Closed michaelwooley closed 1 year ago
Seems like there is a security proof for KOS now, see https://github.com/osu-crypto/libOTe/issues/87
(aside: I couldn't see how this PR was resolved by https://github.com/GaloisInc/swanky/commit/86e3823a24c628b1f0c714c94654688006eaec22)
The paper which originally seemed to have given a proof was updated https://eprint.iacr.org/2022/1371 and now it confirms that KOS security proof is essentially broken for all practical values of k
maybe this needs to be re-opened @amaloz
Hi,
I was browsing your OT protocols and noticed that Keller, Orsini, and Scholl (KOS) have posted an "update" to their paper acknowledging a flaw pointed out by Roy.
I haven't begun to dig into what precisely is happening but it looks like: