Efficient k-out-of-n oblivious transfer schemes. with adaptive and non-adaptive queries

Abstract

In this paper we propose efficient two-round k-out-of-n oblivious transfer schemes, in which R sends O(k) messages to S, and S sends 0(n) messages back to R. The computation cost of R and S is reasonable. The choices of R are unconditionally secure. For the basic scheme, the secrecy of unchosen messages is guaranteed. if the Decisional Diffie-Hellman problem is hard. When k = 1, our basic scheme is as efficient as the most efficient 1-out-of-n oblivious transfer scheme., Our schemes have the nice property of universal parameters, that is each pair of R and S need neither hold any secret key nor perform any prior setup (initialization). The system parameters can be used by all senders and receivers without any trapdoor specification. Our k-out-of-n oblivious transfer schemes are the most efficient ones in terms of the communication cost, in both rounds and the number of messages. Moreover, one of our schemes can be extended in a straightforwaxd way to an adaptive k-out-of-n oblivious transfer scheme, which allows the receiver R to choose the messages one by one adaptively. In our adaptivequery scheme, S sends O(n) messages to R in one round in the commitment phase. For each query of R, only O(1) messages are exchanged and O(1) operations axe performed. In fact, the number k of queries need not be pre-fixed or known beforehand. This makes our scheme highly flexible.