TY - GEN
T1 - Reducing complexity assumptions for oblivious transfer
AU - Cheong, K. Y.
AU - Koshiba, Takeshi
PY - 2009/12/1
Y1 - 2009/12/1
N2 - Reducing the minimum assumptions needed to construct various cryptographic primitives is an important and interesting task in theoretical cryptography. Oblivious transfer, one of the most basic cryptographic building blocks, could be also studied under this scenario. Reducing the minimum assumptions for oblivious transfer seems not an easy task, as there are a few impossibility results under black-box reductions. Until recently, it is widely believed that oblivious transfer can be constructed with trapdoor permutations. Goldreich pointed out some flaw in the folklore and introduced some enhancement to cope with the flaw. Haitner then revised the enhancement more properly. As a consequence they showed that some additional properties for trapdoor permutations are necessary to construct oblivious transfers. In this paper, we discuss possibilities of basing not on trapdoor permutations but on trapdoor functions in general. We generalize previous results and give an oblivious transfer protocol based on a collection of trapdoor functions with some extra properties with respect to the length-expansion and the pre-image size. We discuss that our reduced assumption is almost minimal and show the necessity for the extra properties.
AB - Reducing the minimum assumptions needed to construct various cryptographic primitives is an important and interesting task in theoretical cryptography. Oblivious transfer, one of the most basic cryptographic building blocks, could be also studied under this scenario. Reducing the minimum assumptions for oblivious transfer seems not an easy task, as there are a few impossibility results under black-box reductions. Until recently, it is widely believed that oblivious transfer can be constructed with trapdoor permutations. Goldreich pointed out some flaw in the folklore and introduced some enhancement to cope with the flaw. Haitner then revised the enhancement more properly. As a consequence they showed that some additional properties for trapdoor permutations are necessary to construct oblivious transfers. In this paper, we discuss possibilities of basing not on trapdoor permutations but on trapdoor functions in general. We generalize previous results and give an oblivious transfer protocol based on a collection of trapdoor functions with some extra properties with respect to the length-expansion and the pre-image size. We discuss that our reduced assumption is almost minimal and show the necessity for the extra properties.
KW - oblivious transfer
KW - trapdoor one-way functions
UR - http://www.scopus.com/inward/record.url?scp=77956313499&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=77956313499&partnerID=8YFLogxK
U2 - 10.1007/978-3-642-04846-3_8
DO - 10.1007/978-3-642-04846-3_8
M3 - Conference contribution
AN - SCOPUS:77956313499
SN - 3642048455
SN - 9783642048456
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 110
EP - 124
BT - Advances in Information and Computer Security - 4th International Workshop on Security, IWSEC 2009, Proceedings
T2 - 4th International Workshop on Security, IWSEC 2009
Y2 - 28 October 2009 through 30 October 2009
ER -