Supersingular Isogeny Oblivious Transfer

We present an oblivious transfer (OT) protocol that combines the OT scheme of Chou and Orlandi together with thesupersingular isogeny Diffie-Hellman (SIDH) primitive of De Feo, Jao, and Pl\^ut. Our construction is a candidate for post-quantum secure OT and demonstrates that SIDH naturally supports OT functionality. We consider the protocol in the simplest configuration of $\binom{2}{1}$-OT and analyze the protocol to verify its security.Comment: 26 pages, 4 figures, Submitte

Oblivious transfer for secure communication

Over the past four decades, computational power and algorithmic strategies have advanced tremendously resulting in an enormous increase in the key sizes required for secure cryptosystems such as RSA. At the same time, the electronic devices have grown smaller and portable requiring algorithms running on them to be optimized in size and efficiency while providing security, at least, equivalent to that provided on a typical desktop computer. As a result, the industry is moving towards newer cryptosystems such as ECC and NTRU that are well suited for resource constrained environments. While, ECC claims to provide security equivalent to that of RSA for a fraction of key size, NTRU is inherently suited for embedded systems technology. However, implementation of new cryptosystems requires the development of protocols analogous to those developed using older cryptosystems. In this thesis, we fulfill a part of this requirement by providing protocols for Oblivious Transfer using ECC and NTRU. Oblivious Transfer, in turn, has applications in simultaneous contract signing, digital certified mail, simultaneous exchange of secrets, secure multiparty computations, private information retrieval, etc. Furthermore, we introduce the idea of basing Oblivious Transfer on public-key exchange protocols. The presentation in the thesis uses Diffie-Hellman Key Exchange, but the scheme is generalizable to any cryptosystem that has a public-key exchange strategy. In fact, our proposal may especially be suited for Quantum Cryptography where the security of key exchange protocols has been proven

When private set intersection meets big data : an efficient and scalable protocol

Large scale data processing brings new challenges to the design of privacy-preserving protocols: how to meet the increasing requirements of speed and throughput of modern applications, and how to scale up smoothly when data being protected is big. Efficiency and scalability become critical criteria for privacy preserving protocols in the age of Big Data. In this paper, we present a new Private Set Intersection (PSI) protocol that is extremely efficient and highly scalable compared with existing protocols. The protocol is based on a novel approach that we call oblivious Bloom intersection. It has linear complexity and relies mostly on efficient symmetric key operations. It has high scalability due to the fact that most operations can be parallelized easily. The protocol has two versions: a basic protocol and an enhanced protocol, the security of the two variants is analyzed and proved in the semi-honest model and the malicious model respectively. A prototype of the basic protocol has been built. We report the result of performance evaluation and compare it against the two previously fastest PSI protocols. Our protocol is orders of magnitude faster than these two protocols. To compute the intersection of two million-element sets, our protocol needs only 41 seconds (80-bit security) and 339 seconds (256-bit security) on moderate hardware in parallel mode

Actively Secure Two-Party Computation: Efficient Beaver Triple Generation

Töö kombineerib erinevaid ideid, et saavutada aktiivses mudelis turvalist kahe osapoolega ühisarvutust. Töö käigus defineerime Sharemindi raamistikku kaks uut turvaala. Kasutame aditiivset ühissalastust, sõnumiautentimisskeeme, aditiivselt homomorfset krüptosüsteemi ning nullteadmustõestusi. Protokollistikud jagame kahte osasse, vastavalt ettearvutamise ja töö faas. Ettearvutamise ajal valmistatakse ette juhuslikke väärtusi, mis võimaldavad töö faasis arvutusi kiirendada. Eelkõige keskendume korrutamise jaoks vajalike Beaveri kolmikute genereerimisele.This thesis combines currently popular ideas in actively secure multi-party computation to define two actively secure two-party protocol sets for Sharemind secure multi-party computation framework. This includes additive secret sharing, dividing work as online and precomputation phase, using Beaver triples for multiplication and using message authentication codes for integrity checks. Our protocols use additively homomorphic Paillier cryptosystem, especially in the precomputation phase. The thesis includes two different setups for secure two-party computation which are also implemented and compared to each other. In addition, we propose new ideas to use additively homomorphic cryptosystem to generate Beaver triples for any chosen modulus. The important aspects of Beaver triple generation are maximising the amount of useful bits we get from one generation and assuring that these triples are correct

Attribute Based Pseudonyms : Anonymous and Linkable Scoped Credentials

Attribute-based credentials (ABCs) provide an efficient way to transfer custody of personal and private data to the final user, while minimizing the risk of sensitive data revelation and thus granting anonymity. Nevertheless, this method cannot detect whether one attribute has been used more than once without compromising anonymity when the emitter and consumer collude with one another. The protocol proposed in this article deals with this issue by using a modification of ZSS pairing-based short signatures over elliptic curves and Verheul's self-blinded credentials scheme. Each user can generate an identifier (pseudonym) that is unique and verifiable by everyone in a given scope, without compromising anonymity. However, the identifier cannot be reused in the same scope, since such reuse would be detected

Simple Two-Round OT in the Explicit Isogeny Model

In this work we apply the Type-Safe (TS) generic group model, recently introduced by Zhandry (2022), to the more general setting of group actions and extend it to the universal composability (UC) framework of Canetti (2000). We then relax this resulting model, that we call UC-TS, to define an algebraic action framework (UC-AA), where the adversaries can behave algebraically, similarly to the algebraic group model (AGM), but for group actions. Finally, we instantiate UC-AA with isogeny-based assumptions, obtaining the Explicit-Isogeny model, UC-EI, and show that, under certain assumptions, UC-EI is less restricting that UC-AGM. We demonstrate the utility of our definitions by proving UC-EI security for the passive-secure protocol described by Lai et al. (2021), hence providing the first concretely efficient two-round isogeny-based OT protocol in the random oracle model against malicious adversaries