PIR-PSI: Scaling Private Contact Discovery

Abstract An important initialization step in many social-networking applications is contact discovery, which allows a user of the service to identify which of its existing social contacts also use the service. Naïve approaches to contact discovery reveal a user’s entire set of social/professional contacts to the service, presenting a significant tension between functionality and privacy. In this work, we present a system for private contact discovery, in which the client learns only the intersection of its own contact list and a server’s user database, and the server learns only the (approximate) size of the client’s list. The protocol is specifically tailored to the case of a small client set and large user database. Our protocol has provable security guarantees and combines new ideas with state-of-the-art techniques from private information retrieval and private set intersection. We report on a highly optimized prototype implementation of our system, which is practical on real-world set sizes. For example, contact discovery between a client with 1024 contacts and a server with 67 million user entries takes 1.36 sec (when using server multi-threading) and uses only 4.28 MiB of communication.

[1]  Changyu Dong,et al.  A Fast Single Server Private Information Retrieval Protocol with Low Communication Cost , 2014, ESORICS.

[2]  Emmanuela Orsini,et al.  Actively Secure 1-out-of-N OT Extension with Application to Private Set Intersection , 2017, CT-RSA.

[3]  Gizem S. Cetin,et al.  Private queries on encrypted genomic data , 2017, BMC Medical Genomics.

[4]  Emiliano De Cristofaro,et al.  Linear-Complexity Private Set Intersection Protocols Secure in Malicious Model , 2010, ASIACRYPT.

[5]  Yuval Ishai,et al.  Function Secret Sharing: Improvements and Extensions , 2016, CCS.

[6]  Ian Goldberg,et al.  One (Block) Size Fits All: PIR and SPIR with Variable-Length Records via Multi-Block Queries , 2013, NDSS.

[7]  Andrea Montanari,et al.  Tight Thresholds for Cuckoo Hashing via XORSAT , 2009, ICALP.

[8]  Changyu Dong,et al.  When private set intersection meets big data: an efficient and scalable protocol , 2013, CCS.

[9]  Travis Mayberry,et al.  PIRMAP: Efficient Private Information Retrieval for MapReduce , 2013, Financial Cryptography.

[10]  Eyal Kushilevitz,et al.  Private information retrieval , 1998, JACM.

[11]  Craig Gentry,et al.  Single-Database Private Information Retrieval with Constant Communication Rate , 2005, ICALP.

[12]  Ian Goldberg,et al.  Optimally Robust Private Information Retrieval , 2012, USENIX Security Symposium.

[13]  Silvio Micali,et al.  A Completeness Theorem for Protocols with Honest Majority , 1987, STOC 1987.

[14]  Benny Pinkas,et al.  Faster Private Set Intersection Based on OT Extension , 2014, USENIX Security Symposium.

[15]  Kim Laine,et al.  Secure Data Exchange: A Marketplace in the Cloud , 2016, IACR Cryptol. ePrint Arch..

[16]  Andrew Chi-Chih Yao,et al.  Protocols for Secure Computations (Extended Abstract) , 1982, FOCS.

[17]  Amir Herzberg,et al.  RAID-PIR: Practical Multi-Server PIR , 2014, CCSW.

[18]  Moni Naor,et al.  Private Information Retrieval by Keywords , 1998, IACR Cryptol. ePrint Arch..

[19]  Srinath T. V. Setty,et al.  Unobservable Communication over Fully Untrusted Infrastructure , 2016, OSDI.

[20]  Ryan Henry,et al.  Polynomial Batch Codes for Efficient IT-PIR , 2016, Proc. Priv. Enhancing Technol..

[21]  Ian Goldberg,et al.  Sublinear Scaling for Multi-Client Private Information Retrieval , 2015, Financial Cryptography.

[22]  Yuval Ishai,et al.  Function Secret Sharing , 2015, EUROCRYPT.

[23]  Benny Pinkas,et al.  Efficient Private Matching and Set Intersection , 2004, EUROCRYPT.

[24]  Benny Pinkas,et al.  Scalable Private Set Intersection Based on OT Extension , 2018, IACR Cryptol. ePrint Arch..

[25]  Mikkel Lambæk Breaking and Fixing Private Set Intersection Protocols , 2016, IACR Cryptol. ePrint Arch..

[26]  Aggelos Kiayias,et al.  Multi-query Computationally-Private Information Retrieval with Constant Communication Rate , 2010, Public Key Cryptography.

[27]  Marc-Olivier Killijian,et al.  XPIR : Private Information Retrieval for Everyone , 2016, Proc. Priv. Enhancing Technol..

[28]  Silvio Micali,et al.  Computationally Private Information Retrieval with Polylogarithmic Communication , 1999, EUROCRYPT.

[29]  Emiliano De Cristofaro,et al.  Practical Private Set Intersection Protocols with Linear Complexity , 2010, Financial Cryptography.

[30]  Diego F. Aranha,et al.  Faster Unbalanced Private Set Intersection , 2018, Financial Cryptography.

[31]  Alan M. Frieze,et al.  An Analysis of Random-Walk Cuckoo Hashing , 2011, SIAM J. Comput..

[32]  Srinath T. V. Setty,et al.  PIR with Compressed Queries and Amortized Query Processing , 2018, 2018 IEEE Symposium on Security and Privacy (SP).

[33]  Benny Pinkas,et al.  Phasing: Private Set Intersection Using Permutation-based Hashing , 2015, USENIX Security Symposium.

[34]  Benny Pinkas,et al.  Private Set Intersection for Unequal Set Sizes with Mobile Applications , 2017, Proc. Priv. Enhancing Technol..

[35]  Peter Rindal,et al.  Improved Private Set Intersection Against Malicious Adversaries , 2017, EUROCRYPT.

[36]  Ian Goldberg,et al.  Practical PIR for electronic commerce , 2011, CCS '11.

[37]  Andy Parrish,et al.  Efficient Computationally Private Information Retrieval from Anonymity or Trapdoor Groups , 2010, ISC.

[38]  Vladimir Kolesnikov,et al.  Efficient Batched Oblivious PRF with Applications to Private Set Intersection , 2016, CCS.

[39]  Hao Chen,et al.  Fast Private Set Intersection from Homomorphic Encryption , 2017, CCS.

[40]  Yuval Ishai,et al.  Distributed Point Functions and Their Applications , 2014, EUROCRYPT.