Abstract
Because of the concise functionality of oblivious transfer (OT)protocols, they have been widely used as building blocks in securemultiparty computation and high-level protocols. The security of OTprotocols built upon classical number theoretic problems, such asthe discrete logarithm and factoring, however, is threatened as aresult of the huge progress in quantum computing. Therefore, post-quantumcryptography is needed for protocols based on classical problems,and several proposals for post-quantum OT protocols exist. However,most post-quantum cryptosystems present their security proof onlyin the context of classical adversaries, not in the quantum setting.In this paper, we close this gap and prove the security of the lattice-basedOT protocol proposed by Peikert . (CRYPTO, 2008), which is universally composably secure under theassumption of learning with errors hardness, in the quantum setting.We apply three general quantum security analysis frameworks. First,we apply the quantum lifting theorem proposed by Unruh (EUROCRYPT,2010) to prove that the security of the lattice-based OT protocolcan be lifted into the quantum world. Then, we apply two more securityanalysis frameworks specified for post-quantum cryptographic primitives,i.e., simple hybrid arguments (CRYPTO, 2011) and game-preserving reduction(PQCrypto, 2014).