Policy-Enhanced Private Set Intersection: Sharing Information While Enforcing Privacy Policies

Companies, organizations, and individuals often wish to share information to realize valuable social and economic goals. Unfortunately, privacy concerns often stand in the way of such information sharing and exchange. This paper proposes a novel cryptographic paradigm called Policy-Enhanced Private Set Intersection (PPSI ), allowing two parties to share information while enforcing the desired privacy policies. Our constructions require minimal additional overhead over traditional Private Set Intersection (PSI) protocols, and yet we can handle rich policy semantics previously not possible with traditional PSI and Authorized Private Set Intersection (APSI) protocols. Our scheme involves running a standard PSI protocol over carefully crafted encodings of elements formed as part of a challenge-response mechanism. The structure of these encodings resemble techniques used for aggregating BLS signatures in bilinear groups. We prove that our scheme is secure in the malicious model, under the CBDH assumption, the random oracle model, and the assumption that the underlying PSI protocol is secure against malicious adversaries.

[1]  Beng Chin Ooi,et al.  Privacy and ownership preserving of outsourced medical data , 2005, 21st International Conference on Data Engineering (ICDE'05).

[2]  Carmit Hazay,et al.  Efficient Set Operations in the Presence of Malicious Adversaries , 2010, Journal of Cryptology.

[3]  Benny Pinkas,et al.  Efficient Private Matching and Set Intersection , 2004, EUROCRYPT.

[4]  Jan Camenisch,et al.  Private Intersection of Certified Sets , 2009, Financial Cryptography.

[5]  Neha Jain,et al.  HIPAA's Effect on Web Site Privacy Policies , 2007, IEEE Security & Privacy.

[6]  D. Song,et al.  Private and threshold set-intersection , 2004 .

[7]  Hovav Shacham,et al.  Short Signatures from the Weil Pairing , 2001, J. Cryptol..

[8]  Emiliano De Cristofaro,et al.  Linear-Complexity Private Set Intersection Protocols Secure in Malicious Model , 2010, ASIACRYPT.

[9]  Moti Yung,et al.  Efficient robust private set intersection , 2009, Int. J. Appl. Cryptogr..

[10]  Ran Canetti,et al.  Security and Composition of Multiparty Cryptographic Protocols , 2000, Journal of Cryptology.

[11]  Xiaomin Liu,et al.  Fast Secure Computation of Set Intersection , 2010, SCN.

[12]  Emiliano De Cristofaro,et al.  (If) Size Matters: Size-Hiding Private Set Intersection , 2011, IACR Cryptol. ePrint Arch..

[13]  Emiliano De Cristofaro,et al.  Practical Private Set Intersection Protocols with Linear Complexity , 2010, Financial Cryptography.

[14]  Dawn Xiaodong Song,et al.  Privacy-Preserving Set Operations , 2005, CRYPTO.

[15]  Benny Pinkas,et al.  Keyword Search and Oblivious Pseudorandom Functions , 2005, TCC.

[16]  Xiaomin Liu,et al.  Efficient Oblivious Pseudorandom Function with Applications to Adaptive OT and Secure Computation of Set Intersection , 2009, TCC.

[17]  Emiliano De Cristofaro,et al.  Privacy-Preserving Policy-Based Information Transfer , 2009, Privacy Enhancing Technologies.

[18]  Yehuda Lindell,et al.  Efficient Protocols for Set Intersection and Pattern Matching with Security Against Malicious and Covert Adversaries , 2008, Journal of Cryptology.