-M.: Privacy amplification by public discussion. SIAM Journal on Computing 17(2), 210–229 (1988)CrossRefMathSciNetGoogle Scholar
  6. 6.
    Brassard, G., Crépeau, C.: Oblivious transfers and privacy amplification. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 334–347. Springer, Heidelberg (1997)Google Scholar
  7. 7.
    Brassard, G., Crépeau, C., Wolf, S.: Oblivious transfers and privacy amplification. Journal of Cryptology 16(4), 219–237 (2003)zbMATHCrossRefMathSciNetGoogle Scholar
  8. 8.
    Cachin, C.: On the foundations of oblivious transfer. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 361–374. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  9. 9.
    Canetti, R.: Security and composition of multiparty cryptographic protocols. Journal of Cryptology 13(1), 143–202 (2000)zbMATHCrossRefMathSciNetGoogle Scholar
  10. 10.
    Carter, J.L., Wegman, M.N.: Universal classes of hash functions. Journal of Computer and System Sciences 18, 143–154 (1979)zbMATHCrossRefMathSciNetGoogle Scholar
  11. 11.
    Crépeau, C.: Efficient cryptographic protocols based on noisy channels. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 306–317. Springer, Heidelberg (1997)Google Scholar
  12. 12.
    Crépeau, C., Kilian, J.: Achieving oblivious transfer using weakened security assumptions (extended abstract). In: Proceedings of the 29th Annual IEEE Symposium on Foundations of Computer Science (FOCS ’88), pp. 42–52 (1988)Google Scholar
  13. 13.
    Crépeau, C., Morozov, K., Wolf, S.: Efficient unconditional oblivious transfer from almost any noisy channel. In: Blundo, C., Cimato, S. (eds.) SCN 2004. LNCS, vol. 3352, pp. 47–59. Springer, Heidelberg (2005)Google Scholar
  14. 14.
    Crépeau, C., Savvides, G., Schaffner, C., Wullschleger, J.: Information-theoretic conditions for two-party secure function evaluation. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 538–554. Springer, Heidelberg (2006), Full version available at http://eprint.iacr.org/2006/183 CrossRefGoogle Scholar
  15. 15.
    Damgård, I., Fehr, S., Morozov, K., Salvail, L.: Unfair noisy channels and oblivious transfer. In: Naor, M. (ed.) TCC 2004. LNCS, vol. 2951, pp. 355–373. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  16. 16.
    Damgard, I., Fehr, S., Salvail, L., Schaffner, C.: Cryptography in the bounded quantum-storage model. In: Proceedings of the 46th Annual IEEE Symposium on Foundations of Computer Science (FOCS ’05), pp. 449–458. IEEE Computer Society Press, Los Alamitos (2005)Google Scholar
  17. 17.
    Damgård, I., Kilian, J., Salvail, L.: On the (im)possibility of basing oblivious transfer and bit commitment on weakened security assumptions. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 56–73. Springer, Heidelberg (1999)Google Scholar
  18. 18.
    Even, S., Goldreich, O., Lempel, A.: A randomized protocol for signing contracts. Commun. ACM 28(6), 637–647 (1985)CrossRefMathSciNetGoogle Scholar
  19. 19.
    Goldreich, O., Micali, S., Wigderson, A.: How to play any mental game. In: Proceedings of the 21st Annual ACM Symposium on Theory of Computing (STOC ’87), pp. 218–229. ACM Press, New York (1987)Google Scholar
  20. 20.
    Haitner, I.: Implementing oblivious transfer using collection of dense trapdoor permutations. In: Naor, M. (ed.) TCC 2004. LNCS, vol. 2951, pp. 394–409. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  21. 21.
    Haitner, I., Harnik, D., Reingold, O.: On the power of the randomized iterate. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 22–40. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  22. 22.
    Harnik, D., Kilian, J., Naor, M., Reingold, O., Rosen, A.: On robust combiners for oblivious transfer and other primitives. In: Cramer, R.J.F. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 96–113. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  23. 23.
    Harnik, D., Naor, M., Reingold, O., Rosen, A.: Completeness in two-party secure computation: a computational view. In: Proceedings of the 36th Annual ACM Symposium on Theory of Computing (STOC ’04), pp. 252–261. ACM Press, New York (2004)Google Scholar
  24. 24.
    Håstad, J.: Pseudo-random generators under uniform assumptions. In: Proceedings of the 22st Annual ACM Symposium on Theory of Computing (STOC ’90), pp. 395–404. ACM Press, New York (1990)Google Scholar
  25. 25.
    Håstad, J., Impagliazzo, R., Levin, L.A., Luby, M.: A pseudorandom generator from any one-way function. SIAM J. Comput. 28(4), 1364–1396 (1999)zbMATHCrossRefMathSciNetGoogle Scholar
  26. 26.
    Holenstein, T.: Key agreement from weak bit agreement. In: Proceedings of the 37th ACM Symposium on Theory of Computing (STOC ’05), pp. 664–673. ACM Press, New York (2005)Google Scholar
  27. 27.
    Holenstein, T.: Strengthening key agreement using hard-core sets. PhD thesis, ETH Zurich, Switzerland (2006), Reprint as vol. 7 of ETH Series in Information Security and Cryptography, Hartung-Gorre VerlagGoogle Scholar
  28. 28.
    Holenstein, T., Renner, R.: One-way secret-key agreement and applications to circuit polarization and immunization of public-key encryption. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 478–493. Springer, Heidelberg (2005)Google Scholar
  29. 29.
    Impagliazzo, R.: Hard-core distributions for somewhat hard problems. In: Proceedings of the 36th Annual IEEE Symposium on Foundations of Computer Science (FOCS ’95), pp. 538–545. IEEE Computer Society Press, Los Alamitos (1995)Google Scholar
  30. 30.
    Impagliazzo, R., Levin, L.A., Luby, M.: Pseudo-random generation from one-way functions. In: Proceedings of the 21st Annual ACM Symposium on Theory of Computing (STOC ’89), pp. 12–24. ACM Press, New York (1989)Google Scholar
  31. 31.
    Impagliazzo, R., Luby, M.: One-way functions are essential for complexity based cryptography. In: Proceedings of the 30th Annual IEEE Symposium on Foundations of Computer Science (FOCS ’89), pp. 230–235 (1989)Google Scholar
  32. 32.
    Kilian, J.: Founding cryptography on oblivious transfer. In: Proceedings of the 20th Annual ACM Symposium on Theory of Computing (STOC ’88), pp. 20–31. ACM Press, New York (1988)Google Scholar
  33. 33.
    Meier, R., Przydatek, B., Wullschleger, J.: Robuster combiners for oblivious transfer. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 404–418. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  34. 34.
    Micali, S., Rogaway, P.: Secure computation. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 392–404. Springer, Heidelberg (1992)Google Scholar
  35. 35.
    Nascimento, A., Winter, A.: On the oblivious transfer capacity of noisy correlations. In: Proceedings of the IEEE International Symposium on Information Theory, ISIT ’06 (2006)Google Scholar
  36. 36.
    Rabin, M.O.: How to exchange secrets by oblivious transfer. Technical Report TR-81, Harvard Aiken Computation Laboratory (1981)Google Scholar
  37. 37.
    Sahai, A., Vadhan, S.: Manipulating statistical difference. In: Randomization Methods in Algorithm Design (DIMACS Workshop ’97). DIMACS Series in Discrete Mathematics and Theoretical Computer Science, vol. 43, pp. 251–270. American Mathematical Society, Providence (1999)Google Scholar
  38. 38.
    Vadhan, S.: A study of statistical zero-knowledge proofs. PhD thesis, Massachusets Institute of Technology, USA (1999)Google Scholar
  39. 39.
    Wiesner, S.: Conjugate coding. SIGACT News 15(1), 78–88 (1983)CrossRefGoogle Scholar
  40. 40.
    Wolf, S., Wullschleger, J.: Zero-error information and applications in cryptography. In: Proceedings of 2004 IEEE Information Theory Workshop, ITW ’04 (2004)Google Scholar
  41. 41.
    Wullschleger, J.: Oblivious-Transfer Amplification. PhD thesis, ETH Zurich, Switzerland (2007)Google Scholar
  42. 42.
    Yao, A.C.: Protocols for secure computations. In: Proceedings of the 23rd Annual IEEE Symposium on Foundations of Computer Science (FOCS ’82), pp. 160–164 (1982)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2007

Authors and Affiliations

  • Jürg Wullschleger
    • 1
  1. 1.ETH ZürichSwitzerland

Personalised recommendations