No Arabic abstract
We present a framework for fully-simulatable $h$-out-of-$n$ oblivious transfer ($OT^{n}_{h}$) with security against non-adaptive malicious adversaries. The framework costs six communication rounds and costs at most $40n$ public-key operations in computational overhead. Compared with the known protocols for fully-simulatable oblivious transfer that works in the plain mode (where there is no trusted common reference string available) and proven to be secure under standard model (where there is no random oracle available), the instantiation based on the decisional Diffie-Hellman assumption of the framework is the most efficient one, no matter seen from communication rounds or computational overhead. Our framework uses three abstract tools, i.e., perfectly binding commitment, perfectly hiding commitment and our new smooth projective hash. This allows a simple and intuitive understanding of its security. We instantiate the new smooth projective hash under the lattice assumption, the decisional Diffie-Hellman assumption, the decisional $N$-th residuosity assumption, the decisional quadratic residuosity assumption. This indeed shows that the folklore that it is technically difficult to instantiate the projective hash framework under the lattice assumption is not true. Whats more, by using this lattice-based hash and lattice-based commitment scheme, we gain a concrete protocol for $OT^{n}_{h}$ which is secure against quantum algorithms.
Due to the commonly known impossibility results, information theoretic security is considered impossible for oblivious transfer (OT) in both the classical and the quantum world. In this paper, we proposed a weak version of the all-or-nothing OT. In our protocol the honest parties do not need long term quantum memory, entanglements, or sophisticated quantum computations. We observe some difference between the classical and quantum OT impossibilities.
Oblivious transfer is an important primitive in modern cryptography. Applications include secure multiparty computation, oblivious sampling, e-voting, and signatures. Information-theoretically secure perfect 1-out-of 2 oblivious transfer is impossible to achieve. Imperfect variants, where both participants ability to cheat is still limited, are possible using quantum means while remaining classically impossible. Precisely what security parameters are attainable remains unknown. We introduce a theoretical framework for studying semirandom quantum oblivious transfer, which is shown to be equivalent to regular oblivious transfer in terms of cheating probabilities. We then use it to derive bounds on cheating. We also present a protocol with lower cheating probabilities than previous schemes, together with its optical realization. We show that a lower bound of 2/3 on the minimum achievable cheating probability can be directly derived for semirandom protocols using a different method and definition of cheating than used previously. The lower bound increases from 2/3 to approximately 0.749 if the states output by the protocol are pure and symmetric. The oblivious transfer scheme we present uses unambiguous state elimination measurements and can be implemented with the same technological requirements as standard quantum cryptography. The cheating probabilities are 3/4 and approximately 0.729 for sender and receiver respectively, which is lower than in existing protocols. Using a photonic test-bed, we have implemented the protocol with honest parties, as well as optimal cheating strategies.
Oblivious transfer is a cryptographic primitive where Alice has two bits and Bob wishes to learn some function of them. Ideally, Alice should not learn Bobs desired function choice and Bob should not learn any more than what is logically implied by the function value. While decent quantum protocols for this task are known, many become completely insecure if an adversary were to control the quantum devices used in the implementation of the protocol. In this work we give a fully device-independent quantum protocol for XOR oblivious transfer which is provably more secure than any classical protocol.
Users can improve the security of remote communications by using Trusted Execution Environments (TEEs) to protect against direct introspection and tampering of sensitive data. This can even be done with applications coded in high-level languages with complex programming stacks such as R, Python, and Ruby. However, this creates a trade-off between programming convenience versus the risk of attacks using microarchitectural side channels. In this paper, we argue that it is possible to address this problem for important applications by instrumenting a complex programming environment (like R) to produce a Data-Oblivious Transcript (DOT) that is explicitly designed to support computation that excludes side channels. Such a transcript is then evaluated on a Trusted Execution Environment (TEE) containing the sensitive data using a small trusted computing base called the Data-Oblivious Virtual Environment (DOVE). To motivate the problem, we demonstrate a number of subtle side-channel vulnerabilities in the R language. We then provide an illustrative design and implementation of DOVE for R, creating the first side-channel resistant R programming stack. We demonstrate that the two-phase architecture provided by DOT generation and DOVE evaluation can provide practical support for complex programming languages with usable performance and high security assurances against side channels.
Fully homomorphic encryption (FHE) enables a simple, attractive framework for secure search. Compared to other secure search systems, no costly setup procedure is necessary; it is sufficient for the client merely to upload the encrypted database to the server. Confidentiality is provided because the server works only on the encrypted query and records. While the search functionality is enabled by the full homomorphism of the encryption scheme. For this reason, researchers have been paying increasing attention to this problem. Since Akavia et al. (CCS 2018) presented a framework for secure search on FHE encrypted data and gave a working implementation called SPiRiT, several more efficient realizations have been proposed. In this paper, we identify the main bottlenecks of this framework and show how to significantly improve the performance of FHE-base secure search. In particular, 1. To retrieve $ell$ matching items, the existing framework needs to repeat the protocol $ell$ times sequentially. In our new framework, all matching items are retrieved in parallel in a single protocol execution. 2. The most recent work by Wren et al. (CCS 2020) requires $O(n)$ multiplications to compute the first matching index. Our solution requires no homomorphic multiplication, instead using only additions and scalar multiplications to encode all matching indices. 3. Our implementation and experiments show that to fetch 16 matching records, our system gives an 1800X speed-up over the state of the art in fetching the query results resulting in a 26X speed-up for the full search functionality.