T-out-of-n distributed oblivious transfer protocols in non-adaptive and adaptive settings

Abstract

The unconditionally secure Distributed Oblivious Transfer (DOT) protocol introduced by Naor and Pinkas allows a receiver to contact k servers and obtain one out of two secrets held by a sender. In its generalized version presented by Blundo, D'Arco, De Santis, and Stinson, a receiver can choose one out of n secrets. In this paper, we introduce three unconditionally secure DOT protocols which allow a receiver to obtain t out of n secrets. The first protocol allows the receiver to obtain t secrets in one round only, provided she is able to communicate with k + t - 1 servers. The settings of the second and third protocols are adaptive, i.e., the receiver sequentially sends t queries to the servers to obtain t secrets. In the second protocol, the number of receiver's queries is limited unlike in the third one, where the contacted servers need to communicate with each other. These three protocols, like other unconditionally secure oblivious transfer protocols, guarantee the security of the sender and the privacy of the receiver. In addition, the sender's security is guaranteed against a coalition of the receiver and k - 1 servers and, similarly, the receiver's privacy is guaranteed against a coalition of k - 1 servers. © 2012 Springer-Verlag.