Oblivious-Transfer Amplification

TL;DR

This paper explores how to implement oblivious transfer from weaker variants, improving efficiency and extending results to computational settings, with new definitions and reductions for weak oblivious transfer.

Contribution

It introduces a more efficient protocol for implementing oblivious transfer from universal oblivious transfer and provides new definitions and reductions for weak oblivious transfer.

Findings

Reduced the efficiency gap in oblivious transfer protocols

Established new definitions for weak oblivious transfer with errors

Extended results to computationally bounded adversaries

Abstract

Oblivious transfer is a primitive of paramount importance in cryptography or, more precisely, two- and multi-party computation due to its universality. Unfortunately, oblivious transfer cannot be achieved in an unconditionally secure way for both parties from scratch. Therefore, it is a natural question what information-theoretic primitives or computational assumptions oblivious transfer can be based on. The results in our thesis are threefold. First, we present a protocol that implements oblivious transfer from a weakened oblivious transfer called universal oblivious transfer, where one of the two players may get additional information. Our reduction is about twice as efficient as previous results. Weak oblivious transfer is an even weaker form of oblivious transfer, where both players may obtain additional information about the other player's input, and where the output can contain errors. We give a new, weaker definition of weak oblivious transfer, as well as new reductions with a more detailed analysis. Finally, we carry over our results to the computational setting and show how a weak oblivious transfer that is sometimes incorrect and only mildly secure against computationally bounded adversaries can be strengthened.