Oblivious Transfer Based on the McEliece Assumptions
Summary :
We implement one-out-of-two bit oblivious transfer (OT) based on the assumptions used in the McEliece cryptosystem: the hardness of decoding random binary linear codes, and the difficulty of distinguishing a permuted generating matrix of Goppa codes from a random matrix. To our knowledge this is the first OT reduction to these problems only. We present two different constructions for oblivious transfer, one based on cut-and-chose arguments and another one which is based on a novel generalization of Bennett-Rudich commitments which may be of independent interest. Finally, we also present a variant of our protocol which is based on the Niederreiter cryptosystem.
- Publication
- IEICE TRANSACTIONS on Fundamentals Vol.E95-A No.2 pp.567-575
- Publication Date
- 2012/02/01
- Publicized
- Online ISSN
- 1745-1337
- DOI
- 10.1587/transfun.E95.A.567
- Type of Manuscript
- PAPER
- Category
- Cryptography and Information Security
Authors
Keyword
Latest Issue
Copyrights notice of machine-translated contents
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Cite this
Copy
Rafael DOWSLEY, Jeroen van de GRAAF, Jorn MULLER-QUADE, Anderson C. A. NASCIMENTO, "Oblivious Transfer Based on the McEliece Assumptions" in IEICE TRANSACTIONS on Fundamentals,
vol. E95-A, no. 2, pp. 567-575, February 2012, doi: 10.1587/transfun.E95.A.567.
Abstract: We implement one-out-of-two bit oblivious transfer (OT) based on the assumptions used in the McEliece cryptosystem: the hardness of decoding random binary linear codes, and the difficulty of distinguishing a permuted generating matrix of Goppa codes from a random matrix. To our knowledge this is the first OT reduction to these problems only. We present two different constructions for oblivious transfer, one based on cut-and-chose arguments and another one which is based on a novel generalization of Bennett-Rudich commitments which may be of independent interest. Finally, we also present a variant of our protocol which is based on the Niederreiter cryptosystem.
URL: https://global.ieice.org/en_transactions/fundamentals/10.1587/transfun.E95.A.567/_p
Copy
@ARTICLE{e95-a_2_567,
author={Rafael DOWSLEY, Jeroen van de GRAAF, Jorn MULLER-QUADE, Anderson C. A. NASCIMENTO, },
journal={IEICE TRANSACTIONS on Fundamentals},
title={Oblivious Transfer Based on the McEliece Assumptions},
year={2012},
volume={E95-A},
number={2},
pages={567-575},
abstract={We implement one-out-of-two bit oblivious transfer (OT) based on the assumptions used in the McEliece cryptosystem: the hardness of decoding random binary linear codes, and the difficulty of distinguishing a permuted generating matrix of Goppa codes from a random matrix. To our knowledge this is the first OT reduction to these problems only. We present two different constructions for oblivious transfer, one based on cut-and-chose arguments and another one which is based on a novel generalization of Bennett-Rudich commitments which may be of independent interest. Finally, we also present a variant of our protocol which is based on the Niederreiter cryptosystem.},
keywords={},
doi={10.1587/transfun.E95.A.567},
ISSN={1745-1337},
month={February},}
Copy
TY - JOUR
TI - Oblivious Transfer Based on the McEliece Assumptions
T2 - IEICE TRANSACTIONS on Fundamentals
SP - 567
EP - 575
AU - Rafael DOWSLEY
AU - Jeroen van de GRAAF
AU - Jorn MULLER-QUADE
AU - Anderson C. A. NASCIMENTO
PY - 2012
DO - 10.1587/transfun.E95.A.567
JO - IEICE TRANSACTIONS on Fundamentals
SN - 1745-1337
VL - E95-A
IS - 2
JA - IEICE TRANSACTIONS on Fundamentals
Y1 - February 2012
AB - We implement one-out-of-two bit oblivious transfer (OT) based on the assumptions used in the McEliece cryptosystem: the hardness of decoding random binary linear codes, and the difficulty of distinguishing a permuted generating matrix of Goppa codes from a random matrix. To our knowledge this is the first OT reduction to these problems only. We present two different constructions for oblivious transfer, one based on cut-and-chose arguments and another one which is based on a novel generalization of Bennett-Rudich commitments which may be of independent interest. Finally, we also present a variant of our protocol which is based on the Niederreiter cryptosystem.
ER -
English
