Maliciously Secure Oblivious Linear Function Evaluation with Constant Overhead

In this work we consider the problem of oblivious linear function evaluation (OLE). OLE is a special case of oblivious polynomial evaluation (OPE) and deals with the oblivious evaluation of a linear function \(f(x)=ax+b\). This problem is non-trivial in the sense that the sender chooses a, b and the receiver x, but the receiver may only learn f(x). We present a highly efficient and UC-secure construction of OLE in the OT-hybrid model that requires only O(1) OTs per OLE. The construction is based on noisy encodings introduced by Naor and Pinkas (STOC’99) and used for passive secure OLEs by Ishai, Prabhakaran and Sahai (TCC’09). A result asymptotically similar to ours is known by applying the IPS compiler to the mentioned passive secure OLE protocol, but our protocol provides better constants and would be considerably simpler to implement. Concretely we use only 16 OTs to generate one active secure OLE, and our protocol achieves active security by adding fairly simple checks to the passive secure protocol. We therefore believe our protocol takes an important step towards basing practical active-secure arithmetic computations on OLEs. Our result requires novel techniques that might be of independent interest. As an application we present the currently most efficient OPE construction.