One-Out-of-q OT Combiners.
IEEE Trans. Inf. Theory(2024)
摘要
In 1-
out-of-q Oblivious Transfer (OT)
protocols, a sender Alice is able to send one of
q
≥ 2 messages to a receiver Bob, all while being oblivious to which message was transferred. Moreover, the receiver learns only one of these messages.
Oblivious Transfer combiners
take
n
instances of OT protocols as input, and produce an OT protocol that is secure if sufficiently many of the
n
original OT instances are secure. We present new 1-out-of-
q
OT combiners that are perfectly secure against active adversaries. Our combiners arise from secret sharing techniques. We show that given an F
q
-linear secret sharing scheme on a set of
n
participants and adversary structure
A
, we can construct an
n
-server, 1-out-of-
q
OT combiner that is secure against an adversary corrupting either Alice and a set of servers in
A
, or Bob and a set of servers
B
with
B
∉
A
. If the normalized total share size of the scheme is ℓ, then the resulting OT combiner requires ℓ calls to OT protocols, and the total amount of bits exchanged during the protocol is (
q
2
+
q
+1)ℓ log
q
. We also present a construction based on 1-out-of-2 OT combiners that uses the protocol of Crépeau, Brassard and Robert (FOCS 1986). This construction provides smaller communication costs for certain adversary structures, such as threshold ones: For any prime power
q
≥
n
, there are
n
-server, 1-out-of-
q
OT combiners that are perfectly secure against active adversaries corrupting either Alice or Bob, and a minority of the OT candidates, exchanging
O
(
qn
log
q
) bits in total.
更多查看译文
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要