IACR News item: 23 March 2015
Tung Chou, Claudio Orlandi
ePrint ReportDue to its simplicity, the protocol is extremely efficient and it allows to perform $n$ OTs using only:
\\begin{itemize}
\\item \\textbf{Computation:} $3n+2$ exponentiations ($2n$ for the receiver, $n+2$ for the sender) and
\\item \\textbf{Communication:} $32(n+1)$ bytes (for the group elements), and $2n$ ciphertexts.
\\end{itemize}
We also report on an implementation of the protocol using elliptic curves (Curve25519), and on a number of mechanisms we employ to ensure that our software is secure against active attacks too.
Experimental results show that our protocol (thanks to both algorithmic and implementation optimizations) is at least one order of magnitude faster than previous work.
Additional news items may be found on the IACR news page.