Achieving Oblivious Transfer Capacity of Generalized Erasure Channels in the Malicious Model

Information-theoretically secure string oblivious transfer (OT) can be constructed based on discrete memoryless channel (DMC). The oblivious transfer capacity of a channel characterizes - similarly to the (standard) information capacity - how efficiently it can be exploited for secure oblivious transfer of strings. The OT capacity of a generalized erasure channel (GEC) - which is a combination of a (general) DMC with the erasure channel - has been established by Ahlswede and Csizar at ISIT´07 in the case of passive adversaries. In this paper, we present the protocol that achieves this capacity against malicious adversaries for GEC with erasure probability at least 1/2. Our construction is based on the protocol of Crepeau and Savvides from Eurocrypt´06 which uses interactive hashing (IH). We solve an open question posed by the above paper, by basing it upon a constant round IH scheme (previously proposed by Ding et al. at TCC´04). As a side result, we show that the Ding et al. IH protocol can deal with transmission errors.