中文摘要：

茫然传输（oblivious transfer,OT）是一个重要的密码学基础工具,可以被应用到许多密码学协议的构造中去,例如安全多方计算、隐私信息检索等.在n取1茫然传输场景中有2个参与方,即发送方S和接收方R.发送方有n个输入值,接收方希望得到其中某一个值.与此同时协议要保证发送方不知道接收方的选择信息,且接收方除了得到自己选择的值以外不知道其他输入值的相关信息.已有的OTn^1协议仅能保证参与方的输入隐私性或实现单边模拟,均不能实现完全模拟.完全模拟意味着在理想？现实模拟范例中,当接收方或发送方被分别腐化时,协议都可以被模拟,较之于只保证隐私性和单边模拟,其安全性更强.首次在标准恶意敌手模型下,基于判定Diffie-Hellamn（decisional DiffieHellamn,DDH）困难问题假设构造了一个高效、可完全模拟的OTn^1协议,该协议的思想主要基于双模式加密机制,并结合知识的零知识证明系统.协议具有常数轮交互复杂度,且计算和通信复杂度仅与n线性相关.

英文摘要：

Oblivious transfer（OT）is an important basic cryptographic tool,which can be used in the constructions of many other cryptographic protocols,such as secure multi-party computation（SMPC）protocols,private information retrieval（PIR）and so on.The 1-out-of-n oblivious transfer（OTn^1）setting involves two parties,the sender Sand the receiver R.More specificly,the sender has nvalues and the receiver wants to obtain only one value from them.At the same time,the receiver＇s choice is unknown to the sender and the receiver gets no extra information about the other values he doesn＇t choose.In this paper,we firstly propose an efficient OT1 n protocol based on the decisional DiffieHellman（DDH）hard problem assumption with full simulation in the standard malicious model.The full simulation means that the protocol can be simulated when the receiver and the sender are corrupted respectively under the ideal？real simulation paradigm,and also this is the highest security level in the standard stand-alone model.The idea behind the protocol mainly benefits from the dualmode cryptosystem and the combination of zero-knowledge proof of knowledge（ZKPOK）of DiffieHellman tuples.The protocol has constant number of interactive complexity,and the computation and communication complexity is just liner of n.