Smooth Projective Hashing and Two-Message Oblivious Transfer

We present a general framework for constructing two-message oblivious transfer protocols using a modification of Cramer and Shoup’s notion of smooth projective hashing (2002). Our framework is actually an abstraction of the two-message oblivious transfer protocols of Naor and Pinkas (2001) and Aiello et. al. (2001), whose security is based on the Decisional Diffie Hellman Assumption. In particular, this framework gives rise to two new oblivious transfer protocols. The security of one is based on the N’th-Residuosity Assumption, and the security of the other is based on both the Quadratic Residuosity Assumption and the Extended Riemann Hypothesis. When using smooth projective hashing in this context, we must deal with maliciously chosen smooth projective hash families. This raises new technical difficulties that did not arise in previous applications, and in particular it is here that the Extended Riemann Hypothesis comes into play. Similar to the previous two-message protocols for oblivious transfer, our constructions give a security guarantee which is weaker than the traditional, simulation based, definition of security. Nevertheless, the security notion that we consider is nontrivial and seems to be meaningful for some applications in which oblivious transfer is used in the presence of malicious adversaries.