Oblivious Transfer: Discrete Logs and Elliptic Curves

Translating from discrete logs to elliptic curves can be useful if we go from research papers to real implementations, as research papers often outline the discrete log form, whereas in real life we would typically implement with elliptic curves. In this case we will implement a simple oblivious transfer method [1].

Bob the Investigator

So, we are Bob the Investigator and investigating a serious crime, and we suspect that Eve is the person who is involved in the crime. We now need to approach her employer (Alice) and ask for some information on her. So how do we do this without Alice knowing that we suspect Eve? Well oblivious transfer (OT) performs this. Let’s say that HackerZForU employ Eve and Trent, and we are only interested in getting information on Eve. Alice runs the company.

Now the method we will use is based on the Diffie-Hellman key exchange (DHE) method, but is modified so that we generated two keys for Alice to pass the data. One will work and the other will be useless. Alice will have no idea which of the keys will work, and the information that we can look at. In this case we’ll ask for data from both Eve and Trent, and Alice will not know which of them is the suspect.

First Alice and Bob generate random numbers (a and b) and agree on a prime…