The Study Of Oblivious Transfer Protocol And Its Application

Oblivious transfer (OT) protocol is a privacy-preserving cryptology protocol. It can not only be used to construct other security protocols, but also be directly applied in electronic commerce, healthcare, content protection and other systems to protect all partis'privacy. Therefore, it has practical needs to propose safer, effective OT schemes.Firstly, we propose a new oblivious transfer scheme based on intractability of the elliptic curve digital signature (ECDSA -OT) in this paper, which can well solve the issue of receiver's access control. Most OT protocols are based on intractability of factoring, but considering elliptic curve discrete logarithm problem doesn't exist a sub-exponential-time algorithm, therefore, the scheme of ECDSA -OT can achieve the same security using shorter key length, save the processing time and reduce communication costs in the protocol. In addition, the receiver can decrypt the message only if she has the trusted third party's signature, avoiding an attacker to steal the message to a certain degree.Secondly, we put forward a distributed oblivious transfer (DOT) scheme that is suitable for arbitrary k. We make OT protocols expand to a distributed setting in order to solve the bottleneck problem, such as high computational complexity, low efficiency, high bandwidth consumption. However, almost all DOT schemes are based on (k, n) threshold schemes, and the sender's privacy can not be guaranteed, even if the protocol itself is security, if we can not ensure that a receiver gets information from at most k servers. The above scheme effectively avoids the restriction of the threshold k, and can guarantee the send's security.Thirdly, we present a verifiable distributed oblivious transfer scheme based on secret sharing. In the distributed oblivious transfer protocol, we usually assume all proxy servers are semi-honest for facilitating security analysis. However, if some proxy servers are malicious, they can mislead the receiver to reconstruct a false item. The study shows that the proposed scheme can well prevent a malicious proxy server from violating the receiver's privacy by tampering with his share of one item.Finally, applying DOT protocol in association rules mining, we not only propose an association rules mining algorithm with distributed oblivious transfer protocol, but also design and realize a small simulation system based on it. This system can avoid the deficiencies caused by centralized data mining, and ensure that users can safely interact statistical information but do not involve concrete privacy details. Moreover, it also breaks the limitation that the receiver can only obtain one message in the common form of DOT schemes.