| Summary: | 碩士 === 東海大學 === 資訊管理學系 === 104 === The Internet is an open, public and transparent environment in which various security threats and malicious attack are hidden during communications. Cryptosystems are therefore utilized for protecting the privacy of communication parties. An oblivious transfer protocol has been regarded as an important secure communication technique in cryptology, mainly because the oblivious transfer mechanism could be applied to e-commerce, confidential information exchange, e-contract, and so on. In the t-out-of-n oblivious transfer protocol, the sender possesses n pieces of information, from which the receiver could choose t pieces of information. However, the sender could not know which information is selected by the receiver and the receiver does not know the contents of the rest n-t pieces of information. Comparing to other cryptosystems, applying elliptic curve cryptosystems to the oblivious transfer protocol and replacing exponent operations with point operations not only could reduce the computational cost of oblivious transfer but also reinforce the protocol security.
Current elliptic curve cryptosystem based oblivious transfer systems could be divided into the operation models of “first encrypting message and then calculating the key” and “first calculating the key and then encrypting message”. The former is the commonest oblivious transfer mechanism currently, with which 1-out-of-2, 1-out-of-n, and t-out-of-n oblivious transfer protocols have been derived from various algorithms and transfer protocols and discussed. Nevertheless, most research, under the model of “first calculating the key and then encrypting message”, focuses on 1-out-of-2 and 1-out-of-n oblivious transfer protocols. More practical and complicated t-out-of-n problems are lack of complete research discussion and design implementation. Aiming at such a problem, the t-out-of-n oblivious transfer protocol based on the model of “first calculating the key and then encrypting information” under the elliptic curve cryptosystem technology is proposed in this study.
In addition to largely reducing the calculation amount with the characteristics of elliptic curve cryptosystems, the proposed t-out-of-n oblivious transfer protocol also designs the key with Cantor pairing function to effectively distinguish t pieces of selected and decrypted information. Nonetheless, the overall information transfer amount through this protocol is higher than general t-out-of-n oblivious transfer protocols under the model of “first encrypting message and then calculating the key”. The application of Cantor pairing function to oblivious transfer protocols is therefore extended in this study to reduce the total information transfer amount and allow t-out-of-n oblivious transfer better conforming to the practical requirements of high security, high efficiency, and low bandwidth.
|
|---|
