微信服务号

微信订阅号

2025年8月13日 13:48 星期三
首页 > 过刊浏览>2023年第34卷第4期 >1879-1906. DOI:10.13328/j.cnki.jos.006692
PDF HTML阅读 XML下载 导出引用 引用提醒
不经意传输协议研究综述
作者:
作者简介:

高莹(1977-),女,博士,副教授,博士生导师,CCF高级会员,主要研究领域为隐私计算,密码学应用;刘翔(2000-),男,硕士生,主要研究领域为代理隐私集合求交;李寒雨(1996-),男,硕士生,主要研究领域为隐私集合求交,不经意传输协议;陈洁(1985-),男,博士,研究员,博士生导师,CCF专业会员,主要研究领域为公钥密码学;王玮(1998-),女,硕士生,主要研究领域为多方隐私集合求交.

通讯作者:

高莹,E-mail:gaoying@buaa.edu.cn

基金项目:

北京市自然科学基金(M21033); 国家自然科学基金(61932011, 61972017, 61972156); 腾讯微信犀牛鸟基金


Survey on Oblivious Transfer Protocols
Author:
  • 摘要
    • | |
  • 访问统计
    • |
  • 参考文献 [175]
    • |
  • 相似文献 [20]
    • | | |
  • 文章评论
    摘要:

    在互联网快速发展、大数据的挖掘与应用已渗透到各行各业的今天, 如何安全且高效地共享、使用海量数据成为新的热点研究问题. 安全多方计算是解决该问题的关键技术之一, 它允许一组参与方在不泄露隐私输入的前提下进行交互, 共同计算一个函数并得到输出结果. 不经意传输协议, 也叫茫然传输协议, 是一种保护隐私的两方通信协议, 消息发送者持有两条待发送的消息, 接收者选择一条进行接收, 事后发送者对接收者获取哪一条消息毫不知情, 接收者对于未选择的消息也无法获取任何信息. 不经意传输协议是安全多方计算技术的关键模块之一, 其效率优化可有效推动安全多方计算技术的应用落地, 对于特殊的两方安全计算协议如隐私集合交集计算尤为重要. 总结了不经意传输协议的分类及几种常见的变体, 分别阐述了基于公钥密码的不经意传输协议的构造和研究进展, 以及不经意传输扩展协议的构造和研究进展, 由此引出不经意传输扩展协议的效率优化研究的重要性. 同时, 在半诚实敌手和恶意敌手这两种敌手模型下, 分别对不经意传输协议和不经意传输扩展协议的效率优化研究进展进行了全面梳理. 另一方面, 从应用角度对不经意传输协议和不经意传输扩展协议在工程实现中常用的优化技术进行了系统化分析. 最后, 总结了不经意传输协议和不经意传输扩展协议研究目前所面临的主要问题及未来发展趋势.

    Abstract:

    With the rapid development of the Internet and the penetration of big data mining and applications into all walks of life, how to share and use massive data securely and efficiently has become a new hot research issue. Secure multi-party computation is one of the key technologies to solve this problem. It allows a group of participants to interact compute a function together, and get the output without revealing private inputs. Oblivious transfer is a privacy-protected two-party communication protocol in which a sender holds two messages to be sent, and a receiver selects one to receive, but after that, the sender knows nothing about which message the receiver gets, and the receiver cannot get any information about the unselected message. Oblivious transfer has become one of the key modules of secure multi-party computation, and its efficiency optimization can effectively promote the application of secure multi-party computation, especially for special two-party secure computation protocols such as private set intersection. This paper summarizes the classification of oblivious transfer and several common variants, and respectively describes the construction and research progress of the oblivious transfer protocol based on public key cryptography and oblivious transfer extension, which leads to the importance of the efficiency optimization research of oblivious transfer. At the same time, this paper comprehensively reviews the research progress of efficiency optimization of oblivious transfer and oblivious transfer extension from the perspectives of semi-honest adversary and malicious adversary. On the other hand, in practical application, this paper systematically summarizes the optimization technologies used in the engineering implementation of oblivious transfer and oblivious transfer extension protocols. Finally, this paper points out the main problems and future works of oblivious transfer and oblivious transfer extension protocols.

    参考文献
    [1] Rabin MO. How to exchange secrets with oblivious transfer. IACR Cryptol. ePrint Arch., 2005, 2005(187).
    [2] Even S, Goldreich O, Lempel A. A randomized protocol for signing contracts. Communications of the ACM, 1985, 28(6):637-647.
    [3] Líšková L, Stanek M. Efficient simultaneous contract signing. In:Proc. of the IFIP Int'l Information Security Conf. Boston:Springer, 2004. 441-455.
    [4] Staneková L, Stanek M. Fast contract signing with batch oblivious transfer. In:Proc. of the IFIP Int'l Conf. on Communications and Multimedia Security. Berlin, Heidelberg:Springer, 2005. 1-10.
    [5] Brassard G, Crépeau C, Robert JM. All-or-nothing disclosure of secrets. In:Proc. of the Conf. on the Theory and Application of Cryptographic Techniques. Berlin, Heidelberg:Springer, 1986. 234-238.
    [6] Kilian J. Founding cryptography on oblivious transfer. In:Proc. of the 20th Annual ACM Symp. on Theory of Computing. 1988. 20-31.
    [7] Blum M. Coin flipping by telephone a protocol for solving impossible problems. ACM SIGACT News, 1983, 15(1):23-27.
    [8] Harn L, Lin HY. An oblivious transfer protocol and its application for the exchange of secrets. In:Proc. of the Int'l Conf. on the Theory and Application of Cryptology. Berlin, Heidelberg:Springer, 1991. 312-320.
    [9] Bellare M, Micali S. Non-interactive oblivious transfer and applications. In:Proc. of the Conf. on the Theory and Application of Cryptology. New York:Springer, 1989. 547-557.
    [10] Impagliazzo R, Rudich S. Limits on the provable consequences of one-way permutations. In:Proc. of the 21st Annual ACM Symp. on Theory of Computing. 1989. 44-61.
    [11] Beaver D. Precomputing oblivious transfer. In:Proc. of the Annual Int'l Cryptology Conf. Berlin, Heidelberg:Springer, 1995. 97-109.
    [12] Beaver D. Correlated pseudorandomness and the complexity of private computations. In:Proc. of the 28th Annual ACM Symp. on Theory of Computing. 1996. 479-488.
    [13] Kolesnikov V, Kumaresan R, Rosulek M, et al. Efficient batched oblivious PRF with applications to private set intersection. In:Proc. of the 2016 ACM SIGSAC Conf. on Computer and Communications Security. 2016. 818-829.
    [14] Orrù M, Orsini E, Scholl P. Actively secure 1-out-of-n OT extension with application to private set intersection. In:Proc. of the Cryptographers' Track at the RSA Conf. Cham:Springer, 2017. 381-396.
    [15] Ishai Y, Kilian J, Nissim K, et al. Extending oblivious transfers efficiently. In:Proc. of the Annual Int'l Cryptology Conf. Berlin, Heidelberg:Springer, 2003. 145-161.
    [16] Peikert C, Vaikuntanathan V, Waters B. A framework for efficient and composable oblivious transfer. In:Proc. of the Annual Int'l Cryptology Conf. Berlin, Heidelberg:Springer, 2008. 554-571.
    [17] Nielsen JB, Nordholt PS, Orlandi C, et al. A new approach to practical active-secure two-party computation. In:Proc. of the Annual Cryptology Conf. Berlin, Heidelberg:Springer, 2012. 681-700.
    [18] Kolesnikov V, Kumaresan R. Improved OT extension for transferring short secrets. In:Proc. of the Annual Cryptology Conf. Berlin, Heidelberg:Springer, 2013. 54-70.
    [19] Asharov G, Lindell Y, Schneider T, et al. More efficient oblivious transfer and extensions for faster secure computation. In:Proc. of the 2013 ACM SIGSAC Conf. on Computer & Communications Security. 2013. 535-548.
    [20] Keller M, Orsini E, Scholl P. Actively secure OT extension with optimal overhead. In:Proc. of the Annual Cryptology Conf. Berlin, Heidelberg:Springer, 2015. 724-741.
    [21] Asharov G, Lindell Y, Schneider T, et al. More efficient oblivious transfer extensions with security for malicious adversaries. In:Proc. of the Annual Int'l Conf. on the Theory and Applications of Cryptographic Techniques. Berlin, Heidelberg:Springer, 2015. 673-701.
    [22] Boyle E, Couteau G, Gilboa N, et al. Efficient pseudorandom correlation generators:Silent OT extension and more. In:Proc. of the Annual Int'l Cryptology Conf. Cham:Springer, 2019. 489-518.
    [23] Boyle E, Couteau G, Gilboa N, et al. Efficient two-round OT extension and silent non-interactive secure computation. In:Proc. of the 2019 ACM SIGSAC Conf. on Computer and Communications Security. 2019. 291-308.
    [24] Schoppmann P, Gascón A, Reichert L, et al. Distributed vector-OLE:Improved constructions and implementation. In:Proc. of the 2019 ACM SIGSAC Conf. on Computer and Communications Security. 2019. 1055-1072.
    [25] Yang K, Weng C, Lan X, et al. Ferret:Fast extension for correlated OT with small communication. In:Proc. of the 2020 ACM SIGSAC Conf. on Computer and Communications Security. 2020. 1607-1626.
    [26] Nielsen J B, Orlandi C. LEGO for two-party secure computation. In:Proc. of the Theory of Cryptography Conf. Berlin, Heidelberg:Springer, 2009. 368-386.
    [27] Shelat A, Shen CH. Fast two-party secure computation with minimal assumptions. In:Proc. of the 2013 ACM SIGSAC Conf. on Computer & Communications Security. 2013. 523-534.
    [28] Frederiksen TK, Jakobsen TP, Nielsen JB, et al. MiniLEGO:Efficient secure two-party computation from general assumptions. In:Proc. of the Annual Int'l Conf. on the Theory and Applications of Cryptographic Techniques. Berlin, Heidelberg:Springer, 2013. 537-556.
    [29] Huang Y, Katz J, Kolesnikov V, et al. Amortizing garbled circuits. In:Proc. of the Annual Cryptology Conf. Berlin, Heidelberg:Springer, 2014. 458-475.
    [30] Lindell Y, Pinkas B. An efficient protocol for secure two-party computation in the presence of malicious adversaries. Journal of Cryptology, 2015, 28(2):312-350.
    [31] Lindell Y, Riva B. Blazing fast 2PC in the offline/online setting with security for malicious adversaries. In:Proc. of the 22nd ACM SIGSAC Conf. on Computer and Communications Security. 2015. 579-590.
    [32] Lindell Y. Fast cut-and-choose-based protocols for malicious and covert adversaries. Journal of Cryptology, 2016, 29(2):456-490.
    [33] Keller M, Orsini E, Scholl P. MASCOT:Faster malicious arithmetic secure computation with oblivious transfer. In:Proc. of the 2016 ACM SIGSAC Conf. on Computer and Communications Security. 2016. 830-842.
    [34] Dong C, Chen L, Wen Z. When private set intersection meets big data:An efficient and scalable protocol. In:Proc. of the 2013 ACM SIGSAC Conf. on Computer & Communications Security. 2013. 789-800.
    [35] Pinkas B, Schneider T, Zohner M. Faster private set intersection based on OT extension. In:Proc. of the 23rd USENIX Security Symp. 2014. 797-812.
    [36] Rindal P, Rosulek M. Improved private set intersection against malicious adversaries. In:Proc. of the Annual Int'l Conf. on the Theory and Applications of Cryptographic Techniques. Cham:Springer, 2017. 235-259.
    [37] Pinkas B, Schneider T, Segev G, et al. Phasing:Private set intersection using permutation-based hashing. In:Proc. of the 24th USENIX Security Symp. 2015. 515-530.
    [38] Pinkas B, Schneider T, Zohner M. Scalable private set intersection based on OT extension. ACM Trans. on Privacy and Security, 2018, 21(2):1-35.
    [39] Pinkas B, Rosulek M, Trieu N, et al. Spot-light:Lightweight private set intersection from sparse OT extension. In:Proc. of the Annual Int'l Cryptology Conf. Cham:Springer, 2019. 401-431.
    [40] Pinkas B, Schneider T, Tkachenko O, et al. Efficient circuit-based PSI with linear communication. In:Proc. of the Annual Int'l Conf. on the Theory and Applications of Cryptographic Techniques. Cham:Springer, 2019. 122-153.
    [41] Pinkas B, Rosulek M, Trieu N, et al. PSI from PaXoS:Fast, malicious private set intersection. In:Proc. of the Annual Int'l Conf. on the Theory and Applications of Cryptographic Techniques. Cham:Springer, 2020. 739-767.
    [42] Chase M, Miao P. Private set intersection in the internet setting from lightweight oblivious PRF. In:Proc. of the Annual Int'l Cryptology Conf. Cham:Springer, 2020. 34-63.
    [43] Rindal P, Schoppmann P. VOLE-PSI:Fast OPRF and circuit-PSI from Vector-OLE. Cryptology ePrint Archive, Report 2021/266, 2021. https://eprint.iacr.org/2021/266
    [44] Kolesnikov V, Matania N, Pinkas B, et al. Practical multi-party private set intersection from symmetric-key techniques. In:Proc. of the 2017 ACM SIGSAC Conf. on Computer and Communications Security. 2017. 1257-1272.
    [45] Kiss Á, Liu J, Schneider T, et al. Private set intersection for unequal set sizes with mobile applications. PoPETs, 2017, 2017(4):177-197.
    [46] Kales D, Rechberger C, Schneider T, et al. Mobile private contact discovery at scale. In:Proc. of the 28th USENIX Security Symp. 2019. 1447-1464.
    [47] Ion M, Kreuter B, Nergiz E, et al. Private intersection-sum protocol with applications to attributing aggregate ad conversions. IACR Cryptol. ePrint Arch., 2017, 2017:738.
    [48] Lv S, Ye J, Yin S, et al. Unbalanced private set intersection cardinality protocol with low communication cost. Future Generation Computer Systems, 2020, 102:1054-1061.
    [49] Ion M, Kreuter B, Nergiz AE, et al. On deploying secure computing:Private intersection-sum-with-cardinality. In:Proc. of the 2020 IEEE European Symp. on Security and Privacy. IEEE, 2020. 370-389.
    [50] Demmler D, Schneider T, Zohner M. ABY-A framework for efficient mixed-protocol secure two-party computation. NDSS, 2015.
    [51] Mohassel P, Zhang Y. SecureML:A system for scalable privacy-preserving machine learning. In:Proc. of the 2017 IEEE Symp. on Security and Privacy. IEEE, 2017. 19-38.
    [52] Mohassel P, Rindal P. ABY 3:A mixed protocol framework for machine learning. In:Proc. of the 2018 ACM Conf. on Computer and Communications Security. ACM, 2018. 35-52.
    [53] Agrawal N, Shahin Shamsabadi A, Kusner M J, et al. QUOTIENT:Two-party secure neural network training and prediction. In:Proc. of the 2019 ACM SIGSAC Conf. on Computer and Communications Security. 2019. 1231-1247.
    [54] Naor M, Pinkas B. Efficient oblivious transfer protocols. In:Proc. of the 2001 ACM SODA. 2001, 448-457.
    [55] Chou T, Orlandi C. The simplest protocol for oblivious transfer. In:Proc. of the Int'l Conf. on Cryptology and Information Security in Latin America. Cham:Springer, 2015. 40-58.
    [56] Mansy D, Rindal P. Endemic oblivious transfer. In:Proc. of the 2019 ACM SIGSAC Conf. on Computer and Communications Security. 2019. 309-326.
    [57] Döttling N, Garg S, Ishai Y, et al. Trapdoor hash functions and their applications. In:Proc. of the Annual Int'l Cryptology Conf. Cham:Springer, 2019. 3-32.
    [58] Grag S, Hajiabadi M, Ostrovsky R. Efficient range-trapdoor functions and applications:Rate-1 OT and more. In:Proc. of the Theory of Cryptography Conf. Cham:Springer, 2020. 88-116.
    [59] Chase M, Grag S, Hajiabadi M, et al. Amortizing rate-1 OT and applications to PIR and PSI. In:Proc. of the Theory of Cryptography Conf. Cham:Springer, 2021. 126-156.
    [60] Tzeng WG. Efficient 1-out-n oblivious transfer schemes. In:Proc. of the Int'l Workshop on Public Key Cryptography. Berlin, Heidelberg:Springer, 2002. 159-171.
    [61] Patra A, Sarkar P, Suresh A. Fast actively secure OT extension for short secrets. arXiv:1911.08834, 2019.
    [62] Yao ACC. How to generate and exchange secrets. In:Proc. of the 27th Annual Symp. on Foundations of Computer Science. IEEE, 1986. 162-167.
    [63] Goldwasser S. How to play any mental game, or a completeness theorem for protocols with an honest majority. In:Proc. of the 19th Annual ACM STOC 1987. 1987. 218-229.
    [64] Naor M, Pinkas B. Computationally secure oblivious transfer. Journal of Cryptology, 2005, 18(1):1-35.
    [65] Naor M, Pinkas B. Oblivious transfer and polynomial evaluation. In:Proc. of the 21st Annual ACM Symp. on Theory of Computing. 1999. 245-254.
    [66] Phong LT. A survey on oblivious transfer protocols. Journal of the National Institute of Information and Communications Technology, 2011, 58(3):181-186.
    [67] Evans D, Kolesnikov V, Rosulek M. A pragmatic introduction to secure multi-party computation. Foundations and Trends® in Privacy and Security, 2017, 2(2-3).
    [68] Shen LY, Chen XJ, Shi JJ, et al. Survey on private preserving set intersection Technology. Journal of Computer Research and Development, 2017, 54(10):2153(in Chinese with English abstract).
    [69] Aumann Y, Lindell Y. Security against covert adversaries:Efficient protocols for realistic adversaries. In:Proc. of the Theory of Cryptography Conf. Berlin, Heidelberg:Springer, 2007. 137-156.
    [70] Green M, Hohenberger S. Blind identity-based encryption and simulatable oblivious transfer. In:Proc. of the Int'l Conf. on the Theory and Application of Cryptology and Information Security. Berlin, Heidelberg:Springer, 2007. 265-282.
    [71] Lindell AY. Efficient fully-simulatable oblivious transfer. In:Proc. of the Cryptographers' Track at the RSA Conf. Berlin, Heidelberg:Springer, 200. 52-70.
    [72] Canetti R. Universally composable security:A new paradigm for cryptographic protocols. In:Proc. of the 42nd IEEE Symp. on Foundations of Computer Science. IEEE, 2001. 136-145.
    [73] Blazy O, Chevalier C. Generic construction of UC-secure oblivious transfer. In:Proc. of the Int'l Conf. on Applied Cryptography and Network Security. Cham:Springer, 2015. 65-86.
    [74] Hauck E, Loss J. Efficient and universally composable protocols for oblivious transfer from the CDH assumption. IACR Cryptol. ePrint Arch., 2017, 2017:1011.
    [75] Guo C, Katz J, Wang X, et al. Efficient and secure multiparty computation from fixed-key block ciphers. In:Proc. of the 2020 IEEE Symp. on Security and Privacy. IEEE, 2020. 825-841.
    [76] Crépeau C. Equivalence between two flavours of oblivious transfers. In:Proc. of the Conf. on the Theory and Application of Cryptographic Techniques. Berlin, Heidelberg:Springer, 1987. 350-354.
    [77] Wang FH, Hu YP, Liu ZH. Lattice-based oblivious transfer protocol. Journal on Communications, 2011, 32(3):125-130(in Chinese with English abstract).
    [78] Li Z, Zhang Y, Zhang F, et al. Ideal lattice-based oblivious transfer protocol of provably secure. Application Research of Computers, 2017, 34(1):242-245(in Chinese with English abstract).
    [79] Ishai Y, Kushilevitz E. Private simultaneous messages protocols with applications. In:Proc. of the Fifth Israeli Symp. on Theory of Computing and Systems. IEEE, 1997. 174-183.
    [80] Tassa T. Generalized oblivious transfer by secret sharing. Designs, Codes and Cryptography, 2011, 58(1):11-21.
    [81] Chu CK, Tzeng WG. Efficient k-out-of-n oblivious transfer schemes. Journal of Universal Computer Science, 2008, 14(3):397-415.
    [82] Xu YJ, Li DS, Chen ZH. Efficient oblivious transfer protocol based on bilinear pairing. Computer Engineering, 2013, 39(6):166-169(in Chinese with English abstract).
    [83] Xu YJ, Li DS, Wang DS, et al. Oblivious transfer based on elliptic curve public key cryptosystems. Computer Science, 2013, 40(12):186-191(in Chinese with English abstract).
    [84] Lai J, Mu Y, Guo F, et al. Efficient k-out-of-n oblivious transfer scheme with the ideal communication cost. Theoretical Computer Science, 2018, 714:15-26.
    [85] Naor M, Pinkas B. Oblivious transfer with adaptive queries. In:Proc. of the Annual Int'l Cryptology Conf. Berlin, Heidelberg:Springer, 1999. 573-590.
    [86] Ogata W, Kurosawa K. Oblivious keyword search. Journal of Complexity, 2004, 20(2-3):356-371.
    [87] Chu CK, Tzeng WG. Efficient k-out-of-n oblivious transfer schemes with adaptive and non-adaptive queries. In:Proc. of the Int'l Workshop on Public Key Cryptography. Berlin, Heidelberg:Springer, 2005. 172-183.
    [88] Green M, Hohenberger S. Practical adaptive oblivious transfer from simple assumptions. In:Proc. of the Theory of Cryptography Conf. Berlin, Heidelberg:Springer, 2011. 347-363.
    [89] Kurosawa K, Nojima R, Phong LT. Efficiency-improved fully simulatable adaptive OT under the DDH assumption. In:Proc. of the Int'l Conf. on Security and Cryptography for Networks. Berlin, Heidelberg:Springer, 2010. 172-181.
    [90] Kurosawa K, Nojima R, Phong LT. Generic fully simulatable adaptive oblivious transfer. In:Proc. of the Int'l Conf. on Applied Cryptography and Network Security. Berlin, Heidelberg:Springer, 2011. 274-291.
    [91] Camenisch J, Neven G. Simulatable adaptive oblivious transfer. In:Proc. of the Annual Int'l Conf. on the Theory and Applications of Cryptographic Techniques. Berlin, Heidelberg:Springer, 2007. 573-590.
    [92] Green M, Hohenberger S. Universally composable adaptive oblivious transfer. In:Proc. of the Int'l Conf. on the Theory and Application of Cryptology and Information Security. Berlin, Heidelberg:Springer, 2008. 179-197.
    [93] Jarecki S, Liu X. Efficient oblivious pseudorandom function with applications to adaptive OT and secure computation of set intersection. In:Proc. of the Theory of Cryptography Conf. Berlin, Heidelberg:Springer, 2009. 577-594.
    [94] Kurosawa K, Nojima R. Simple adaptive oblivious transfer without random oracle. In:Proc. of the Int'l Conf. on the Theory and Application of Cryptology and Information Security. Berlin, Heidelberg:Springer, 2009. 334-346.
    [95] Naor M, Pinkas B. Distributed oblivious transfer. In:Proc. of the Int'l Conf. on the Theory and Application of Cryptology and Information Security. Berlin, Heidelberg:Springer, 2000. 205-219.
    [96] Frederiksen TK, Keller M, Orsini E, et al. A unified approach to MPC with preprocessing using OT. In:Proc. of the Int'l Conf. on the Theory and Application of Cryptology and Information Security. Berlin, Heidelber:Springer, 2015. 711-735.
    [97] Hazay C, Scholl P, Soria-Vazquez E. Low cost constant round MPC combining BMR and oblivious transfer. Journal of Cryptology, 2020, 33(4):1732-1786.
    [98] Wolf S, Wullschleger J. Oblivious transfer is symmetric. In:Proc. of the Annual Int'l Conf. on the Theory and Applications of Cryptographic Techniques. Berlin, Heidelberg:Springer, 2006. 222-232.
    [99] Crépeau C, Sántha M. On the reversibility of oblivious transfer. In:Proc. of the Workshop on the Theory and Application of Cryptographic Techniques. Berlin, Heidelberg:Springer, 1991. 106-113.
    [100] Huang Q, Zhao YM. Independent oblivious transfer. Ruan Jian Xue Bao/Journal of Software, 2007, 18(4):1015-1025. http://www.jos.org.cn/jos/article/abstract/20070423?st=search[doi:10.1360/jos181015]
    [101] Wei Y, Xiong GH, Zhang XK, et al. Oblivious transfer protocols over braid groups. Application Research of Computers, 2010. 27(8):3042-3044(in Chinese with English abstract).
    [102] Zhang YS, Zhao HS, Chen HY, Yang YT. On scheme design of probabilistic 1 out of 2 oblivious transfer protocol. Journal of Cryptologic Research, 2021, 8(2):282-293(in Chinese with English abstract).
    [103] Liu MM. Analysis and design of lattice-based oblivious transfer protocols[Ph.D. Thesis]. Xi'an:Xidian University, 2018(in Chinese with English abstract).
    [104] Damgård I, Nielsen J B, Orlandi C. Essentially optimal universally composable oblivious transfer. In:Proc. of the Int'l Conf. on Information Security and Cryptology. Berlin, Heidelberg:Springer, 2008. 318-335.
    [105] Hazay C, Lindell Y. Efficient secure two-party protocols:Techniques and constructions. Springer Science & Business Media, 2010.
    [106] Li B, Micciancio D. Equational security proofs of oblivious transfer protocols. In:Proc. of the IACR Int'l Workshop on Public Key Cryptography. Cham:Springer, 2018. 527-553.
    [107] Genç ZA, Iovino V, Rial A. "The simplest protocol for oblivious transfer" revisited. Information Processing Letters, 2020, 105975.
    [108] Byali M, Patra A, Ravi D, et al. Fast and universally-composable oblivious transfer and commitment scheme with adaptive security. IACR Cryptol. ePrint Arch., 2017, 2017:1165.
    [109] Doerner J, Kondi Y, Lee E, et al. Secure two-party threshold ECDSA from ECDSA assumptions. In:Proc. of the 2018 IEEE Symp. on Security and Privacy. IEEE, 2018. 980-997.
    [110] Canetti R, Sarkar P, Wang X. Blazing fast OT for three-round UC OT extension. In:Proc. of the 23rd IACR Int'l Conf. on the Practice and Theory of Public-key Cryptography, PKC 2020. Springer, 2020. 299-327.
    [111] Shor PW. Algorithms for quantum computation:Discrete logarithms and factoring. In:Proc. of the 35th Annual Symp. on Foundations of Computer Science. IEEE, 1994. 124-134.
    [112] Crépeau C, Kilian J. Achieving oblivious transfer using weakened security assumptions. In:Proc. of the 29th Annual Symp. on Foundations of Computer Science. IEEE Computer Society, 1988. 42-52.
    [113] Crépeau C. Efficient cryptographic protocols based on noisy channels. In:Proc. of the Int'l Conf. on the Theory and Applications of Cryptographic Techniques. Berlin, Heidelberg:Springer, 1997. 306-317.
    [114] Damgård I, Kilian J, Salvail L. On the (im) possibility of basing oblivious transfer and bit commitment on weakened security assumptions. In:Proc. of the Int'l Conf. on the Theory and Applications of Cryptographic Techniques. Berlin, Heidelberg:Springer, 1999. 56-73.
    [115] Stebila D, Wolf S. Efficient oblivious transfer from any non-trivial binary-symmetric channel. In:Proc. of the IEEE Int'l Symp. on Information Theory. IEEE, 2002. 293.
    [116] Crépeau C, Morozov K, Wolf S. Efficient unconditional oblivious transfer from almost any noisy channel. In:Proc. of the Int'l Conf. on Security in Communication Networks. Berlin, Heidelberg:Springer, 2004. 47-59.
    [117] Nascimento ACA, Winter A. On the oblivious-transfer capacity of noisy resources. IEEE Trans. on Information Theory, 2008, 54(6):2572-2581.
    [118] Pinto ACB, Dowsley R, Morozov K, et al. Achieving oblivious transfer capacity of generalized erasure channels in the malicious model. IEEE Trans. on Information Theory, 2011, 57(8):5566-5571.
    [119] Dowsley R, Nascimento ACA. On the oblivious transfer capacity of generalized erasure channels against malicious adversaries:The case of low erasure probability. IEEE Trans. on Information Theory, 2017, 63(10):6819-6826.
    [120] Beaver D. Commodity-based cryptography. In:Proc. of the 29th Annual ACM Symp. on Theory of Computing. 1997. 446-455.
    [121] Rivest R. Unconditionally secure commitment and oblivious transfer schemes using private channels and a trusted initializer. Unpublished manuscript, 1999.
    [122] Kilian J. More general completeness theorems for secure two-party computation. In:Proc. of the 22nd Annual ACM Symp. on Theory of Computing. 2000. 316-324.
    [123] Beimel A, Malkin T, Micali S. The all-or-nothing nature of two-party secure computation. In:Proc. of the Annual Int'l Cryptology Conf. Berlin, Heidelberg:Springer, 1999. 80-97.
    [124] Regev O. On lattices, learning with errors, random linear codes, and cryptography. Journal of the ACM, 2009, 56(6):1-40.
    [125] McEliece RJ. A public-key cryptosystem based on algebraic. Coding Thv., 1978, 4244:114-116.
    [126] David B, Dowsley R, Nascimento ACA. Universally composable oblivious transfer based on a variant of LPN. In:Proc. of the Int'l Conf. on Cryptology and Network Security. Cham:Springer, 2014. 143-158.
    [127] David BM, Nascimento ACA, Müller-Quade J. Universally composable oblivious transfer from lossy encryption and the mceliece assumptions. In:Proc. of the Int'l Conf. on Information Theoretic Security. Berlin, Heidelberg:Springer, 2012. 80-99.
    [128] Barreto PSLM, David B, Dowsley R, et al. A framework for efficient adaptively secure composable oblivious transfer in the ROM. arXiv:1710.08256, 2017.
    [129] Lai YF, Galbraith SD, de Saint Guilhem CD. Compact, efficient and UC-secure isogeny-based oblivious transfer. In:Proc. of the Annual Int'l Conf. on the Theory and Applications of Cryptographic Techniques. Cham:Springer, 2021. 213-241.
    [130] Barreto P, Nascimento A, Oliveira G, et al. Supersingular isogeny oblivious transfer. arXiv:1805.06589, 2018.
    [131] Vitse V. Simple oblivious transfer protocols compatible with supersingular isogenies. In:Proc. of the Int'l Conf. on Cryptology in Africa. Cham:Springer, 2019. 56-78.
    [132] Boyle E, Couteau G, Gilboa N, et al. Compressing vector OLE. In:Proc. of the 2018 ACM SIGSAC Conf. on Computer and Communications Security. 2018. 896-912.
    [133] Schoppmann P, Gascón A, Reichert L, et al. Distributed vector-OLE:Improved constructions and implementation. In:Proc. of the 2019 ACM SIGSAC Conf. on Computer and Communications Security. 2019. 1055-1072.
    [134] Pinkas B. Fair secure two-party computation. In:Proc. of the Int'l Conf. on the Theory and Applications of Cryptographic Techniques. Berlin, Heidelberg:Springer, 2003. 87-105.
    [135] Lindell Y, Pinkas B. An efficient protocol for secure two-party computation in the presence of malicious adversaries. In:Proc. of the Annual Int'l Conf. on the Theory and Applications of Cryptographic Techniques. Berlin, Heidelberg:Springer, 2007. 52-78.
    [136] Lindell Y, Pinkas B. Secure two-party computation via cut-and-choose oblivious transfer. Journal of Cryptology, 2012, 25(4):680-722.
    [137] Shen C. Two-output secure computation with malicious adversaries. In:Proc. of the Annual Int'l Conf. on the Theory and Applications of Cryptographic Techniques. Berlin, Heidelberg:Springer, 2011. 386-405.
    [138] Huang Y, Katz J, Evans D. Efficient secure two-party computation using symmetric cut-and-choose. In:Proc. of the Annual Cryptology Conf. Berlin, Heidelberg:Springer, 2013. 18-35.
    [139] Mohassel P, Riva B. Garbled circuits checking garbled circuits:More efficient and secure two-party computation. In:Proc. of the Annual Cryptology Conf. Berlin, Heidelberg:Springer, 2013. 36-53.
    [140] Lindell Y, Riva B. Cut-and-choose based two-party computation in the online/offline and batch settings. IACR Cryptol. ePrint Arch., 2014, 2014:667.
    [141] Kolesnikov V, Kumaresan R. On cut-and-choose oblivious transfer and its variants. In:Proc. of the Int'l Conf. on the Theory and Application of Cryptology and Information Security. Berlin, Heidelberg:Springer, 2015. 386-412.
    [142] Harnik D, Ishai Y, Kushilevitz E, et al. OT-combiners via secure computation. In:Proc. of the Theory of Cryptography Conf. Berlin, Heidelberg:Springer, 2008. 393-411.
    [143] Nielsen JB. Extending oblivious transfers efficiently-How to get robustness almost for free. IACR Cryptol. ePrint Arch., 2007, 2007:215.
    [144] Damgård I, Keller M, Larraia E, et al. Practical covertly secure MPC for dishonest majority-or:breaking the SPDZ limits. In:Proc. of the European Symp. on Research in Computer Security. Berlin, Heidelberg:Springer, 2013. 1-18.
    [145] Doerner J, Shelat A. Scaling ORAM for secure computation. In:Proc. of the 2017 ACM SIGSAC Conf. on Computer and Communications Security. 2017. 523-535.
    [146] Henecka W, Schneider T. Faster secure two-party computation with less memory. In:Proc. of the 8th ACM SIGSAC Symp. on Information, Computer and Communications Security. 2013. 437-446.
    [147] Barker E, Barker W, Burr W, et al. NIST Special Publication 800-57 Recommendation for Key Management-Part 1:General. 2012.
    [148] Huang Y, Evans D, Katz J, et al. Faster secure two-party computation using garbled circuits. In:Proc. of the USENIX Security Symp. 2011, 201(1):331-335.
    [149] McQuoid I, Rosulek M, Roy L. Batching Base Oblivious Transfers. In:Proc. of Advances in Cryptdogy-ASIACRYPT 2001. 2001. 281-310.
    [150] McQuoid I, Rosulek M, Roy L. Minimal symmetric PAKE and 1-out-of-n OT from programmable-once public functions. In:Proc. of the 2020 ACM SIGSAC Conf. on Computer and Communications Security. 2020. 425-442.
    [151] Eklundh JO. A fast computer method for matrix transposing. IEEE Trans. on Computers, 1972, 100(7):801-803.
    [152] Albrecht MR, Rechberger C, Schneider T, et al. Ciphers for MPC and FHE. In:Proc. of the Annual Int'l Conf. on the Theory and Applications of Cryptographic Techniques. Berlin, Heidelberg:Springer, 2015. 430-454.
    [153] Aumasson JP, Neves S, Wilcox-O'Hearn Z, et al. BLAKE2:Simpler, smaller, fast as MD5. In:Proc. of the Int'l Conf. on Applied Cryptography and Network Security. Berlin, Heidelberg:Springer, 2013. 119-135.
    [154] Aiello B, Ishai Y, Reingold O. Priced oblivious transfer:How to sell digital goods. In:Proc. of the Int'l Conf. on the Theory and Applications of Cryptographic Techniques. Berlin, Heidelberg:Springer, 2001. 119-135.
    [155] Pinkas B, Schneider T, Smart NP, et al. Secure two-party computation is practical. In:Proc. of the Int'l Conf. on the Theory and Application of Cryptology and Information Security. Berlin, Heidelberg:Springer, 2009. 250-267.
    [156] Schneider T, Zohner M. GMW vs. Yao? Efficient secure two-party computation with low depth circuits. In:Proc. of the Int'l Conf. on Financial Cryptography and Data Security. Berlin, Heidelberg:Springer, 2013. 275-292.
    [157] Lindell Y, Pinkas B. A proof of security of Yao's protocol for two-party computation. Journal of Cryptology, 2009, 22(2):161-188.
    [158] Crépeau C, van de Graaf J, Tapp A. Committed oblivious transfer and private multi-party computation. In:Proc. of the Annual Int'l Cryptology Conf. Berlin, Heidelberg:Springer, 1995. 110-123.
    [159] Ishai Y, Prabhakaran M, Sahai A. Founding cryptography on oblivious transfer-efficiently. In:Proc. of the Annual Int'l Cryptology Conf. Berlin, Heidelberg:Springer, 2008. 572-591.
    [160] Baldi P, Baronio R, De Cristofaro E, et al. Countering gattaca:Efficient and secure testing of fully-sequenced human genomes. In:Proc. of the 18th ACM Con. on Computer and Communications Security. 2011. 691-702.
    [161] Chor B, Goldreich O, Kushilevitz E, et al. Private information retrieval. In:Proc. of the IEEE 36th Annual Foundations of Computer Science. IEEE, 1995. 41-50.
    [162] Gertner Y, Ishai Y, Kushilevitz E, et al. Protecting data privacy in private information retrieval schemes. Journal of Computer and System Sciences, 2000, 60(3):592-629.
    [163] Di Crescenzo G, Malkin T, Ostrovsky R. Single database private information retrieval implies oblivious transfer. In:Proc. of the Int'l Conf. on the Theory and Applications of Cryptographic Techniques. Berlin, Heidelberg:Springer, 2000. 122-138.
    [164] Freedman MJ, Nissim K, Pinkas B. Efficient private matching and set intersection. In:Proc. of the Int'l Conf. on the Theory and Applications of Cryptographic Techniques. Berlin, Heidelberg:Springer, 2004. 1-19.
    [165] Kissner L, Song D. Privacy-preserving set operations. In:Proc. of the Annual Int'l Cryptology Conf. Berlin, Heidelberg:Springer, 2005. 241-257.
    [166] Hazay C, Nissim K. Efficient set operations in the presence of malicious adversaries. In:Proc. of the Int'l Workshop on Public Key Cryptography. Berlin, Heidelberg:Springer, 2010. 312-331.
    附中文参考文献
    [68] 申立艳, 陈小军, 时金桥, 等. 隐私保护集合交集计算技术研究综述. 计算机研究与发展, 2017, 54(10):2153.
    [77] 王凤和, 胡予濮, 刘振华. 格基不经意传输协议. 通信学报, 2011, 32(3):125-130.
    [78] 李子臣, 张亚泽, 张峰娟, 等. 理想格上可证明安全的不经意传输协议. 计算机应用研究, 2017, 34(1):242-245.
    [82] 徐彦蛟, 李顺东, 陈振华. 基于双线性对的高效不经意传输协议. 计算机工程, 2013, 39(6):166-169.
    [83] 徐彦蛟, 李顺东, 王道顺, 等. 基于椭圆曲线公钥系统的不经意传输协议. 计算机科学, 2013, 40(12):186-191.
    [101] 隗云, 熊国华, 张兴凯, 等. 辫群上的不经意传输协议. 计算机应用研究, 2010, 27(8):3042-3044.
    [102] 张艳硕, 赵瀚森, 陈辉焱, 等. 概率型2选1不经意传输协议的方案设计. 密码学报, 2021, 8(2):282-293.
    [103] 刘沫萌. 格上不经意传输协议的分析与设计[博士学位论文]. 西安:西安电子科技大学, 2018.
    引证文献
    网友评论
    网友评论
    分享到微博
    发 布
引用本文

高莹,李寒雨,王玮,刘翔,陈洁.不经意传输协议研究综述.软件学报,2023,34(4):1879-1906

复制
分享
文章指标
  • 点击次数:4553
  • 下载次数: 8423
  • HTML阅读次数: 4755
  • 引用次数: 0
历史
  • 收稿日期:2021-12-10
  • 最后修改日期:2022-01-27
  • 在线发布日期: 2022-07-22
  • 出版日期: 2023-04-06
文章二维码
友情链接:中国科学院软件研究所中国计算机学会中国科学院国家自然科学基金委员会CCF数字图书馆Int'l J of Softw Info计算机系统应用
您是第20541217位访问者
版权所有:中国科学院软件研究所 京ICP备05046678号-3
地址:北京市海淀区中关村南四街4号,邮政编码:100190
电话:010-62562563 传真:010-62562533 Email:jos@iscas.ac.cn
技术支持:北京勤云科技发展有限公司

京公网安备 11040202500063号