Oblivious Transfer in the Universally Composable Security Model

A new promising direction in cryptography, started almost twenty years ago, is the field of Secure Multiparty Computation. In this scenario a set of players want to compute some functions on their inputs, but they don’t trust each other so they don’t want to disclose their inputs to each other. The purpose of this thesis is to investigate the Oblivious Transfer primitive, one of the fundamental bricks that allow protocol designers to build Secure Multiparty protocols. An Oblivious Transfer involves two parties, a sender and a receiver. The sender has two secret information. The receiver selects to retrieve one of them, without disclosing which one of them. At the same time the receiver is not allowed to learn more than one secret. We investigate and provide a protocol that is secure in the Universally Composable model, a recently introduced security framework that became popular mainly because of the related composition theorem, that ensures that when a protocol is secure in this model, it will be still secure even if run together with an arbitrary number of copies of the same protocol. This requirement is really important for an OT protocol, given that it’s used as a fundamental block to build more complex protocols and systems. Our main contribution is to provide the first protocol that achieve Universally Composable security with just two rounds of communication, and without resorting to any third parties. Therefore, it is optimal both according to the number of rounds and to the number of parties involved.