Article Preview
TopIntroduction
The development of e-commerce not only provides convenience for customers and vendors but also effectively reduces their transaction costs. On the other hand, transaction security and privacy protection have gradually become a thorny issue hindering e-commerce applications. For vendors, providing better privacy protection for customers will bring them advantages in business competition. Studies have shown that to reduce personal information exposure, customers tend to buy products from websites that offer more privacy protection. Moreover, they are even willing to pay more for it (Rial, Kohlweiss, & Preneel, 2009). Oblivious purchase is a potential privacy-enhanced e-commerce solution that makes it impossible for vendors to know which goods are bought. Queries for sensitive data, such as DNA sequences, stock quotes, and patent searches, are typical applications for oblivious purchases (Camenisch, Dubovitskaya,& Neven,2009). In addition, popular applications of oblivious purchases include private mobile pay-TV (Biesmans, Balasch, Rial, Preneel, & Verbauwhede, 2018), location-based services (Jannati & Bahrak, 2017), etc. Note that to ensure vendors’ benefits, such solutions must provide an access control mechanism so that only authorized users can access sensitive information.
Oblivious transfer (OT) is an important cryptographic primitive. In the OT scenario, the aforementioned oblivious purchases are considered as the following secure two-party computation problem: a sender S (i.e., the data owner) has n secrets m1,m2,…,mn, and a receiver R (i.e., the user) has a secret i∈[1,n] (the choice they make); in this case, an OT scheme can achieve the following goals: when a transfer is completed, R obtains mi, but has no access to any information of other secrets m1,…,mi-1, mi+1,…,mn ; on the sender’s side, S only knows that R has obtained a secret, but does not know which secret was chosen by R. In recent years, researchers have extended the function of standard OT schemes in many aspects. It mainly includes adaptive OT schemes, OT with access control (AC-OT) schemes, and priced OT schemes. Compared with standard OT schemes, an adaptive OT scheme improves the efficiency of both sides in a transaction (Libert, Ling, Mouhartem, Nguyen, & Wang, 2017). Concretely, it allows the receiver to request k data records to the sender in a “one-after-the-other” manner. An AC-OT scheme allows the database provider (DBP) to create an access control list (ACL) for each data record (Camenisch, Dubovitskaya, & Neven, 2009; Rial & Preneel, 2016; Damodaran & Rial, 2020). Camenisch et al. (2011) emphasized that DBP needed to hide ACLs in many cases and proposed an OT scheme supporting a hidden access control strategy to protect the privacy of users and the DBP. In a priced OT scheme, users can hide the price of the purchased data from the DBP during a transaction (Damodaran, Dubovitskaya, & Rial, 2019). Recently, several new concepts have been proposed, such as issuer-free AC-OT scheme (Guleria & Dutta, 2015), traceable OT scheme (Liu, Zhang, Mu, Yang, & Tian, 2018), and OT with membership verification scheme (Liu, Sun, & Tian, 2019). In addition, OT has also been used to design e-commerce applications in specific scenarios, such as private mobile pay-TV systems (Biesmans, Balasch, Rial, Preneel, & Verbauwhede, 2018) and location-based service systems (Jannati & Bahrak, 2017).