Oblivious transfer based on the McEliece assumptions

Rafael Dowsley; Jeroen van de Graaf; Jörn Müller-Quade; Anderson C. A. Nascimento

doi:10.1587/transfun.E95.A.567

Oblivious transfer based on the McEliece assumptions

Rafael Dowsley, Jeroen van de Graaf, Jörn Müller-Quade, Anderson C. A. Nascimento

Research output: Contribution to journal › Article › Research › peer-review

4 Citations (Scopus)

Abstract

We implement one-out-of-two bit oblivious transfer (OT) based on the assumptions used in the McEliece cryptosystem: the hardness of decoding random binary linear codes, and the difficulty of distinguishing a permuted generating matrix of Goppa codes from a random matrix. To our knowledge this is the first OT reduction to these problems only. We present two different constructions for oblivious transfer, one based on cut-and-chose arguments and another one which is based on a novel generalization of Bennett-Rudich commitments which may be of independent interest. Finally, we also present a variant of our protocol which is based on the Niederreiter cryptosystem.

Original language	English
Pages (from-to)	567-575
Number of pages	9
Journal	IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
Volume	E95-A
Issue number	2
DOIs	https://doi.org/10.1587/transfun.E95.A.567
Publication status	Published - 2012
Externally published	Yes

Keywords

McEliece cryptosystem
Oblivious transfer
Post-quantum security

Access to Document

10.1587/transfun.E95.A.567

Cite this

@article{1e4a3267af444d1590881b0761d366ed,

title = "Oblivious transfer based on the McEliece assumptions",

abstract = "We implement one-out-of-two bit oblivious transfer (OT) based on the assumptions used in the McEliece cryptosystem: the hardness of decoding random binary linear codes, and the difficulty of distinguishing a permuted generating matrix of Goppa codes from a random matrix. To our knowledge this is the first OT reduction to these problems only. We present two different constructions for oblivious transfer, one based on cut-and-chose arguments and another one which is based on a novel generalization of Bennett-Rudich commitments which may be of independent interest. Finally, we also present a variant of our protocol which is based on the Niederreiter cryptosystem.",

keywords = "McEliece cryptosystem, Oblivious transfer, Post-quantum security",

author = "Rafael Dowsley and Graaf, {Jeroen van de} and J{\"o}rn M{\"u}ller-Quade and Nascimento, {Anderson C. A.}",

year = "2012",

doi = "10.1587/transfun.E95.A.567",

language = "English",

volume = "E95-A",

pages = "567--575",

journal = "IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences",

issn = "0916-8508",

publisher = "Institute of Electronics, Information and Communications Engineers (IEICE)",

number = "2",

}

TY - JOUR

T1 - Oblivious transfer based on the McEliece assumptions

AU - Dowsley, Rafael

AU - Graaf, Jeroen van de

AU - Müller-Quade, Jörn

AU - Nascimento, Anderson C. A.

PY - 2012

Y1 - 2012

N2 - We implement one-out-of-two bit oblivious transfer (OT) based on the assumptions used in the McEliece cryptosystem: the hardness of decoding random binary linear codes, and the difficulty of distinguishing a permuted generating matrix of Goppa codes from a random matrix. To our knowledge this is the first OT reduction to these problems only. We present two different constructions for oblivious transfer, one based on cut-and-chose arguments and another one which is based on a novel generalization of Bennett-Rudich commitments which may be of independent interest. Finally, we also present a variant of our protocol which is based on the Niederreiter cryptosystem.

AB - We implement one-out-of-two bit oblivious transfer (OT) based on the assumptions used in the McEliece cryptosystem: the hardness of decoding random binary linear codes, and the difficulty of distinguishing a permuted generating matrix of Goppa codes from a random matrix. To our knowledge this is the first OT reduction to these problems only. We present two different constructions for oblivious transfer, one based on cut-and-chose arguments and another one which is based on a novel generalization of Bennett-Rudich commitments which may be of independent interest. Finally, we also present a variant of our protocol which is based on the Niederreiter cryptosystem.

KW - McEliece cryptosystem

KW - Oblivious transfer

KW - Post-quantum security

UR - http://www.scopus.com/inward/record.url?scp=84856375659&partnerID=8YFLogxK

U2 - 10.1587/transfun.E95.A.567

DO - 10.1587/transfun.E95.A.567

M3 - Article

VL - E95-A

SP - 567

EP - 575

JO - IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences

JF - IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences

SN - 0916-8508

IS - 2

ER -

Oblivious transfer based on the McEliece assumptions

Abstract

Keywords

Access to Document

Other files and links

Research output

Oblivious transfer based on the McEliece assumptions

Cite this