Skip to main content
SpringerLink
Log in

Faster unbalanced Private Set Intersection in the semi-honest setting

  • Regular Paper
  • Published:
Journal of Cryptographic Engineering Aims and scope Submit manuscript

Abstract

Protocols for Private Set Intersection (PSI) are important cryptographic techniques to perform joint operations on datasets in a privacy-preserving way. They allow two parties to compute the intersection of their private sets without revealing any additional information beyond the intersection itself, for one party (one-way) or both parties (mutual). Despite the several PSI protocols available in the literature, only recently techniques have been applied to existing PSI protocols in order to make them more efficient when one of the parties holds a set much smaller than the other. This is a realistic scenario in many cases, characterizing the unbalanced setting. Thus, this paper builds on modern cryptographic engineering techniques and proposes optimizations for a promising one-way PSI protocol based on public-key cryptography secure against semi-honest adversaries. We show that our improvements and optimizations yield a protocol that outperforms the communication complexity and the run time of previous proposals in the unbalanced setting.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5

Similar content being viewed by others

Notes

  1. Our previous paper [42] reports 50,000 cycles for exponentiation without taking point decompression in consideration, in line with [36].

  2. https://github.com/splatlab/cqf.

  3. Both parties use a hash function to compute the hash of their elements and the intersection is computed by checking if the hashes are equal. However, if the hash function inputs were taken from a low-entropy domain \(\mathbb {D}\), the parties can discover all elements of the other party by performing a brute-force attack.

  4. https://signal.org/blog/private-contact-discovery/.

  5. https://faq.whatsapp.com/en/iphone/20971813.

  6. Lambæk [29] and Rindal and Rosulek [43], have shown that the protocol is insecure concerning malicious adversaries.

  7. https://bench.cr.yp.to.

  8. It is important to note that each time that the resize operation is performed the FPR increases. Thus, when the FPR reaches the maximum tolerated limit of each application, a new filter must be generated.

  9. The FPR of the RSQF can be as small as the application requires, considering the cost of increasing the filter size.

  10. Average of \(2^{20}\) exponentiations performed on our Haswell machine.

  11. Due to the memory limitation in our benchmark machine to generate a filter with 1 billion elements, we created a filter with \( 2^{30}\) slots and inserted \( 2^{26}\) elements at a time, 14 times, and inserted the remaining 60,475,904 elements to complete the \(10^9\) elements inserted. Only after all the elements were inserted that the server sends the filter to the client.

References

  1. Aranha, D.F., Fouque, P., Qian, C., Tibouchi, M., Zapalowicz, J.: Binary elligator squared. In: SAC, LNCS, vol. 8781, pp. 20–37. Springer (2014)

  2. Baldi, P., Baronio, R., Cristofaro, E.D., Gasti, P., Tsudik, G.: Countering GATTACA: efficient and secure testing of fully-sequenced human genomes. In: ACM Conference on Computer and Communications Security, pp. 691–702. ACM (2011)

  3. Bellare, M., Namprempre, C., Pointcheval, D., Semanko, M.: The one-more-RSA-inversion problems and the security of Chaum’s blind signature scheme. J. Cryptol. 16(3), 185–215 (2003)

    Article  MathSciNet  Google Scholar 

  4. Bloom, B.H.: Space/time trade-offs in Hash coding with allowable errors. Commun. ACM 13(7), 422–426 (1970)

    Article  Google Scholar 

  5. Boneh, D.: The decision Diffie–Hellman problem. In: ANTS, Lecture Notes in Computer Science, vol. 1423, pp. 48–63. Springer (1998)

  6. Breslow, A., Jayasena, N.: Morton filters: faster, space-efficient cuckoo filters via biasing, compression, and decoupled logical sparsity. PVLDB 11(9), 1041–1055 (2018)

    Google Scholar 

  7. Brown, D.R.L., Gallant, R.P.: The static Diffie–Hellman problem. IACR Cryptol. ePrint Arch. 2004, 306 (2004)

    Google Scholar 

  8. Chen, H., Huang, Z., Laine, K., Rindal, P.: Labeled PSI from fully homomorphic encryption with malicious security. In: ACM Conference on Computer and Communications Security, pp. 1223–1237. ACM (2018)

  9. Chen, H., Laine, K., Rindal, P.: Fast Private Set Intersection from homomorphic encryption. In: ACM Conference on Computer and Communications Security, pp. 1243–1255. ACM (2017)

  10. Cheon, J.H.: Security analysis of the strong Diffie–Hellman problem. In: EUROCRYPT, Lecture Notes in Computer Science, vol. 4004, pp. 1–11. Springer (2006)

  11. Cristofaro, E.D., Gasti, P., Tsudik, G.: Fast and private computation of cardinality of set intersection and union. In: CANS, vol. 7712, pp. 218–231. Springer (2012)

  12. Demmler, D., Rindal, P., Rosulek, M., Trieu, N.: PIR-PSI: scaling private contact discovery. PoPETs 2018(4), 159–178 (2018)

    Google Scholar 

  13. Dong, C., Chen, L., Wen, Z.: When Private Set Intersection meets big data: an efficient and scalable protocol. In: ACM Conference on Computer and Communications Security, pp. 789–800. ACM (2013)

  14. Fan, B., Andersen, D.G., Kaminsky, M., Mitzenmacher, M.: Cuckoo filter: practically better than bloom. In: CoNEXT, pp. 75–88. ACM (2014)

  15. Fan, J., Vercauteren, F.: Somewhat practical fully homomorphic encryption. IACR Cryptol. ePrint Arch. 2012, 144 (2012)

    Google Scholar 

  16. Fan, L., Cao, P., Almeida, J.M., Broder, A.Z.: Summary cache: a scalable wide-area web cache sharing protocol. IEEE/ACM Trans. Netw. 8(3), 281–293 (2000)

    Article  Google Scholar 

  17. Freedman, M.J., Ishai, Y., Pinkas, B., Reingold, O.: Keyword search and oblivious pseudorandom functions. In: TCC, Lecture Notes in Computer Science, vol. 3378, pp. 303–324. Springer (2005)

  18. Freedman, M.J., Nissim, K., Pinkas, B.: Efficient private matching and set intersection. In: EUROCRYPT, Lecture Notes in Computer Science, vol. 3027, pp. 1–19. Springer (2004)

  19. Goldreich, O.: The Foundations of Cryptography—Volume 2, Basic Applications, vol. 2. Cambridge University Press, Cambridge (2004)

    MATH  Google Scholar 

  20. Gouvêa, C.P.L., Hernandez, J.L.: Implementing GCM on ARMv8. In: CT-RSA, Lecture Notes in Computer Science, vol. 9048, pp. 167–180. Springer (2015)

  21. Hankerson, D., Karabina, K., Menezes, A.: Analyzing the Galbraith–Lin–Scott point multiplication method for elliptic curves over binary fields. IEEE Trans. Comput. 58(10), 1411–1420 (2009)

    Article  MathSciNet  Google Scholar 

  22. Huang, Y., Evans, D., Katz, J.: Private Set Intersection: are garbled circuits better than custom protocols? In: NDSS. The Internet Society (2012)

  23. Huberman, B.A., Franklin, M.K., Hogg, T.: Enhancing privacy and trust in electronic communities. In: EC, pp. 78–86 (1999)

  24. Ishai, Y., Kilian, J., Nissim, K., Petrank, E.: Extending oblivious transfers efficiently. In: CRYPTO, LNCS, vol. 2729, pp. 145–161. Springer (2003)

  25. Jarecki, S., Liu, X.: Fast secure computation of set intersection. In: SCN, Lecture Notes in Computer Science, vol. 6280, pp. 418–435. Springer (2010)

  26. Kales, D., Rechberger, C., Schneider, T., Senker, M., Weinert, C.: Mobile private contact discovery at scale. In: USENIX Security Symposium, pp. 1447–1464. USENIX Association (2019)

  27. Kiss, Á., Liu, J., Schneider, T., Asokan, N., Pinkas, B.: Private set intersection for unequal set sizes with mobile applications. PoPETs 2017(4), 177–197 (2017)

    Google Scholar 

  28. Kolesnikov, V., Kumaresan, R., Rosulek, M., Trieu, N.: Efficient batched oblivious PRF with applications to Private Set Intersection. In: ACM Conference on Computer and Communications Security, pp. 818–829. ACM (2016)

  29. Lambæk, M.: Breaking and fixing private set intersection protocols. IACR Cryptol. ePrint Arch. (2016). http://eprint.iacr.org/2016/665

  30. Lopez, J., Dahab, R.: New point compression algorithms for binary curves. In: IEEE Information Theory Workshop—ITW ’06, pp. 126–130 (2006). https://doi.org/10.1109/ITW.2006.1633795

  31. Meadows, C.A.: A more efficient cryptographic matchmaking protocol for use in the absence of a continuously available third party. In: IEEE Symposium on Security and Privacy, pp. 134–137. IEEE Computer Society (1986)

  32. Mezzour, G., Perrig, A., Gligor, V.D., Papadimitratos, P.: Privacy-preserving relationship path discovery in social networks. In: CANS, LNCS, vol. 5888, pp. 189–208. Springer (2009)

  33. Nagaraja, S., Mittal, P., Hong, C., Caesar, M., Borisov, N.: BotGrep: finding P2P bots with structured graph analysis. In: USENIX Security Symposium, pp. 95–110. USENIX Assoc. (2010)

  34. Naor, M., Pinkas, B.: Oblivious transfer and polynomial evaluation. In: STOC, pp. 245–254. ACM (1999)

  35. Narayanan, A., Thiagarajan, N., Lakhani, M., Hamburg, M., Boneh, D.: Location privacy via private proximity testing. In: NDSS. The Internet Society (2011)

  36. Oliveira, T., Aranha, D.F., Hernandez, J.L., Rodríguez-Henríquez, F.: Improving the performance of the GLS254. CHES Rump Session (2016)

  37. Oliveira, T., López, J., Aranha, D.F., Rodríguez-Henríquez, F.: Two is the fastest prime: lambda coordinates for binary elliptic curves. J. Cryptogr. Eng. 4(1), 3–17 (2014)

    Article  Google Scholar 

  38. Pandey, P., Bender, M.A., Johnson, R., Patro, R.: A general-purpose counting filter: making every bit count. In: SIGMOD Conference, pp. 775–787. ACM (2017)

  39. Pinkas, B., Schneider, T., Segev, G., Zohner, M.: Phasing: Private Set Intersection using permutation-based hashing. In: USENIX Security Symposium, pp. 515–530. USENIX Assoc. (2015)

  40. Pinkas, B., Schneider, T., Zohner, M.: Faster Private Set Intersection based on OT extension. In: USENIX Security Symposium, pp. 797–812. USENIX Assoc. (2014)

  41. Pinkas, B., Schneider, T., Zohner, M.: Scalable Private Set Intersection based on OT extension. ACM Trans. Priv. Secur. 21(2), 7:1–7:35 (2018)

    Article  Google Scholar 

  42. Resende, A.C.D., Aranha, D.F.: Faster unbalanced private set intersection. In: Financial Cryptography and Data Security, Lecture Notes in Computer Science. Springer (2018)

  43. Rindal, P., Rosulek, M.: Improved Private Set Intersection against malicious adversaries. In: EUROCRYPT (1), Lecture Notes in Computer Science, vol. 10210, pp. 235–259 (2017)

  44. Taverne, J., Faz-Hernández, A., Aranha, D.F., Rodríguez-Henríquez, F., Hankerson, D., López, J.: Speeding scalar multiplication over binary elliptic curves using the new carry-less multiplication instruction. J. Cryptogr. Eng. 1(3), 187–199 (2011)

    Article  Google Scholar 

  45. Yao, A.C.: Protocols for secure computations (extended abstract). In: FOCS, pp. 160–164. IEEE Computer Society (1982)

  46. Yao, A.C.: How to generate and exchange secrets (extended abstract). In: FOCS, pp. 162–167. IEEE Computer Society (1986)

Download references

Acknowledgements

We would like to thank the anonymous reviewers who contributed with useful discussion to improve the paper.

Author information

Authors and Affiliations

  1. Institute of Computing, University of Campinas (UNICAMP), Campinas, Brazil

    Amanda Cristina Davi Resende

  2. Department of Engineering, Aarhus University, Århus, Denmark

    Diego de Freitas Aranha

Authors
  1. Amanda Cristina Davi Resende
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Diego de Freitas Aranha
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Amanda Cristina Davi Resende.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

This study was financed in part by the Coordenação de Aperfeiçoamento de Pessoal de Nível Superior - Brasil (CAPES) - Finance Code 1545003 and by the Conselho Nacional de Desenvolvimento Científico e Tecnológico (CNPq) - Finance Code 140738/2017-7.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Davi Resende, A.C., de Freitas Aranha, D. Faster unbalanced Private Set Intersection in the semi-honest setting. J Cryptogr Eng 11, 21–38 (2021). https://doi.org/10.1007/s13389-020-00242-7

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s13389-020-00242-7

Keywords

Search

Navigation