Statistically secure linear-rate dimension extension for oblivious affine function evaluation

Abstract

Consider the following natural generalization of the well-known Oblivious Transfer (OT) primitive, which we call Oblivious Affine Function Evaluation (OAFE): Given some finite vector space double-struck F qk, a designated sender party can specify an arbitrary affine function f : double-struck F q → double-struck F qk, such that a designated receiver party learns f(x) for a single argument x ∈ double-struck F q of its choice. This primitive is of particular interest, since analogously to the construction of garbled boolean circuits based on OT one can construct garbled arithmetic circuits based on OAFE. In this work we treat the quite natural question, if general double-struck F qk-OAFE can be efficiently reduced to double-struck F q-OAFE (i.e. the sender only inputs an affine function f : double-struck F q → double-struck F q). The analogous question for OT has previously been answered positively, but the respective construction turns out to be not applicable to OAFE due to an unobvious, yet non-artificial security problem. Nonetheless, we are able to provide an efficient, information-theoretically secure reduction along with a formal security proof based on some specific algebraic properties of random double-struck F q-matrices. © 2012 Springer-Verlag.