A verifiable distributed oblivious transfer protocol

Abstract

In the various distributed oblivious transfer (DOT) protocols designed in an unconditionally secure environment, a receiver contacts k out of m servers to obtain one of the n secrets held by a sender. After a protocol has been executed, the sender has no information on the choice of the receiver and the receiver has no information on the secrets she did not obtain. These protocols are based on a semi-honest model: no mechanism prevents a group of malicious servers from disrupting the protocol such that the secret obtained by the receiver does not correspond to the chosen secret. This paper presents ongoing work towards the definition of the first unconditionally secure verifiable DOT protocol in the presence of an active adversary who may corrupt up to k - 1 servers. In addition to the active adversary, we also assume that the sender may (passively) corrupt up to k - 1 servers to learn the choice of the receiver. Similarly, the receiver may (passively) corrupt up to k - 1 servers to learn more than the chosen secret. Our DOT protocol allows the receiver to contact 4k - 3 servers to obtain one secret, while the required security is maintained. © 2011 Springer-Verlag.