On top of the passively secure extension protocol of [IKNP03] we build
a new construction secure against active adversaries.
We can replace the invocation of the hash function that is used
to check the receiver is well-behaved with the XOR of bit strings.
This is possible by applying a cut-and-choose
technique on the length of the bit strings that the receiver sends
in the reversed OT. We also improve on the number
of seeds required for the extension, both asymptotically and practically.
Moreover, the protocol used to test receiver\u27s behaviour enjoys
unconditional security

Enrique Larraia

Abstract. On top of the passively secure extension protocol of [IKNP03] we build a new construction secure against active adversaries. We can replace the invocation of the hash function that is used to check the receiver is well-behaved with the XOR of bit strings. This is pos-sible by applying a cut-and-choose technique on the length of the bit strings that the receiver sends in the reversed OT. We also improve on the number of seeds required for the extension, both asymptotically and practically. Moreover, the protocol used to test receiver’s behaviour en-joys unconditional security. 

Extending Oblivious Transfer Efficiently, or - How to get active security with constant cryptographic overhead

Abstract

Similar works

Full text

Available Versions

CiteSeerX

Cryptology ePrint Archive