39,968 research outputs found
The relationship between two flavors of oblivious transfer at the quantum level
Though all-or-nothing oblivious transfer and one-out-of-two oblivious
transfer are equivalent in classical cryptography, we here show that due to the
nature of quantum cryptography, a protocol built upon secure quantum
all-or-nothing oblivious transfer cannot satisfy the rigorous definition of
quantum one-out-of-two oblivious transfer.Comment: 4 pages, no figur
The Oblivious Transfer Capacity of the Wiretapped Binary Erasure Channel
We consider oblivious transfer between Alice and Bob in the presence of an
eavesdropper Eve when there is a broadcast channel from Alice to Bob and Eve.
In addition to the secrecy constraints of Alice and Bob, Eve should not learn
the private data of Alice and Bob. When the broadcast channel consists of two
independent binary erasure channels, we derive the oblivious transfer capacity
for both 2-privacy (where the eavesdropper may collude with either party) and
1-privacy (where there are no collusions).Comment: This is an extended version of the paper "The Oblivious Transfer
Capacity of the Wiretapped Binary Erasure Channel" to be presented at ISIT
201
Spacetime-constrained oblivious transfer
In 1-out-of-2 oblivious transfer (OT), Alice inputs numbers x_0, x_1, Bob
inputs a bit b and outputs x_b. Secure OT requires that Alice and Bob learn
nothing about b and x_{\bar{b}}, respectively. We define spacetime-constrained
oblivious transfer (SCOT) as OT in Minkowski spacetime in which Bob must output
x_b within R_b, where R_0 and R_1 are fixed spacelike separated spacetime
regions. We show that unconditionally secure SCOT is impossible with classical
protocols in Minkowski (or Galilean) spacetime, or with quantum protocols in
Galilean spacetime. We describe a quantum SCOT protocol in Minkowski spacetime,
and we show it unconditionally secure.Comment: Improved theorem on the impossibility of classical SCOT to allow for
small errors. Figure added and discussion extended in response to referee
comments. Protocol and security proof unaltered. Final versio
Composable Security in the Bounded-Quantum-Storage Model
We present a simplified framework for proving sequential composability in the
quantum setting. In particular, we give a new, simulation-based, definition for
security in the bounded-quantum-storage model, and show that this definition
allows for sequential composition of protocols. Damgard et al. (FOCS '05,
CRYPTO '07) showed how to securely implement bit commitment and oblivious
transfer in the bounded-quantum-storage model, where the adversary is only
allowed to store a limited number of qubits. However, their security
definitions did only apply to the standalone setting, and it was not clear if
their protocols could be composed. Indeed, we first give a simple attack that
shows that these protocols are not composable without a small refinement of the
model. Finally, we prove the security of their randomized oblivious transfer
protocol in our refined model. Secure implementations of oblivious transfer and
bit commitment then follow easily by a (classical) reduction to randomized
oblivious transfer.Comment: 21 page
- …