ABSTRACT
Private Set Intersection (PSI) allows two parties, the sender and the receiver, to compute the intersection of their private sets without revealing extra information to each other. We are interested in the unbalanced PSI setting, where (1) the receiver's set is significantly smaller than the sender's, and (2) the receiver (with the smaller set) has a low-power device. Also, in a Labeled PSI setting, the sender holds a label per each item in its set, and the receiver obtains the labels from the items in the intersection. We build upon the unbalanced PSI protocol of Chen, Laine, and Rindal (CCS~2017) in several ways: we add efficient support for arbitrary length items, we construct and implement an unbalanced Labeled PSI protocol with small communication complexity, and also strengthen the security model using Oblivious Pseudo-Random Function (OPRF) in a pre-processing phase. Our protocols outperform previous ones: for an intersection of 220 and $512$ size sets of arbitrary length items our protocol has a total online running time of just $1$~second (single thread), and a total communication cost of 4 MB. For a larger example, an intersection of 228 and 1024 size sets of arbitrary length items has an online running time of $12$ seconds (multi-threaded), with less than 18 MB of total communication.
Supplemental Material
- Sebastian Angel, Hao Chen, Kim Laine, and Srinath Setty. 2018. PIR with compressed queries and amortized query processing. In 2018 IEEE Symposium on Security and Privacy (SP). IEEE, 962--979.Google ScholarCross Ref
- Sebastian Angel and Srinath Setty. 2016. Unobservable Communication over Fully Untrusted Infrastructure. In OSDI. 551--569. Google ScholarDigital Library
- Jean-Claude Bajard, Julien Eynard, M Anwar Hasan, and Vincent Zucca. 2016. A full RNS variant of FV like somewhat homomorphic encryption schemes. In International Conference on Selected Areas in Cryptography. Springer, 423--442.Google Scholar
- Pierre Baldi, Roberta Baronio, Emiliano De Cristofaro, Paolo Gasti, and Gene Tsudik. 2011. Countering gattaca: efficient and secure testing of fully-sequenced human genomes. In Proceedings of the 18th ACM conference on Computer and communications security. ACM, 691--702. Google ScholarDigital Library
- Dan Boneh, Craig Gentry, Shai Halevi, Frank Wang, and David J Wu. 2013. Private database queries using somewhat homomorphic encryption. In International Conference on Applied Cryptography and Network Security. Springer, 102--118. Google ScholarDigital Library
- Zvika Brakerski. 2012. Fully Homomorphic Encryption without Modulus Switching from Classical GapSVP. In CRYPTO (Lecture Notes in Computer Science), Reihaneh Safavi-Naini and Ran Canetti (Eds.), Vol. 7417. Springer, 868--886. Google ScholarDigital Library
- Zvika Brakerski, Craig Gentry, and Vinod Vaikuntanathan. 2012. (Leveled) fully homomorphic encryption without bootstrapping. In Proceedings of the 3rd Innovations in Theoretical Computer Science Conference. ACM, 309--325. Google ScholarDigital Library
- Zvika Brakerski and Vinod Vaikuntanathan. 2011. Fully homomorphic encryption from ring-LWE and security for key dependent messages. Advances in Cryptology--CRYPTO 2011. Springer, 505--524. Google ScholarDigital Library
- Zvika Brakerski and Vinod Vaikuntanathan. 2014. Efficient fully homomorphic encryption from (standard) LWE. SIAM J. Comput., Vol. 43, 2 (2014), 831--871.Google ScholarCross Ref
- Melissa Chase, Hao Chen, Jintai Ding, Shafi Goldwasser, Sergey Gorbunov, Jeffrey Hoffstein, Kristin Lauter, Satya Lokam, Dustin Moody, Travis Morrison, Amit Sahai, and Vinod Vaikuntanathan. 2017. Security of Homomorphic Encryption. Technical Report. HomomorphicEncryption.org, Redmond WA.Google Scholar
- Hao Chen, Kim Laine, and Peter Rindal. 2017. Fast private set intersection from homomorphic encryption. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. ACM, 1243--1255. Google ScholarDigital Library
- Jung Hee Cheon, Andrey Kim, Miran Kim, and Yongsoo Song. 2017. Homomorphic encryption for arithmetic of approximate numbers. In International Conference on the Theory and Application of Cryptology and Information Security. Springer, 409--437.Google ScholarCross Ref
- Jung Hee Cheon, Miran Kim, and Myungsun Kim. 2015. Search-and-compute on encrypted data. In International Conference on Financial Cryptography and Data Security. Springer, 142--159.Google ScholarCross Ref
- Jung Hee Cheon, Miran Kim, and Myungsun Kim. 2016. Optimized search-and-compute circuits and their application to query evaluation on encrypted data. IEEE Transactions on Information Forensics and Security, Vol. 11, 1 (2016), 188--199.Google ScholarDigital Library
- Jung Hee Cheon, Miran Kim, and Kristin Lauter. 2015. Homomorphic computation of edit distance. In International Conference on Financial Cryptography and Data Security. Springer, 194--212.Google ScholarCross Ref
- Ilaria Chillotti, Nicolas Gama, Mariya Georgieva, and Malika Izabachene. 2016. Faster fully homomorphic encryption: Bootstrapping in less than 0.1 seconds. In International Conference on the Theory and Application of Cryptology and Information Security. Springer, 3--33.Google ScholarCross Ref
- Benny Chor, Niv Gilboa, and Moni Naor. 1997. Private information retrieval by keywords .Citeseer.Google Scholar
- Michele Ciampi and Claudio Orlandi. 2018. Combining Private Set-Intersection with Secure Two-Party Computation. Technical Report. Cryptology ePrint Archive, Report 2018/105.Google Scholar
- Emiliano De Cristofaro, Paolo Gasti, and Gene Tsudik. 2012. Fast and private computation of cardinality of set intersection and union. In International Conference on Cryptology and Network Security. Springer, 218--231.Google ScholarCross Ref
- Nathan Dowlin, Ran Gilad-Bachrach, Kim Laine, Kristin Lauter, Michael Naehrig, and John Wernsing. 2017. Manual for using homomorphic encryption for bioinformatics. Proc. IEEE, Vol. 105, 3 (2017), 552--567.Google Scholar
- Junfeng Fan and Frederik Vercauteren. 2012. Somewhat Practical Fully Homomorphic Encryption. Cryptology ePrint Archive, Report 2012/144. (2012). http://eprint.iacr.org/.Google Scholar
- Michael J Freedman, Yuval Ishai, Benny Pinkas, and Omer Reingold. 2005. Keyword search and oblivious pseudorandom functions. In Theory of Cryptography Conference. Springer, 303--324. Google ScholarDigital Library
- Craig Gentry. 2009. Fully homomorphic encryption using ideal lattices.. In STOC, Vol. 9. 169--178. Google ScholarDigital Library
- Craig Gentry, Shai Halevi, and Nigel P Smart. 2012. Homomorphic evaluation of the AES circuit. Advances in cryptology--crypto 2012. Springer, 850--867. Google ScholarDigital Library
- Craig Gentry, Amit Sahai, and Brent Waters. 2013. Homomorphic Encryption from Learning with Errors: Conceptually-Simpler, Asymptotically-Faster, Attribute-Based. In CRYPTO (1) (Lecture Notes in Computer Science), Ran Canetti and Juan A. Garay (Eds.), Vol. 8042. Springer, 75--92.Google Scholar
- Shai Halevi and Victor Shoup. 2014. Algorithms in helib. In International cryptology conference. Springer, 554--571.Google Scholar
- W. Hart, F. Johansson, and S. Pancratz. 2013. FLINT: Fast Library for Number Theory. (2013). Version 2.4.0, http://flintlib.org.Google Scholar
- Carmit Hazay and Yehuda Lindell. 2008. Efficient Protocols for Set Intersection and Pattern Matching with Security Against Malicious and Covert Adversaries. In Theory of Cryptography, Ran Canetti (Ed.). Springer Berlin Heidelberg, Berlin, Heidelberg, 155--175. Google ScholarDigital Library
- Mihaela Ion, Ben Kreuter, Erhan Nergiz, Sarvar Patel, Shobhit Saxena, Karn Seth, David Shanahan, and Moti Yung. 2017. Private Intersection-Sum Protocol with Applications to Attributing Aggregate Ad Conversions. Technical Report. Cryptology ePrint Archive, Report 2017/738.Google Scholar
- Stanisław Jarecki and Xiaomin Liu. 2010. Fast secure computation of set intersection. In International Conference on Security and Cryptography for Networks. Springer, 418--435. Google ScholarDigital Library
- Seny Kamara, Payman Mohassel, Mariana Raykova, and Saeed Sadeghian. 2014. Scaling Private Set Intersection to Billion-Element Sets. In Financial Cryptography and Data Security, Nicolas Christin and Reihaneh Safavi-Naini (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 195--215.Google Scholar
- Alhassan Khedr, Glenn Gulak, and Vinod Vaikuntanathan. 2016. SHIELD: scalable homomorphic implementation of encrypted data-classifiers. IEEE Trans. Comput., Vol. 65, 9 (2016), 2848--2858. Google ScholarDigital Library
- Andrey Kim, Yongsoo Song, Miran Kim, Keewoo Lee, and Jung Hee Cheon. 2018. Logistic Regression Model Training based on the Approximate Homomorphic Encryption. Cryptology ePrint Archive, Report 2018/254. (2018). https://eprint.iacr.org/2018/254.Google Scholar
- Ágnes Kiss, Jian Liu, Thomas Schneider, N Asokan, and Benny Pinkas. 2017. Private set intersection for unequal set sizes with mobile applications. Proceedings on Privacy Enhancing Technologies, Vol. 2017, 4 (2017), 177--197.Google ScholarCross Ref
- Vladimir Kolesnikov, Ranjit Kumaresan, Mike Rosulek, and Ni Trieu. 2016. Efficient batched oblivious PRF with applications to private set intersection. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. ACM, 818--829. Google ScholarDigital Library
- Moxie Marlinspike. 2014. The Difficulty Of Private Contact Discovery. A company sponsored blog post. (2014). https://whispersystems.org/blog/contact-discovery/.Google Scholar
- C. Meadows. 1986. A More Efficient Cryptographic Matchmaking Protocol for Use in the Absence of a Continuously Available Third Party. In 1986 IEEE Symposium on Security and Privacy. 134--134.Google ScholarCross Ref
- Marcin Nagy, Emiliano De Cristofaro, Alexandra Dmitrienko, N Asokan, and Ahmad-Reza Sadeghi. 2013. Do I know you?: efficient and privacy-preserving common friend-finder protocols and applications. In Proceedings of the 29th Annual Computer Security Applications Conference. ACM, 159--168. Google ScholarDigital Library
- Andrew Odlyzko. 2003. Privacy, economics, and price discrimination on the Internet. In Proceedings of the 5th international conference on Electronic commerce. ACM, 355--366. Google ScholarDigital Library
- Femi Olumofin and Ian Goldberg. 2010. Privacy-preserving queries over relational databases. In International Symposium on Privacy Enhancing Technologies Symposium. Springer, 75--92. Google ScholarDigital Library
- Michele Orrù, Emmanuela Orsini, and Peter Scholl. 2017. Actively secure 1-out-of-n OT extension with application to private set intersection. In Cryptographers' Track at the RSA Conference. Springer, 381--396.Google Scholar
- Benny Pinkas, Thomas Schneider, Gil Segev, and Michael Zohner. 2015. Phasing: Private set intersection using permutation-based hashing. In 24th USENIX Security Symposium (USENIX Security 15). 515--530. Google ScholarDigital Library
- Benny Pinkas, Thomas Schneider, Christian Weinert, and Udi Wieder. 2018. Efficient circuit-based PSI via cuckoo hashing. In Annual International Conference on the Theory and Applications of Cryptographic Techniques. Springer, 125--157.Google ScholarCross Ref
- Benny Pinkas, Thomas Schneider, and Michael Zohner. 2014. Faster Private Set Intersection Based on OT Extension.. In USENIX Security Symposium, Vol. 14. 797--812. Google ScholarDigital Library
- Benny Pinkas, Thomas Schneider, and Michael Zohner. 2018. Scalable private set intersection based on OT extension. ACM Transactions on Privacy and Security (TOPS), Vol. 21, 2 (2018), 7. Google ScholarDigital Library
- Amanda C Davi Resende and Diego F Aranha. 2018. Faster Unbalanced Private Set Intersection. Journal of Internet Services and Applications, Vol. 9, 1 (2018), 1--18.Google Scholar
- Peter Rindal and Mike Rosulek. 2017. Malicious-Secure Private Set Intersection via Dual Execution. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security (CCS '17). ACM, New York, NY, USA, 1229--1242. Google ScholarDigital Library
- Ronald L Rivest, Len Adleman, and Michael L Dertouzos. 1978. On data banks and privacy homomorphisms. Foundations of secure computation, Vol. 4, 11 (1978), 169--180.Google Scholar
- Nigel P Smart and Frederik Vercauteren. 2014. Fully homomorphic SIMD operations. Designs, codes and cryptography, Vol. 71, 1 (2014), 57--81. Google ScholarDigital Library
- Frank Wang, Catherine Yun, Shafi Goldwasser, Vinod Vaikuntanathan, and Matei Zaharia. 2017. Splinter: Practical Private Queries on Public Data. In NSDI. 299--313. Google ScholarDigital Library
Index Terms
- Labeled PSI from Fully Homomorphic Encryption with Malicious Security
Recommendations
Efficient Linear Multiparty PSI and Extensions to Circuit/Quorum PSI
CCS '21: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications SecurityMultiparty Private Set Intersection (mPSI), enables n parties, each holding private sets (each of size m) to securely compute the intersection of these private sets. While several protocols are known for this task, the only concretely efficient protocol ...
Labeled PSI from Homomorphic Encryption with Reduced Computation and Communication
CCS '21: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications SecurityIt is known that fully homomorphic encryption (FHE) can be used to build efficient (labeled) Private Set Intersection protocols in the unbalanced setting, where one of the sets is much larger than the other~(Chen et al. (CCS'17, CCS'18)). In this paper ...
Fast Private Set Intersection from Homomorphic Encryption
CCS '17: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications SecurityPrivate Set Intersection (PSI) is a cryptographic technique that allows two parties to compute the intersection of their sets without revealing anything except the intersection. We use fully homomorphic encryption to construct a fast PSI protocol with a ...
Comments