Cheaper Private Set Intersection via Differentially Private Leakage

Abstract In this work we demonstrate that allowing differentially private leakage can significantly improve the concrete performance of secure 2-party computation (2PC) protocols. Specifically, we focus on the private set intersection (PSI) protocol of Rindal and Rosulek (CCS 2017), which is the fastest PSI protocol with security against malicious participants. We show that if differentially private leakage is allowed, the cost of the protocol can be reduced by up to 63%, depending on the desired level of differential privacy. On the technical side, we introduce a security model for differentially-private leakage in malicious-secure 2PC. We also introduce two new and improved mechanisms for “differentially private histogram overestimates,” the main technical challenge for differentially-private PSI.

[1]  Andreas Haeberlen,et al.  DJoin: differentially private join queries over distributed databases , 2012, OSDI 2012.

[2]  Benny Pinkas,et al.  Efficient Private Matching and Set Intersection , 2004, EUROCRYPT.

[3]  Eran Omri,et al.  Distributed Private Data Analysis: On Simultaneously Solving How and What , 2008, CRYPTO.

[4]  Peter Rindal,et al.  Malicious-Secure Private Set Intersection via Dual Execution , 2017, CCS.

[5]  Oded Goldreich,et al.  Towards a theory of software protection and simulation by oblivious RAMs , 1987, STOC.

[6]  Pramod Viswanath,et al.  Differentially Private Multi-party Computation: Optimality of Non-Interactive Randomized Response , 2014, 1407.1546.

[7]  Emmanuela Orsini,et al.  Actively Secure 1-out-of-N OT Extension with Application to Private Set Intersection , 2017, CT-RSA.

[8]  Prateek Mittal,et al.  Root ORAM: A Tunable Differentially Private Oblivious RAM , 2016, ArXiv.

[9]  Jonathan Katz,et al.  Quid-Pro-Quo-tocols: Strengthening Semi-honest Protocols with Dual Execution , 2012, 2012 IEEE Symposium on Security and Privacy.

[10]  Sahar Mazloom,et al.  Differentially Private Access Patterns in Secure Computation , 2017, IACR Cryptol. ePrint Arch..

[11]  Ben Riva,et al.  Richer Efficiency/Security Trade-offs in 2PC , 2015, TCC.

[12]  Angelos D. Keromytis,et al.  Blind Seer: A Scalable Private DBMS , 2014, 2014 IEEE Symposium on Security and Privacy.

[13]  Melissa Chase,et al.  Private Collaborative Neural Network Learning , 2017, IACR Cryptol. ePrint Arch..

[14]  Jonathan Katz,et al.  Coupled-Worlds Privacy: Exploiting Adversarial Uncertainty in Statistical Data Privacy , 2013, 2013 IEEE 54th Annual Symposium on Foundations of Computer Science.

[15]  Andreas Haeberlen,et al.  DStress: Efficient Differentially Private Computations on Distributed Data , 2017, EuroSys.

[16]  Matthew K. Franklin,et al.  Efficiency Tradeoffs for Malicious Two-Party Computation , 2006, Public Key Cryptography.

[17]  Xenofontas A. Dimitropoulos,et al.  SEPIA: Privacy-Preserving Aggregation of Multi-Domain Network Events and Statistics , 2010, USENIX Security Symposium.

[18]  Suman Nath,et al.  Differentially private aggregation of distributed time-series with transformation and encryption , 2010, SIGMOD Conference.

[19]  Divesh Srivastava,et al.  Composing Differential Privacy and Secure Computation: A Case Study on Scaling Private Record Linkage , 2017, CCS.

[20]  Cynthia Dwork,et al.  Calibrating Noise to Sensitivity in Private Data Analysis , 2006, TCC.

[21]  Hugo Krawczyk,et al.  Highly-Scalable Searchable Symmetric Encryption with Support for Boolean Queries , 2013, IACR Cryptol. ePrint Arch..

[22]  Adam O'Neill,et al.  Accessing Data while Preserving Privacy , 2017, ArXiv.

[23]  Phillipp Schoppmann,et al.  Private Nearest Neighbors Classification in Federated Databases , 2018, IACR Cryptol. ePrint Arch..

[24]  Elaine Shi,et al.  Foundations of Differentially Oblivious Algorithms , 2017, IACR Cryptol. ePrint Arch..

[25]  Rafail Ostrovsky,et al.  Efficient computation on oblivious RAMs , 1990, STOC '90.

[26]  Micah Sherr,et al.  Distributed Measurement with Private Set-Union Cardinality , 2017, CCS.

[27]  Ran Canetti,et al.  Universally composable security: a new paradigm for cryptographic protocols , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.