Stroh L, Horová N, Stárek R, Puthoor IV, Mičuda M, Dušek M, Andersson E.
Submitted to arXiv on 22 September 2022
Oblivious transfer (OT) is an important cryptographic primitive. Any multi-party computation can be realised with OT as building block. XOR oblivious transfer (XOT) is a variant where the sender Alice has two bits, and a receiver Bob obtains either the first bit, the second bit, or their XOR. Bob should not learn anything more than this, and Alice should not learn what Bob has learnt. Perfect quantum OT with information-theoretic security is known to be impossible. We determine the smallest possible cheating probabilities for unrestricted dishonest parties in non-interactive quantum XOT protocols using symmetric pure states, and present an optimal protocol, which outperforms classical protocols. We also “reverse” this protocol, so that Bob becomes sender of a quantum state and Alice the receiver who measures it, while still implementing oblivious transfer from Alice to Bob. Cheating probabilities for both parties stay the same as for the unreversed protocol. We optically implemented both the unreversed and the reversed protocols, and cheating strategies, noting that the reversed protocol is easier to implement.