[Rab81] How to Exchange Secrets with Oblivious Transfer

Authors: Michael O. Rabin | Venue: Technical Report TR-81, Harvard University, 1981 | Source

Abstract

Introduces the concept of oblivious transfer: a protocol between a sender and a receiver in which the sender transmits a single secret message, and the receiver obtains the message with probability 1/2 — but the sender is oblivious as to whether the transmission was successful. The protocol is based on the computational hardness of computing square roots modulo a product of two large primes, i.e., the difficulty of factoring. This notion — now called Rabin OT to distinguish it from the later 1-out-of-2 formulation — is shown to be a powerful cryptographic primitive enabling the secure exchange of secrets between mutually distrustful parties.