论文信息 - Multi-Party Threshold Private Set Intersection with Sublinear Communication

Multi-Party Threshold Private Set Intersection with Sublinear Communication

In multi-party threshold private set intersection (PSI), n parties each with a private set wish to compute the intersection of their sets if the intersection is sufficiently large. Previously, Ghosh and Simkin (CRYPTO 2019) studied this problem for the two-party case and demonstrated interesting lower and upper bounds on the communication complexity. In this work, we investigate the communication complexity of the multi-party setting (n ≥ 2). We consider two functionalities for multi-party threshold PSI. In the first, parties learn the intersection if each of their sets and the intersection differ by at most T . In the second functionality, parties learn the intersection if the union of all their sets and the intersection differ by at most T . For both functionalities, we show that any protocol must have communication complexity Ω(nT ). We build protocols with a matching upper bound of O(nT ) communication complexity for both functionalities assuming threshold FHE. We also construct a computationally more efficient protocol for the second functionality with communication complexity Õ(nT ) under a weaker assumption of threshold additive homomorphic encryption. As a consequence, we achieve the first “regular” multi-party PSI protocol where the communication complexity only grows with the size of the set difference and does not depend on the size of the input sets.

[1] Carmit Hazay,et al. Scalable Multi-party Private Set-Intersection , 2017, Public Key Cryptography.

[2] Vladimir Kolesnikov,et al. Efficient Batched Oblivious PRF with Applications to Private Set Intersection , 2016, CCS.

[3] Peter Rindal,et al. Malicious-Secure Private Set Intersection via Dual Execution , 2017, CCS.

[4] Ivan Damgård,et al. Multiparty Computation from Threshold Homomorphic Encryption , 2000, EUROCRYPT.

[5] Benny Pinkas,et al. Efficient Circuit-based PSI via Cuckoo Hashing , 2018, IACR Cryptol. ePrint Arch..

[6] Yaron Minsky,et al. Set reconciliation with nearly optimal communication complexity , 2003, IEEE Trans. Inf. Theory.

[7] Benny Pinkas,et al. SpOT-Light: Lightweight Private Set Intersection from Sparse OT Extension , 2019, IACR Cryptol. ePrint Arch..

[8] Brent Waters,et al. Output Compression, MPC, and iO for Turing Machines , 2019, IACR Cryptol. ePrint Arch..

[9] Benny Pinkas,et al. Phasing: Private Set Intersection Using Permutation-based Hashing , 2015, USENIX Security Symposium.

[10] Yuval Ishai,et al. COMPUTATIONALLY PRIVATE RANDOMIZING POLYNOMIALS AND THEIR APPLICATIONS , 2005, 20th Annual IEEE Conference on Computational Complexity (CCC'05).

[11] R. Gregory Taylor,et al. Modern computer algebra , 2002, SIGA.

[12] Tad Hogg,et al. Enhancing privacy and trust in electronic communities , 1999, EC '99.

[13] Benny Pinkas,et al. Practical Multi-party Private Set Intersection from Symmetric-Key Techniques , 2017, CCS.

[14] Pascal Paillier,et al. Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[15] Ran Canetti,et al. Universally composable security: a new paradigm for cryptographic protocols , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[16] Stefan Katzenbeisser,et al. Privacy preserving error resilient dna searching through oblivious automata , 2007, CCS '07.

[17] Dan Boneh,et al. Threshold Cryptosystems From Threshold Fully Homomorphic Encryption , 2018, IACR Cryptol. ePrint Arch..

[18] Changyu Dong,et al. When private set intersection meets big data: an efficient and scalable protocol , 2013, CCS.

[19] Yuval Ishai,et al. Scalable Multiparty Computation with Nearly Optimal Work and Resilience , 2008, CRYPTO.

[20] Kyomin Jung,et al. A local decision test for sparse polynomials , 2010, Inf. Process. Lett..

[21] Moti Yung,et al. Private Intersection-Sum Protocol with Applications to Attributing Aggregate Ad Conversions , 2017, IACR Cryptol. ePrint Arch..

[22] Peter Rindal,et al. Improved Private Set Intersection Against Malicious Adversaries , 2017, EUROCRYPT.

[23] Tobias Nilges,et al. An Algebraic Approach to Maliciously Secure Private Set Intersection , 2019, IACR Cryptol. ePrint Arch..

[24] Taher El Gamal. A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, IEEE Trans. Inf. Theory.

[25] Andrew Chi-Chih Yao,et al. How to generate and exchange secrets , 1986, 27th Annual Symposium on Foundations of Computer Science (sfcs 1986).

[26] Prateek Mittal,et al. BotGrep: Finding P2P Bots with Structured Graph Analysis , 2010, USENIX Security Symposium.

[27] Payman Mohassel,et al. SecureML: A System for Scalable Privacy-Preserving Machine Learning , 2017, 2017 IEEE Symposium on Security and Privacy (SP).

[28] Emmanuela Orsini,et al. Actively Secure 1-out-of-N OT Extension with Application to Private Set Intersection , 2017, CT-RSA.

[29] Mark Braverman,et al. On Information Complexity in the Broadcast Model , 2015, PODC.

[30] Catherine A. Meadows,et al. A More Efficient Cryptographic Matchmaking Protocol for Use in the Absence of a Continuously Available Third Party , 1986, 1986 IEEE Symposium on Security and Privacy.

[31] Eike Kiltz,et al. Secure Linear Algebra Using Linearly Recurrent Sequences , 2007, Complexity of Boolean Functions.

[32] Matthew K. Franklin,et al. Joint encryption and message-efficient secure computation , 1993, Journal of Cryptology.

[33] Benny Pinkas,et al. PSI from PaXoS: Fast, Malicious Private Set Intersection , 2020, IACR Cryptol. ePrint Arch..

[34] Benny Pinkas,et al. Faster Private Set Intersection Based on OT Extension , 2014, USENIX Security Symposium.

[35] Emiliano De Cristofaro,et al. Practical Private Set Intersection Protocols with Linear Complexity , 2010, Financial Cryptography.

[36] Dawn Xiaodong Song,et al. Privacy-Preserving Set Operations , 2005, CRYPTO.

[37] Donald Beaver,et al. Efficient Multiparty Protocols Using Circuit Randomization , 1991, CRYPTO.

[38] Benny Pinkas,et al. Efficient Private Matching and Set Intersection , 2004, EUROCRYPT.

[39] Mark Simkin,et al. The Communication Complexity of Threshold Private Set Intersection , 2019, IACR Cryptol. ePrint Arch..

[40] Carmit Hazay,et al. Efficient Set Operations in the Presence of Malicious Adversaries , 2010, Journal of Cryptology.

[41] Daniel Wichs,et al. On the Communication Complexity of Secure Function Evaluation with Long Output , 2015, IACR Cryptol. ePrint Arch..

[42] Sherman S. M. Chow,et al. Can you find the one for me? Privacy-Preserving Matchmaking via Threshold PSI , 2018, IACR Cryptol. ePrint Arch..

[43] Josh Benaloh,et al. Dense Probabilistic Encryption , 1999 .