Size-Hiding in Private Set Intersection: Existential Results and Constructions

In this paper we focus our attention on private set intersection. We show impossibility and existential results, and we provide some explicit constructions. More precisely, we start by looking at the case in which both parties, client and server, in securely computing the intersection, would like to hide the sizes of their sets of secrets, and we show that: – It is impossible to realize an unconditionally secure size-hiding set intersection protocol. – In a model where a TTP provides set up information to the two parties and disappears, unconditionally secure size-hiding set intersection is possible. There exist computationally secure size-hiding set intersection protocols. Then, we provide some explicit constructions for one-sided protocols, where only the client gets the intersection and hides the size of her set of secrets. In the model with the TTP, we design two protocols which are computationally secure under standard assumptions, and two very efficient protocols which are secure in the random oracle model. We close the paper with some remarks and by pointing out several interesting open problems.

[1]  Martijn Stam Beyond Uniformity: Better Security/Efficiency Tradeoffs for Compression Functions , 2008, CRYPTO.

[2]  Benny Pinkas,et al.  Efficient Private Matching and Set Intersection , 2004, EUROCRYPT.

[3]  Ueli Maurer,et al.  Advances in Cryptology — EUROCRYPT ’96 , 2001, Lecture Notes in Computer Science.

[4]  Yehuda Lindell,et al.  Efficient Protocols for Set Intersection and Pattern Matching with Security Against Malicious and Covert Adversaries , 2008, TCC.

[5]  Jacques Stern,et al.  Advances in Cryptology — EUROCRYPT ’99 , 1999, Lecture Notes in Computer Science.

[6]  Douglas R Stinson,et al.  Universal hash families and the leftover hash lemma, and applications to cryptography and computing , 2010 .

[7]  Emiliano De Cristofaro,et al.  (If) Size Matters: Size-Hiding Private Set Intersection , 2011, IACR Cryptol. ePrint Arch..

[8]  Victor Shoup Advances in Cryptology - CRYPTO 2005: 25th Annual International Cryptology Conference, Santa Barbara, California, USA, August 14-18, 2005, Proceedings , 2005, CRYPTO.

[9]  Ronald Cramer,et al.  Introduction to Secure Computation , 1998, Lectures on Data Security.

[10]  Claudio Soriente,et al.  An Accumulator Based on Bilinear Maps and Efficient Revocation for Anonymous Credentials , 2009, IACR Cryptol. ePrint Arch..

[11]  Joseph Bonneau,et al.  What's in a Name? , 2020, Financial Cryptography.

[12]  Larry Carter,et al.  Universal Classes of Hash Functions , 1979, J. Comput. Syst. Sci..

[13]  Benny Pinkas,et al.  Keyword Search and Oblivious Pseudorandom Functions , 2005, TCC.

[14]  Yuval Ishai,et al.  Founding Cryptography on Oblivious Transfer - Efficiently , 2008, CRYPTO.

[15]  Keith B. Frikken Privacy-Preserving Set Union , 2007, ACNS.

[16]  Rosario Gennaro,et al.  Public Key Cryptography - PKC 2011 - 14th International Conference on Practice and Theory in Public Key Cryptography, Taormina, Italy, March 6-9, 2011. Proceedings , 2011, Public Key Cryptography.

[17]  Oded Goldreich,et al.  A randomized protocol for signing contracts , 1985, CACM.

[18]  Russell Impagliazzo,et al.  Limits on the provable consequences of one-way permutations , 1988, STOC '89.

[19]  Ivan Damgård,et al.  Lectures on Data Security , 2003, Lecture Notes in Computer Science.

[20]  Jan Camenisch,et al.  A Signature Scheme with Efficient Protocols , 2002, SCN.

[21]  Emiliano De Cristofaro,et al.  Practical Private Set Intersection Protocols with Linear Complexity , 2010, Financial Cryptography.

[22]  Dawn Xiaodong Song,et al.  Privacy-Preserving Set Operations , 2005, CRYPTO.

[23]  Oded Goldreich,et al.  Foundations of Cryptography: Volume 2, Basic Applications , 2004 .

[24]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[25]  Moti Yung,et al.  Secure Efficient Multiparty Computing of Multivariate Polynomials and Applications , 2011, ACNS.

[26]  Moni Naor,et al.  Number-theoretic constructions of efficient pseudo-random functions , 2004, JACM.

[27]  Moti Yung,et al.  Efficient robust private set intersection , 2009, Int. J. Appl. Cryptogr..

[28]  Stanislaw Jarecki,et al.  Public Key Cryptography – PKC 2009 , 2009, Lecture Notes in Computer Science.

[29]  Joe Kilian,et al.  Founding crytpography on oblivious transfer , 1988, STOC '88.

[30]  Mihir Bellare,et al.  The Exact Security of Digital Signatures - HOw to Sign with RSA and Rabin , 1996, EUROCRYPT.

[31]  Jan Camenisch,et al.  Private Intersection of Certified Sets , 2009, Financial Cryptography.

[32]  Aggelos Kiayias,et al.  Traceable Signatures , 2004, EUROCRYPT.