Module ocelot::ot::chou_orlandi
source · [−]Expand description
Implementation of the Chou-Orlandi oblivious transfer protocol (cf. https://eprint.iacr.org/2015/267).
This implementation uses the Ristretto prime order elliptic curve group from
the curve25519-dalek library and works over blocks rather than arbitrary
length messages.
This version fixes a bug in the current ePrint write-up
(https://eprint.iacr.org/2015/267/20180529:135402, Page 4): if the value
x^i produced by the receiver is not randomized, all the random-OTs
produced by the protocol will be the same. We fix this by hashing in i
during the key derivation phase.