KOS OT flaw pointed out by Roy 2022

GaloisInc / swanky

A suite of rust libraries for secure multi-party computation

MIT License

264 stars 55 forks source link

KOS OT flaw pointed out by Roy 2022 #22

Closed michaelwooley closed 1 year ago

michaelwooley commented 2 years ago

Hi,

I was browsing your OT protocols and noticed that Keller, Orsini, and Scholl (KOS) have posted an "update" to their paper acknowledging a flaw pointed out by Roy.

I haven't begun to dig into what precisely is happening but it looks like:

The KOS protocol now lacks a security proof.
There is a proposed fix to the original protocol [but it still lacks a security proof it seems?]

themighty1 commented 1 year ago

Seems like there is a security proof for KOS now, see https://github.com/osu-crypto/libOTe/issues/87

themighty1 commented 1 year ago

(aside: I couldn't see how this PR was resolved by https://github.com/GaloisInc/swanky/commit/86e3823a24c628b1f0c714c94654688006eaec22)

The paper which originally seemed to have given a proof was updated https://eprint.iacr.org/2022/1371 and now it confirms that KOS security proof is essentially broken for all practical values of k

maybe this needs to be re-opened @amaloz