Achieving Oblivious Transfer Capacity of Generalized Erasure Channels in the Malicious Model

Information-theoretically secure string oblivious transfer (OT) can be constructed based on discrete memoryless channel (DMC). The oblivious transfer capacity of a channel characterizes-similarly to the (standard) information capacity-how efficiently it can be exploited for secure oblivious transfer of strings. The OT capacity of a generalized erasure channel (GEC)-which is a combination of a (general) DMC with the erasure channel-has been established by Ahlswede and Csizar at ISIT'07 in the case of passive adversaries. In this paper, we present the protocol that achieves this capacity against malicious adversaries for GEC with erasure probability at least 1/2. Our construction is based on the protocol of Crepeau and Savvides from Eurocrypt'06 which uses interactive hashing (IH). We solve an open question posed by the above paper, by basing it upon a constant round IH scheme (previously proposed by Ding et al. at TCC'04). As a side result, we show that the Ding et al. IH protocol can deal with transmission errors.