Security analysis of three oblivious transfer protocols

Publication Type

Book Chapter

Publication Date

2004

Abstract

An m out of n oblivious transfer (OT) protocol is a cryptographic protocol for a sender to transfer m out of n messages to a receiver such that the sender has no idea which m messages are obtained by the receiver (receiver security) and at the same time the receiver cannot obtain more than m messages (sender security). Three such protocols are proposed in [1], which have the advantage that the communication overhead of the protocols is much smaller than that of mimplementations of a 1 out of n OT protocol. In this paper we give a security analysis of the three protocols. First we show that the first protocol cannot guarantee both the sender security and the receiver security simultaneously. Next, we point out an obvious security flaw in the second protocol which allows the receiver to obtain all the n messages. The third protocol is nicely designed to be non-interactive. However, we show that the security of the protocol is based on a sort of parallel discrete logarithm problem, instead of the discrete logarithm problem as claimed in the paper. Using the technique of “generalized birthday attack”, the former problem can be solved with a computation complexity much smaller than that required to solve the discrete logarithm problem.

Keywords

Security Analysis, Advance Encryption Standard, Discrete Logarithm Problem, Oblivious Transfer, Encrypt Message

Discipline

Information Security

Research Areas

Cybersecurity

Publication

Coding, Cryptography and Combinatorics

Editor

Keqin Feng, Harald Niederreiter, and Chaoping Xing

First Page

387

Last Page

396

ISBN

9783764324292

Identifier

10.1007/978-3-0348-7865-4_27

Publisher

Birkhauser Verlag

City or Country

Boston

Additional URL

https://doi.org/10.1007/978-3-0348-7865-4_27

Link to Full Text

Share

COinS