Security Analysis of a Verifiable Server-Aided Approximate Similarity Computation

In this work, we report security analysis of the recently proposed server-aided verifiable approximate set similarity computation protocol by Qiu et al. (Security in Cloud Computing 2016). This protocol uses a certain consistency check mechanism to verify the computation result returned by a potentially malicious server. According to the original paper, the proposed consistency check can identify a misconduct of the malicious server with high probability. We show the flaws in their analysis and design a set of attacks to break their protocols (including a generalized one). Experimental results are presented that demonstrate the effectiveness of our attacks.

[1]  Andrei Z. Broder,et al.  On the resemblance and containment of documents , 1997, Proceedings. Compression and Complexity of SEQUENCES 1997 (Cat. No.97TB100171).

[2]  Mariana Raykova,et al.  Scaling Private Set Intersection to Billion-Element Sets , 2014, Financial Cryptography.

[3]  Paul Jaccard,et al.  Distribution comparée de la flore alpine dans quelques régions des Alpes occidentales et orientales , 1902 .

[4]  Andrew Chi-Chih Yao,et al.  Protocols for secure computations , 1982, FOCS 1982.

[5]  V. Rich Personal communication , 1989, Nature.

[6]  Benny Pinkas,et al.  Efficient Set Intersection with Simulation-Based Security , 2014, Journal of Cryptology.

[7]  Din J. Wasem,et al.  Mining of Massive Datasets , 2014 .

[8]  Emiliano De Cristofaro,et al.  Fast and Private Computation of Cardinality of Set Intersection and Union , 2012, CANS.

[9]  Jure Leskovec,et al.  Mining of Massive Datasets: MapReduce and the New Software Stack , 2014 .

[10]  Ming Li,et al.  Fast, Private and Verifiable: Server-aided Approximate Similarity Computation over Large-Scale Datasets , 2016, SCC@AsiaCCS.

[11]  Michael Zohner,et al.  GMW vs. Yao? Efficient Secure Two-Party Computation with Low Depth Circuits , 2013, Financial Cryptography.

[12]  Emiliano De Cristofaro,et al.  EsPRESSo: Efficient Privacy-Preserving Evaluation of Sample Set Similarity , 2012, DPM/SETOP.

[13]  Changyu Dong,et al.  When private set intersection meets big data: an efficient and scalable protocol , 2013, CCS.

[14]  Benny Pinkas,et al.  Faster Private Set Intersection Based on OT Extension , 2014, USENIX Security Symposium.

[15]  Yehuda Lindell,et al.  Privacy Preserving Data Mining , 2000, Journal of Cryptology.

[16]  Jonathan Katz,et al.  Private Set Intersection: Are Garbled Circuits Better than Custom Protocols? , 2012, NDSS.