We show that any OT extension protocol based on one-way functions (or more generally any symmetric-key primitive) either requires an additional round compared to the base OTs or must make a non-black-box use of one-way functions. This result also holds in the semi-honest setting or in the case of certain setup models such as the common random string model. This implies that OT extension in any secure computation protocol must come at the price of an additional round of communication or the non-black-box use of symmetric key primitives. Moreover, we observe that our result is tight in the sense that positive results can indeed be obtained using non-black-box techniques or at the cost of one additional round of communication
Katz and Ostrovsky (Crypto 2004) proved that five rounds are necessary for stand-alone general black...
We investigate the exact round complexity of secure multiparty computation (MPC) against *covert* ad...
We revisit the exact round complexity of secure two-party computation. While four rounds are known t...
Oblivious transfer (OT) is one of the most fundamental primitives in cryptography and is widely used...
Oblivious Transfer (OT) is one of the most fundamental cryptographic primitives with wide-spread app...
International audienceWe consider the problem of securely generating useful instances of two-party c...
Secure two-party computation allows two parties to evaluate a function on their private inputs while...
We describe an actively secure OT extension protocol in the random oracle model with efficiency very...
We consider the question of minimizing the round complexity of protocols for secure multiparty compu...
In [Eurocrypt 2004] Katz and Ostrovsky establish the exact round complexity of secure two-party comp...
Oblivious transfer (OT) is a cryptographic primitive originally used to transfer a collection of mes...
In [Eurocrypt 2004] Katz and Ostrovsky establish the exact round complexity of secure two-party comp...
We improve the upper bound on the round complexity for perfectly concealing bit commitment schemes b...
International audienceThis paper describes a 1-out-of-N oblivious transfer (OT) extension protocol w...
We present the first round-optimal and plausibly quantum-safe oblivious transfer (OT) and multi-part...
Katz and Ostrovsky (Crypto 2004) proved that five rounds are necessary for stand-alone general black...
We investigate the exact round complexity of secure multiparty computation (MPC) against *covert* ad...
We revisit the exact round complexity of secure two-party computation. While four rounds are known t...
Oblivious transfer (OT) is one of the most fundamental primitives in cryptography and is widely used...
Oblivious Transfer (OT) is one of the most fundamental cryptographic primitives with wide-spread app...
International audienceWe consider the problem of securely generating useful instances of two-party c...
Secure two-party computation allows two parties to evaluate a function on their private inputs while...
We describe an actively secure OT extension protocol in the random oracle model with efficiency very...
We consider the question of minimizing the round complexity of protocols for secure multiparty compu...
In [Eurocrypt 2004] Katz and Ostrovsky establish the exact round complexity of secure two-party comp...
Oblivious transfer (OT) is a cryptographic primitive originally used to transfer a collection of mes...
In [Eurocrypt 2004] Katz and Ostrovsky establish the exact round complexity of secure two-party comp...
We improve the upper bound on the round complexity for perfectly concealing bit commitment schemes b...
International audienceThis paper describes a 1-out-of-N oblivious transfer (OT) extension protocol w...
We present the first round-optimal and plausibly quantum-safe oblivious transfer (OT) and multi-part...
Katz and Ostrovsky (Crypto 2004) proved that five rounds are necessary for stand-alone general black...
We investigate the exact round complexity of secure multiparty computation (MPC) against *covert* ad...
We revisit the exact round complexity of secure two-party computation. While four rounds are known t...