Fast Actively Secure OT Extension for Short Secrets
Reviewed by Pith T0 review T1 audit T2 compute T3 formal T4 kernel pith:Z4QQKRL4record.jsonopen to challenge →
read the original abstract
Oblivious Transfer (OT) is one of the most fundamental cryptographic primitives with wide-spread application in general secure multi-party computation (MPC) as well as in a number of tailored and special-purpose problems of interest such as private set intersection (PSI), private information retrieval (PIR), contract signing to name a few. Often the instantiations of OT require prohibitive communication and computation complexity. OT extension protocols are introduced to compute a very large number of OTs referred to as extended OTs at the cost of a small number of OTs referred to as seed OTs. We present a fast OT extension protocol for small secrets in the active setting. Our protocol when used to produce 1-out-of-n OTs outperforms all the known actively secure OT extensions. Our protocol is built on the semi-honest secure extension protocol of Kolesnikov and Kumaresan of CRYPTO'13 (referred to as KK13 protocol henceforth) which is the best known OT extension for short secrets.
This paper has not been read by Pith yet.
discussion (0)
Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.