In Asiacrypt’08, Green and Hohenberger presented an adaptive oblivious transfer (OT) scheme which makes use of a signature built from the Boneh-Boyen Identity Based Encryption. In this note, we show that the signature scheme is vulnerable to known-message attacks and the reduction used in the proof of Lemma A.6 is flawed. We also remark that the paradigm of “encryption and proof of knowledge” adopted in the OT scheme is unnecessary because the transferred message must be “recognizable” in practice, otherwise the receiver cannot decide which message to retrieve. However, we would like to stress that this work does not break the OT scheme itself.
CITATION STYLE
Cao, Z., Lafitte, F., & Markowitch, O. (2014). A note on a signature building block and relevant security reduction in the green-hohenberger ot scheme. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 8567, pp. 282–288). Springer Verlag. https://doi.org/10.1007/978-3-319-12087-4_18
Mendeley helps you to discover research relevant for your work.