{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,4]],"date-time":"2026-04-04T01:25:30Z","timestamp":1775265930441,"version":"3.50.1"},"publisher-location":"Cham","reference-count":35,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030038090","type":"print"},{"value":"9783030038106","type":"electronic"}],"license":[{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018]]},"DOI":"10.1007\/978-3-030-03810-6_14","type":"book-chapter","created":{"date-parts":[[2018,11,7]],"date-time":"2018-11-07T16:30:29Z","timestamp":1541608229000},"page":"370-390","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":60,"title":["Two-Message Statistically Sender-Private OT from LWE"],"prefix":"10.1007","author":[{"given":"Zvika","family":"Brakerski","sequence":"first","affiliation":[]},{"given":"Nico","family":"D\u00f6ttling","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2018,11,8]]},"reference":[{"key":"14_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"119","DOI":"10.1007\/3-540-44987-6_8","volume-title":"Advances in Cryptology \u2014 EUROCRYPT 2001","author":"B Aiello","year":"2001","unstructured":"Aiello, B., Ishai, Y., Reingold, O.: Priced oblivious transfer: how to sell digital goods. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 119\u2013135. Springer, Heidelberg (2001). https:\/\/doi.org\/10.1007\/3-540-44987-6_8"},{"key":"14_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/3-540-48523-6_1","volume-title":"Automata, Languages and Programming","author":"M Ajtai","year":"1999","unstructured":"Ajtai, M.: Generating hard instances of the short basis problem. In: Wiedermann, J., van Emde Boas, P., Nielsen, M. (eds.) ICALP 1999. LNCS, vol. 1644, pp. 1\u20139. Springer, Heidelberg (1999). https:\/\/doi.org\/10.1007\/3-540-48523-6_1"},{"key":"14_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"275","DOI":"10.1007\/978-3-319-70700-6_10","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2017","author":"S Badrinarayanan","year":"2017","unstructured":"Badrinarayanan, S., Garg, S., Ishai, Y., Sahai, A., Wadia, A.: Two-message witness indistinguishability and secure computation in the plain model from new assumptions. In: Takagi, T., Peyrin, T. (eds.) ASIACRYPT 2017. LNCS, vol. 10626, pp. 275\u2013303. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-70700-6_10"},{"key":"14_CR4","unstructured":"Badrinarayanan, S., Goyal, V., Jain, A., Kalai, Y.T., Khurana, D., Sahai, A.: Promise zero knowledge and its applications to round optimal MPC. IACR Cryptology ePrint Archive 2017, 1088 (2017). http:\/\/eprint.iacr.org\/2017\/1088"},{"key":"14_CR5","doi-asserted-by":"publisher","first-page":"743","DOI":"10.1007\/978-3-319-70500-2_25","volume-title":"Theory of Cryptography","author":"Saikrishna Badrinarayanan","year":"2017","unstructured":"Badrinarayanan, S., Goyal, V., Jain, A., Khurana, D., Sahai, A.: Round optimal concurrent MPC via strong simulation. In: Kalai and Reyzin [20], pp. 743\u2013775. https:\/\/doi.org\/10.1007\/978-3-319-70500-2_25"},{"issue":"1","key":"14_CR6","doi-asserted-by":"publisher","first-page":"625","DOI":"10.1007\/BF01445125","volume":"296","author":"W Banaszczyk","year":"1993","unstructured":"Banaszczyk, W.: New bounds in some transference theorems in the geometry of numbers. Math. Ann. 296(1), 625\u2013635 (1993)","journal-title":"Math. Ann."},{"key":"14_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"547","DOI":"10.1007\/0-387-34805-0_48","volume-title":"Advances in Cryptology \u2014 CRYPTO 1989 Proceedings","author":"M Bellare","year":"1990","unstructured":"Bellare, M., Micali, S.: Non-interactive oblivious transfer and applications. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 547\u2013557. Springer, New York (1990). https:\/\/doi.org\/10.1007\/0-387-34805-0_48"},{"key":"14_CR8","doi-asserted-by":"publisher","first-page":"645","DOI":"10.1007\/978-3-319-70500-2_22","volume-title":"Theory of Cryptography","author":"Zvika Brakerski","year":"2017","unstructured":"Brakerski, Z., Halevi, S., Polychroniadou, A.: Four round secure computation without setup. In: Kalai and Reyzin [20], pp. 645\u2013677. https:\/\/doi.org\/10.1007\/978-3-319-70500-2_22"},{"key":"14_CR9","unstructured":"Brakerski, Z., Langlois, A., Peikert, C., Regev, O., Stehl\u00e9, D.: Classical hardness of learning with errors. In: Boneh, D., Roughgarden, T., Feigenbaum, J. (eds.) Symposium on Theory of Computing Conference, STOC 2013, Palo Alto, CA, USA, 1\u20134 June 2013, pp. 575\u2013584. ACM (2013). http:\/\/doi.acm.org\/10.1145\/2488608.2488680"},{"key":"14_CR10","doi-asserted-by":"crossref","unstructured":"Chung, K., Dadush, D., Liu, F., Peikert, C.: On the lattice smoothing parameter problem. In: IEEE Conference on Computational Complexity, pp. 230\u2013241. IEEE Computer Society (2013)","DOI":"10.1109\/CCC.2013.31"},{"issue":"1","key":"14_CR11","doi-asserted-by":"publisher","first-page":"97","DOI":"10.1137\/060651380","volume":"38","author":"Y Dodis","year":"2008","unstructured":"Dodis, Y., Ostrovsky, R., Reyzin, L., Smith, A.D.: Fuzzy extractors: how to generate strong keys from biometrics and other noisy data. SIAM J. Comput. 38(1), 97\u2013139 (2008)","journal-title":"SIAM J. Comput."},{"key":"14_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"523","DOI":"10.1007\/978-3-540-24676-3_31","volume-title":"Advances in Cryptology - EUROCRYPT 2004","author":"Y Dodis","year":"2004","unstructured":"Dodis, Y., Reyzin, L., Smith, A.: Fuzzy extractors: how to generate strong keys from biometrics and other noisy data. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 523\u2013540. Springer, Heidelberg (2004). https:\/\/doi.org\/10.1007\/978-3-540-24676-3_31"},{"key":"14_CR13","doi-asserted-by":"crossref","unstructured":"Gertner, Y., Kannan, S., Malkin, T., Reingold, O., Viswanathan, M.: The relationship between public key encryption and oblivious transfer. In: FOCS, pp. 325\u2013335. IEEE Computer Society (2000)","DOI":"10.1109\/SFCS.2000.892121"},{"key":"14_CR14","doi-asserted-by":"crossref","unstructured":"Goldreich, O., Goldwasser, S.: On the limits of non-approximability of lattice problems. In: Vitter, J.S. (ed.) Proceedings of the Thirtieth Annual ACM Symposium on the Theory of Computing, Dallas, Texas, USA, 23\u201326 May 1998, pp. 1\u20139. ACM (1998). http:\/\/doi.acm.org\/10.1145\/276698.276704","DOI":"10.1145\/276698.276704"},{"key":"14_CR15","doi-asserted-by":"crossref","unstructured":"Goldreich, O., Micali, S., Wigderson, A.: How to play any mental game or a completeness theorem for protocols with honest majority. In: Aho, A.V. (ed.) Proceedings of the 19th Annual ACM Symposium on Theory of Computing, 1987, New York, New York, USA, pp. 218\u2013229. ACM (1987). http:\/\/doi.acm.org\/10.1145\/28395.28420","DOI":"10.1145\/28395.28420"},{"issue":"1","key":"14_CR16","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/BF00195207","volume":"7","author":"O Goldreich","year":"1994","unstructured":"Goldreich, O., Oren, Y.: Definitions and properties of zero-knowledge proof systems. J. Cryptol. 7(1), 1\u201332 (1994)","journal-title":"J. Cryptol."},{"key":"14_CR17","unstructured":"Halevi, S., Hazay, C., Polychroniadou, A., Venkitasubramaniam, M.: Round-optimal secure multi-party computation. IACR Cryptology ePrint Archive 2017, 1056 (2017). http:\/\/eprint.iacr.org\/2017\/1056"},{"issue":"1","key":"14_CR18","doi-asserted-by":"publisher","first-page":"158","DOI":"10.1007\/s00145-010-9092-8","volume":"25","author":"S Halevi","year":"2012","unstructured":"Halevi, S., Kalai, Y.T.: Smooth projective hashing and two-message oblivious transfer. J. Cryptol. 25(1), 158\u2013193 (2012). https:\/\/doi.org\/10.1007\/s00145-010-9092-8","journal-title":"J. Cryptol."},{"key":"14_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"158","DOI":"10.1007\/978-3-319-63715-0_6","volume-title":"Advances in Cryptology \u2013 CRYPTO 2017","author":"A Jain","year":"2017","unstructured":"Jain, A., Kalai, Y.T., Khurana, D., Rothblum, R.: Distinguisher-dependent simulation in two rounds and its applications. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017. LNCS, vol. 10402, pp. 158\u2013189. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-63715-0_6"},{"key":"14_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-70500-2","volume-title":"Theory of Cryptography","year":"2017","unstructured":"Kalai, Y., Reyzin, L. (eds.): TCC 2017. LNCS, vol. 10677. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-70500-2"},{"key":"14_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"78","DOI":"10.1007\/11426639_5","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2005","author":"YT Kalai","year":"2005","unstructured":"Kalai, Y.T.: Smooth projective hashing and two-message oblivious transfer. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 78\u201395. Springer, Heidelberg (2005). https:\/\/doi.org\/10.1007\/11426639_5"},{"key":"14_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"34","DOI":"10.1007\/978-3-319-78372-7_2","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2018","author":"YT Kalai","year":"2018","unstructured":"Kalai, Y.T., Khurana, D., Sahai, A.: Statistical witness indistinguishability (and more) in two messages. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018. LNCS, vol. 10822, pp. 34\u201365. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-78372-7_2"},{"key":"14_CR23","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"139","DOI":"10.1007\/978-3-319-70503-3_5","volume-title":"Theory of Cryptography","author":"D Khurana","year":"2017","unstructured":"Khurana, D.: Round optimal concurrent non-malleability from polynomial hardness. In: Kalai, Y., Reyzin, L. (eds.) TCC 2017. LNCS, vol. 10678, pp. 139\u2013171. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-70503-3_5"},{"key":"14_CR24","doi-asserted-by":"publisher","unstructured":"Khurana, D., Sahai, A.: How to achieve non-malleability in one or two rounds. In: Umans, C. (ed.) 58th IEEE Annual Symposium on Foundations of Computer Science, FOCS 2017, Berkeley, CA, USA, 15\u201317 October 2017, pp. 564\u2013575. IEEE Computer Society (2017). https:\/\/doi.org\/10.1109\/FOCS.2017.58","DOI":"10.1109\/FOCS.2017.58"},{"key":"14_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"700","DOI":"10.1007\/978-3-642-29011-4_41","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2012","author":"D Micciancio","year":"2012","unstructured":"Micciancio, D., Peikert, C.: Trapdoors for lattices: simpler, tighter, faster, smaller. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 700\u2013718. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-29011-4_41"},{"issue":"1","key":"14_CR26","doi-asserted-by":"publisher","first-page":"267","DOI":"10.1137\/S0097539705447360","volume":"37","author":"D Micciancio","year":"2007","unstructured":"Micciancio, D., Regev, O.: Worst-case to average-case reductions based on Gaussian measures. SIAM J. Comput. 37(1), 267\u2013302 (2007)","journal-title":"SIAM J. Comput."},{"key":"14_CR27","unstructured":"Naor, M., Pinkas, B.: Efficient oblivious transfer protocols. In: Kosaraju, S.R. (ed.) Proceedings of the Twelfth Annual Symposium on Discrete Algorithms, 7\u20139 January 2001, Washington, DC, USA, pp. 448\u2013457. ACM\/SIAM (2001). http:\/\/dl.acm.org\/citation.cfm?id=365411.365502"},{"key":"14_CR28","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"536","DOI":"10.1007\/978-3-662-44371-2_30","volume-title":"Advances in Cryptology \u2013 CRYPTO 2014","author":"R Ostrovsky","year":"2014","unstructured":"Ostrovsky, R., Paskin-Cherniavsky, A., Paskin-Cherniavsky, B.: Maliciously circuit-private FHE. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014. LNCS, vol. 8616, pp. 536\u2013553. Springer, Heidelberg (2014). https:\/\/doi.org\/10.1007\/978-3-662-44371-2_30"},{"key":"14_CR29","doi-asserted-by":"crossref","unstructured":"Peikert, C.: Public-key cryptosystems from the worst-case shortest vector problem: extended abstract. In: Mitzenmacher, M. (ed.) STOC, pp. 333\u2013342. ACM (2009)","DOI":"10.1145\/1536414.1536461"},{"key":"14_CR30","doi-asserted-by":"crossref","unstructured":"Peikert, C., Regev, O., Stephens-Davidowitz, N.: Pseudorandomness of Ring-LWE for any ring and modulus. In: Hatami, H., McKenzie, P., King, V. (eds.) Proceedings of the 49th Annual ACM SIGACT Symposium on Theory of Computing, STOC 2017, Montreal, QC, Canada, 19\u201323 June 2017, pp. 461\u2013473. ACM (2017). http:\/\/doi.acm.org\/10.1145\/3055399.3055489","DOI":"10.1145\/3055399.3055489"},{"key":"14_CR31","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"554","DOI":"10.1007\/978-3-540-85174-5_31","volume-title":"Advances in Cryptology \u2013 CRYPTO 2008","author":"C Peikert","year":"2008","unstructured":"Peikert, C., Vaikuntanathan, V., Waters, B.: A framework for efficient and composable oblivious transfer. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 554\u2013571. Springer, Heidelberg (2008). https:\/\/doi.org\/10.1007\/978-3-540-85174-5_31"},{"key":"14_CR32","unstructured":"Rabin, M.O.: How to exchange secrets with oblivious transfer. Harvard University Technical Report (1981). http:\/\/eprint.iacr.org\/2005\/187"},{"key":"14_CR33","doi-asserted-by":"crossref","unstructured":"Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. In: Gabow, H.N., Fagin, R. (eds.) STOC, pp. 84\u201393. ACM (2005). Full version in [34]","DOI":"10.1145\/1060590.1060603"},{"issue":"6","key":"14_CR34","doi-asserted-by":"publisher","first-page":"34","DOI":"10.1145\/1568318.1568324","volume":"56","author":"O Regev","year":"2009","unstructured":"Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. J. ACM 56(6), 34 (2009)","journal-title":"J. ACM"},{"key":"14_CR35","doi-asserted-by":"crossref","unstructured":"Yao, A.C.C.: How to generate and exchange secrets (extended abstract). In: FOCS, pp. 162\u2013167 (1986)","DOI":"10.1109\/SFCS.1986.25"}],"container-title":["Lecture Notes in Computer Science","Theory of Cryptography"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-03810-6_14","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,4,4]],"date-time":"2026-04-04T00:20:52Z","timestamp":1775262052000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-03810-6_14"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018]]},"ISBN":["9783030038090","9783030038106"],"references-count":35,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-03810-6_14","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2018]]},"assertion":[{"value":"8 November 2018","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"TCC","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Theory of Cryptography Conference","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Panaji","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"India","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2018","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"11 November 2018","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14 November 2018","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"16","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"tcc2018","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/tcc.iacr.org\/2018\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}