Universally Composable Committed Oblivious Transfer With A Trusted Initializer
Resumo
Committed Oblivious Transfer (COT) is a two-party primitive that combines one-out-of-two oblivious transfer with bit commitment. In the beginning of COT, a sender is committed to bits b0, b1 and a receiver to a choice bit c. In the end, the receiver is committed to bc without learning anything about b1-c, while the sender learns nothing about c. This primitive implies secure multi-party computation assuming that a broadcast channel is available. In this paper, we introduce the first universally composable unconditionally secure committed oblivious transfer protocol based on a Trusted Initializer (TI), which pre-distributes data to the parties. Our protocol builds on simple bit commitment and oblivious transfer protocols, using XOR commitments to prove simple relations in zero-knowledge. Besides providing very high security guarantees, our protocols are significantly simpler and more efficient than previous results, since they rely on pre-computed operations distributed by the TI.
Referências
Beaver, D. (1998). Server-assisted cryptography. In Proceedings of the 1998 workshop on New security paradigms, NSPW ’98, pages 92–106, New York, NY, USA. ACM.
Blundo, C., Masucci, B., Stinson, D. R., and Wei, R. (2002). Constructions and bounds for unconditionally secure non-interactive commitment schemes. Des. Codes Cryptography, 26(1-3):97–110.
Cachin, C. and Camenisch, J. (2000). Optimistic fair secure computation. In Proceedings of the 20th Annual International Cryptology Conference on Advances in Cryptology, CRYPTO ’00, pages 93–111, London, UK, UK. Springer-Verlag.
Canetti, R. (2001). Universally composable security: A new paradigm for cryptographic protocols. In Proceedings of the 42nd IEEE symposium on Foundations of Computer Science, FOCS ’01, pages 136–, Washington, DC, USA. IEEE Computer Society.
Canetti, R. and Fischlin, M. (2001). Universally composable commitments. In Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology, CRYPTO ’01, pages 19–40, London, UK. Springer-Verlag.
Cramer, R. and Damgard, I. (1997). Linear zero-knowledge a note on efficient zeroknowledge proofs and arguments. In Proceedings of the twenty-ninth annual ACM symposium on Theory of computing, STOC ’97, pages 436–445, New York, NY, USA. ACM.
Crépeau, C., van de Graaf, J., and Tapp, A. (1995). Committed oblivious transfer and private multi-party computation. In Coppersmith, D., editor, CRYPTO, volume 963 of Lecture Notes in Computer Science, pages 110–123. Springer.
Estren, G. (2004). Universally composable committed oblivious transfer and multi-party computation assuming only basic black-box primitives. Master’s thesis, McGill University.
Garay, J. A., Mackenzie, P., and Yang, K. (2004). Efficient and universally composable committed oblivious transfer and applications. In Proceedings of the First Theory of Cryptography Conference (2004, pages 297–316. Springer-Verlag.
Goldreich, O., Micali, S., and Wigderson, A. (1987). How to play any mental game. In STOC ’87: Proceedings of the nineteenth annual ACM symposium on Theory of computing, pages 218–229, New York, NY, USA. ACM.
Hanaoka, G., Imai, H., M’uller-Quade, J., Nascimento, A., and Otsuka, A. (2003). Unconditionally secure homomorphic pre-distributed bit commitment. ICS 2003.
Jarecki, S. and Shmatikov, V. (2007). Efficient two-party secure computation on committed inputs. In Proceedings of the 26th annual international conference on Advances in Cryptology, EUROCRYPT ’07, pages 97–114, Berlin, Heidelberg. Springer-Verlag.
Kilian, J. (1988). Founding crytpography on oblivious transfer. In STOC ’88: Proceedings of the twentieth annual ACM symposium on Theory of computing, pages 20–31, New York, NY, USA. ACM.
Kilian, J. (1992). A note on efficient zero-knowledge proofs and arguments. Proceeding STOC ’92 Proceedings of the twenty-fourth annual ACM symposium on Theory of Computing, pages 723 – 732.
Lindell, Y., Oxman, E., and Pinkas, B. (2011). The ips compiler: Optimizations, variants and concrete efficiency. Advances in Cryptology–CRYPTO 2011, pages 259–276.
Peikert, C., Vaikuntanathan, V., and Waters, B. (2008). A framework for efficient and composable oblivious transfer. In Wagner, D., editor, Advances in Cryptology ? CRYPTO 2008, volume 5157 of Lecture Notes in Computer Science, pages 554–571. Springer Berlin / Heidelberg.
Rivest, R. L. (1999). Unconditionally secure commitment and oblivious transfer schemes using private channels and a trusted initializer. Preprint available at http://people.csail.mit.edu/rivest/Rivest-commitment.pdf.