Oblivious Transfer and Garbled Circuits
oblivious transfer, garbled circuits
Beschreibung
Oblivious transfer is a cryptographic protocol between a sender and a receiver. The server has multiple pieces of information, and according to which he/she has initially chosen, the receiver obtains only one of them. The sender remains oblivious to which information the receiver got.
Garbled circuits is the name of a cryptographic technique used for secure multi-party computation. It allows multiple parties to jointly compute a function on their private inputs, while preserving the privacy of the parties.
The task of the student is to understand the concept of garbled circuits ([4], [6]) based on oblivious transfer ([1], [2], [3], [5]).
References:
[1] W. Diffie and M. Hellman. New directions in cryptography. IEEE Transactions on Information Theory, 22(6):644–654, November 1976.
[2] Ronald L. Rivest, Adi Shamir, and Leonard M. Adleman. A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM, 26:96–99, 1978.
[3] Michael Rabin. How to exchange secrets with oblivious transfer. 1981.
[4] Andrew C. Yao. Protocols for secure computations. In 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982), pages 160–164, 1982.
[5] S. Even, O. Goldreich, and A. Lempel, “A randomized protocol for signing contracts,” Commun. ACM, vol. 28, pp. 637–647, 01 1985.
[6] Andrew Chi-Chih Yao. How to generate and exchange secrets. In 27th Annual Symposium on Foundations of Computer Science (sfcs 1986), pages 162–167, 198.
Voraussetzungen
Security in Communications and Storage
Betreuer:
Single-Server Private Information Retrieval
Beschreibung
Private Information Retrieval (PIR) is the problem of retrieving a desired data from a server/s while preventing the server from finding out the retrieved data. The scenario we consider has two additional constraints. Firstly, there is only a single server to retrieve the data from, and secondly, the retrievers should remain oblivious to the data they are not initially interested in.
The task of the student is to understand comparatively analyze the proposed approaches to this problem in [1] and [2].
References:
[1] E. Kushilevitz and R. Ostrovsky. Replication is not needed: single database, computationally-private information retrieval. In Proceedings of the 38th Annual Symposium on Foundations of Computer Science, FOCS ’97, page 364, USA, 1997. IEEE Computer Society
[2] Carlos AGUILAR MELCHOR and Philippe GABORIT. A lattice-based computationally-efficient
private information retrieval protocol. Cryptology ePrint Archive, Paper 2007/446, 2007.
Voraussetzungen
Security in Communications and Storage