New Realizations of Efficient and Secure Private Set Intersection Protocols Preserving Fairness

Private Set Intersection PSI is a useful cryptographic primitive for developing practical privacy preserving techniques for Big Data. PSI allows entities to securely extract intersection of the large data sets they own, without revealing any other crucial information for their input sets. Fairness is a critical issue for both mutual Private Set Intersection $$\mathsf{mPSI}$$ and its cardinality variant, namely mutual Private Set Intersection Cardinality $$\mathsf{mPSI}$$-CA. Achieving fairness over prime order groups with linear complexity in malicious model remains an interesting challenge for both $$\mathsf{mPSI}$$ and $$\mathsf{mPSI}$$-CA. None of the prior works achieve all the aforementioned properties together. We address these issues using an off-line semi-trusted third party, called arbiter. Arbiter is semi-trusted in the sense that he cannot get access to the private information of the parties but follow the protocol honestly. In this work, we propose a construction of fair and efficient $$\mathsf{mPSI}$$ with linear communication and computation overheads using prime order groups. Our $$\mathsf{mPSI}$$ employs Distributed ElGamal encryption and the verifiable encryption of Cramer-Shoup. A concrete security analysis is provided against malicious parties under Decisional Diffie-Hellman DDH assumption. We further extend our $$\mathsf{mPSI}$$ to $$\mathsf{mPSI}$$-CA retaining all the security properties of $$\mathsf{mPSI}$$. On a more positive note, our $$\mathsf{mPSI}$$-CA is the first in its kind with linear complexity preserving fairness.

[1]  Jun Furukawa Efficient and Verifiable Shuffling and Shuffle-Decryption , 2005, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[2]  Ratna Dutta,et al.  Towards fair mutual private set intersection with linear complexity , 2016, Secur. Commun. Networks.

[3]  Jonathan Katz,et al.  Private Set Intersection: Are Garbled Circuits Better than Custom Protocols? , 2012, NDSS.

[4]  Changyu Dong,et al.  When private set intersection meets big data: an efficient and scalable protocol , 2013, CCS.

[5]  Jan Camenisch,et al.  Fair Private Set Intersection with a Semi-trusted Arbiter , 2013, IACR Cryptol. ePrint Arch..

[6]  Benny Pinkas,et al.  Efficient Private Matching and Set Intersection , 2004, EUROCRYPT.

[7]  Yehuda Lindell,et al.  Efficient Protocols for Set Intersection and Pattern Matching with Security Against Malicious and Covert Adversaries , 2008, TCC.

[8]  J. Camenisch,et al.  Proof systems for general statements about discrete logarithms , 1997 .

[9]  Xiaomin Liu,et al.  Fast Secure Computation of Set Intersection , 2010, SCN.

[10]  Susan Hohenberger,et al.  Honest-Verifier Private Disjointness Testing Without Random Oracles , 2006, Privacy Enhancing Technologies.

[11]  Mihir Bellare,et al.  On Defining Proofs of Knowledge , 1992, CRYPTO.

[12]  Jan Camenisch,et al.  Efficient Group Signature Schemes for Large Groups (Extended Abstract) , 1997, CRYPTO.

[13]  Jan Camenisch,et al.  Private Intersection of Certified Sets , 2009, Financial Cryptography.

[14]  Jung Hee Cheon,et al.  Mutual Private Set Intersection with Linear Complexity , 2011, WISA.

[15]  Emiliano De Cristofaro,et al.  Linear-Complexity Private Set Intersection Protocols Secure in Malicious Model , 2010, ASIACRYPT.

[16]  Ronald Cramer,et al.  A Practical Public Key Cryptosystem Provably Secure Against Adaptive Chosen Ciphertext Attack , 1998, CRYPTO.

[17]  Ratna Dutta,et al.  A Fair and Efficient Mutual Private Set Intersection Protocol from a Two-Way Oblivious Pseudorandom Function , 2014, ICISC.

[18]  Benny Pinkas,et al.  Phasing: Private Set Intersection Using Permutation-based Hashing , 2015, USENIX Security Symposium.

[19]  Benny Pinkas,et al.  Faster Private Set Intersection Based on OT Extension , 2014, USENIX Security Symposium.

[20]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[21]  Emiliano De Cristofaro,et al.  Practical Private Set Intersection Protocols with Linear Complexity , 2010, Financial Cryptography.

[22]  Dawn Xiaodong Song,et al.  Privacy-Preserving Set Operations , 2005, CRYPTO.

[23]  Ratna Dutta,et al.  Efficient Private Set Intersection Cardinality in the Presence of Malicious Adversaries , 2015, ProvSec.

[24]  Felix Brandt,et al.  Efficient Cryptographic Protocol Design Based on Distributed El Gamal Encryption , 2005, ICISC.

[25]  Dan Boneh,et al.  The Decision Diffie-Hellman Problem , 1998, ANTS.

[26]  Ratna Dutta,et al.  Secure and Efficient Private Set Intersection Cardinality Using Bloom Filter , 2015, ISC.

[27]  Emiliano De Cristofaro,et al.  Experimenting with Fast Private Set Intersection , 2012, TRUST.

[28]  Carmit Hazay Oblivious Polynomial Evaluation and Secure Set-Intersection from Algebraic PRFs , 2015, TCC.

[29]  Jan Camenisch,et al.  Practical Verifiable Encryption and Decryption of Discrete Logarithms , 2003, CRYPTO.

[30]  Carmit Hazay,et al.  Efficient Set Operations in the Presence of Malicious Adversaries , 2010, Public Key Cryptography.

[31]  T. Elgamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, CRYPTO 1984.

[32]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[33]  Benny Pinkas,et al.  Efficient Set Intersection with Simulation-Based Security , 2014, Journal of Cryptology.

[34]  Emiliano De Cristofaro,et al.  Fast and Private Computation of Cardinality of Set Intersection and Union , 2012, CANS.

[35]  Alexandre V. Evfimievski,et al.  Information sharing across private databases , 2003, SIGMOD '03.

[36]  Xiaomin Liu,et al.  Efficient Oblivious Pseudorandom Function with Applications to Adaptive OT and Secure Computation of Set Intersection , 2009, TCC.

[37]  Jan Camenisch,et al.  Efficient group signature schemes for large groups , 1997 .