The problem of two-party oblivious polynomial evaluation (OPE) is studied, where one party (Alice) has a polynomial P(x) and the other party (Bob) with an input x wants to learn P(x) in such an oblivious way that Bob ...The problem of two-party oblivious polynomial evaluation (OPE) is studied, where one party (Alice) has a polynomial P(x) and the other party (Bob) with an input x wants to learn P(x) in such an oblivious way that Bob obtains P(x) without learning any additional information about P except what is implied by P(x) and Alice does not know Bob's input x. The former OPE protocols are based on an intractability assumption except for OT protocols. In fact, evaluating P(x) is equivalent to computing the product of the coefficient vectors (a(0),...,a(n)) and (1,...,x(n)). Using this idea, an efficient scale product protocol of two vectors is proposed first and then two OPE protocols are presented which do not need any other cryptographic assumption except for OT protocol. Compared with the existing OPE protocol, another characteristic of the proposed protocols is the degree of the polynomial is private. Another OPE protocol works in case of existence of untrusted third party. Keywords oblivious polynomial evaluation, oblivious transfer, secure multi-party computation, information.展开更多
Oblivious polynomial evaluation(OPE)is a two-party protocol that allows a receiver,R to learn an evaluation f(α),of a sender,S's polynomial(f(x)),whilst keeping both a and f(x)private.This protocol has attracted ...Oblivious polynomial evaluation(OPE)is a two-party protocol that allows a receiver,R to learn an evaluation f(α),of a sender,S's polynomial(f(x)),whilst keeping both a and f(x)private.This protocol has attracted a lot of attention recently,as it has wide ranging applications in the field of cryptography.In this article we review some of these applications and,additionally,take an in-depth look at the special case of information theoretic OPE.Specifically,we provide a current and critical review of the existing information theoretic OPE protocols in the literature.We divide these protocols into two distinct cases(three-party and distributed OPE)allowing for the easy distinction and classification of future information theoretic OPE protocols.In addition to this work,we also develop several modifications and extensions to existing schemes,resulting in increased security,flexibility and efficiency.Lastly,we also identify a security flaw in a previously published OPE scheme.展开更多
This paper is about distributed oblivious function evaluation (DOFE). In this setting one party (Alice) has a functionf(x), and the other party (Bob) with an input α wants to learnf(α) in an oblivious way with the h...This paper is about distributed oblivious function evaluation (DOFE). In this setting one party (Alice) has a functionf(x), and the other party (Bob) with an input α wants to learnf(α) in an oblivious way with the help of a set of servers. What Alice should do is to share her secret functionf(x) among the servers. Bob obtains what he should get by interacting with the servers. This paper proposes the model and security requirements for DOFE and analyzes three distributed oblivious polynomial evaluation protocols presented in the paper. Keywords oblivious function evaluation - oblivious polynomial evaluation - secure multiparty computation - distributed - information security The research is supported by the National Basic Research 973 Program of China under Grant No. 1999035802 and the National Natural Science Foundation of China under Grant No.60273029.Hong-Da Li was born in 1960. He received the Ph.D. degree from Northwestern Polytechnical University in 2001. His current research interests are cryptology and cryptographic protocol.Xiong Yang received the B.S. degree in mathematics from Yan'an University, China, in 1984. He is an associate professor in College of Economy and Trade at South China University of Tropical Agriculture. His research interest is information security.Deng-Guo Feng was born in 1963. He is now a Ph.D. supervisor. His research interests focus on information security.Bao Li was born in 1965. He received the Ph.D. degree in cryptography in 1995 from Xidian University. His research interests include cryptographic protocols and public key cryptosystems.展开更多
文摘The problem of two-party oblivious polynomial evaluation (OPE) is studied, where one party (Alice) has a polynomial P(x) and the other party (Bob) with an input x wants to learn P(x) in such an oblivious way that Bob obtains P(x) without learning any additional information about P except what is implied by P(x) and Alice does not know Bob's input x. The former OPE protocols are based on an intractability assumption except for OT protocols. In fact, evaluating P(x) is equivalent to computing the product of the coefficient vectors (a(0),...,a(n)) and (1,...,x(n)). Using this idea, an efficient scale product protocol of two vectors is proposed first and then two OPE protocols are presented which do not need any other cryptographic assumption except for OT protocol. Compared with the existing OPE protocol, another characteristic of the proposed protocols is the degree of the polynomial is private. Another OPE protocol works in case of existence of untrusted third party. Keywords oblivious polynomial evaluation, oblivious transfer, secure multi-party computation, information.
文摘Oblivious polynomial evaluation(OPE)is a two-party protocol that allows a receiver,R to learn an evaluation f(α),of a sender,S's polynomial(f(x)),whilst keeping both a and f(x)private.This protocol has attracted a lot of attention recently,as it has wide ranging applications in the field of cryptography.In this article we review some of these applications and,additionally,take an in-depth look at the special case of information theoretic OPE.Specifically,we provide a current and critical review of the existing information theoretic OPE protocols in the literature.We divide these protocols into two distinct cases(three-party and distributed OPE)allowing for the easy distinction and classification of future information theoretic OPE protocols.In addition to this work,we also develop several modifications and extensions to existing schemes,resulting in increased security,flexibility and efficiency.Lastly,we also identify a security flaw in a previously published OPE scheme.
文摘This paper is about distributed oblivious function evaluation (DOFE). In this setting one party (Alice) has a functionf(x), and the other party (Bob) with an input α wants to learnf(α) in an oblivious way with the help of a set of servers. What Alice should do is to share her secret functionf(x) among the servers. Bob obtains what he should get by interacting with the servers. This paper proposes the model and security requirements for DOFE and analyzes three distributed oblivious polynomial evaluation protocols presented in the paper. Keywords oblivious function evaluation - oblivious polynomial evaluation - secure multiparty computation - distributed - information security The research is supported by the National Basic Research 973 Program of China under Grant No. 1999035802 and the National Natural Science Foundation of China under Grant No.60273029.Hong-Da Li was born in 1960. He received the Ph.D. degree from Northwestern Polytechnical University in 2001. His current research interests are cryptology and cryptographic protocol.Xiong Yang received the B.S. degree in mathematics from Yan'an University, China, in 1984. He is an associate professor in College of Economy and Trade at South China University of Tropical Agriculture. His research interest is information security.Deng-Guo Feng was born in 1963. He is now a Ph.D. supervisor. His research interests focus on information security.Bao Li was born in 1965. He received the Ph.D. degree in cryptography in 1995 from Xidian University. His research interests include cryptographic protocols and public key cryptosystems.
