Oblivis: A Framework for Delegated and Efficient Oblivious Transfer

TL;DR

Oblivis introduces a modular framework of new Oblivious Transfer protocols enabling delegated, privacy-preserving database queries suitable for lightweight clients and cloud environments, with formal security proofs and practical efficiency.

Contribution

The paper presents Oblivis, a novel framework of OT protocols supporting delegated querying, multi-receiver scenarios, and constant-size responses, with formal security and empirical efficiency evaluations.

Findings

Supersonic OT achieves 92x speedup over existing efficient OT.

Supersonic OT is 2.600106x faster than standard OT extension.

End-to-end transfer on Raspberry Pi takes only 1.36 ms.

Abstract

As database deployments shift toward cloud platforms and edge devices, thin clients need to securely retrieve sensitive records without leaking their query intent or metadata to the proxies that mediate access. Oblivious Transfer (OT) is a core tool for private retrieval, yet existing OTs assume direct client-database interaction and lack support for delegated querying or lightweight clients. We present Oblivis, a modular framework of new OT protocols that enable delegated, privacy-preserving query execution. Oblivis allows clients to retrieve database records without direct access, protects against leakage to both databases and proxies, and is designed with practical efficiency in mind. Its components include: (1) Delegated-Query OT, which permits secure outsourcing of query generation; (2) Multi-Receiver OT for merged, cloud-hosted databases; (3) a compiler producing constant-size responses suitable for thin clients; and (4) Supersonic OT, a proxy-based, informationtheoretic, and highly efficient 1-out-of-2 OT. The protocols are formally defined and proven secure in the simulation-based paradigm, under non-colluding assumption. We implement and empirically evaluate Supersonic OT. It achieves at least a 92x speedup over a highly efficient 1-out-of-2 OT, and a 2.6x-106x speedup over a standard OT extension across 200-100,000 invocations. Our implementation further shows that Supersonic OT remains efficient even on constrained hardware, e.g., it completes an end-to-end transfer in 1.36 ms on a Raspberry Pi 4.