An Information-Theoretically Secure Threshold Distributed Oblivious Transfer Protocol
The unconditionally secure Distributed Oblivious Transfer (DOT) protocol presented by Blundo, D’Arco, De Santis, and Stinson at SAC 2002 allows a receiver to contact k servers and obtain one out of n secrets held by a sender.
Once the protocol has been executed, the sender does not know which secret was selected by the receiver and the receiver knows nothing of the secrets she did not choose. In addition, the receiver’s privacy is guaranteed against a coalition of k − 1 servers and similarly, the sender’s security is guaranteed against a coalition of k − 1 servers. However, after the receiver has obtained a secret, she is able to learn all secrets by corrupting one server only. In addition, an external mechanism is required to prevent the receiver from contacting more than k servers.
The one-round DOT protocol we propose is information-theoretically secure, allows the receiver to contact k servers or more, and guarantees the sender’s security, even if the receiver corrupts k − 1 servers after having obtained a secret.
KeywordsCryptographic Protocol Distributed Oblivious Transfer Commodity Based Model Information-Theoretic Security
Unable to display preview. Download preview PDF.
- 1.Beaver, D.: Commodity-based cryptography. In: Proceedings of the Twenty-Ninth Annual ACM Symposium on Theory of Computing, pp. 446–455. ACM (1997)Google Scholar
- 3.Bennett, C.H., Brassard, G., Crépeau, C., Skubiszewska, M.-H.: Practical Quantum Oblivious Transfer. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 351–366. Springer, Heidelberg (1992)Google Scholar
- 9.Gao, S.: A new algorithm for decoding Reed-Solomon codes. In: Bhargava, V.K., Poor, H.V., Tarokh, V., Yoon, S. (eds.) Communications, Information and Network Security, pp. 55–68. Kluwer Academic Publishers (2003)Google Scholar
- 10.Gertner, Y., Malkin, T.: Efficient Distributed (n choose 1) Oblivious Transfer. Tech. rep., MIT Lab of Computer Science (1997)Google Scholar
- 13.Rabin, M.O.: How to Exchange Secrets with Oblivious Transfer. Tech. rep., Aiken Computation Lab, Harvard University (1981)Google Scholar
- 15.Rivest, R.L.: Unconditionally Secure Commitment and Oblivious Transfer Schemes Using Private Channels and a Trusted Initializer (1999) (unpublished manuscript)Google Scholar