Table of contents

  • This session has been presented June 16, 2017.

Description

  • Speaker

    Fabrice Mouhartem - Ens Lyon

Adaptive oblivious transfer (OT) is a protocol where a sender initially commits to a database M_1, …, M_N. Then, a receiver can query the sender up to k times with private indexes ρ_1, …, ρ_k so as to obtain M_{ρ_1}, …, M_{ρ_k} and nothing else. Moreover, for each i ∈ [k], the receiver’s choice ρ_i may depend on previously obtained messages {M_{ρ_j}}_{j< i} . Oblivious transfer with access control (OT-AC) is a flavor of adaptive OT where database records are protected by distinct access control policies that specify which credentials a receiver should obtain in order to acces each M_i. So far, all known OT-AC protocols only support access policies made of conjunctions or rely on ad hoc assumptions in pairing-friendly groups (or both). In this paper, we provide an OT-AC protocol where access policies may consist of any branching program of polynomial length, which is sufficient to realize any access policy in NC^1. The security of our protocol is proved under the Learning-with-Errors (LWE) and Short-Integer-Solution (SIS) assumptions. As a result of independent interest, we provide protocols for proving the correct evaluation of a committed branching program on a committed input. This is joint work with Benoît Libert, San Ling, Khoa Nguyen and Huaxiong Wang.

Next sessions

  • !!! Reporté !!! Encryption homomorphe sans bruit à l'aide de groupes

    • June 26, 2026 (13:45 - 14:45)

    • IRMAR - Université de Rennes - Campus Beaulieu Bat. 22, RDC, Rennes - Amphi Lebesgue

    Speaker : Pierre Guillot - Ravel Technologies (dispo Université de Strasbourg, IRMA)

    Je vais rappeler les travaux de Nuida et Ostrovski sur l'utilisation des groupes pour l'élaboration de schémas cryptographiques homomorphes. Je vais présenter nos travaux qui fournissent des encodages à la fois plus efficaces et plus généraux, et qui déterminent exactement quels groupes peuvent être utilisés.   Puis je vais discuter GRAFHEN, un protocole qui utilise ces idées. Je dirai juste[…]

    • Cryptography

  • MIKE: An efficient and compact NIKE Based on a Commutative Monoidal Action 

    • July 03, 2026 (13:45 - 14:45)

    • IRMAR - Université de Rennes - Campus Beaulieu Bat. 22, RDC, Rennes - Amphi Lebesgue

    Speaker : Jonathan Komada Eriksen - COSIC, KU Leuven

    Robert recently described a powerful correspondence between certain (Hermitian) modules and (polarized) abelian varieties, which simultaneously generalizes both the class-group action underlying protocols such as CSIDH, and the Deuring correspondence, underlying protocols such as SQIsign. Using this correspondence, he also proposed how to construct a post-quantum NIKE, called MIKE, which, at a[…]

    • Cryptography

Show previous sessions
Page top