Abstract
We revisit the problem of constructing efficient secure two-party protocols for the problems of set intersection and set union, focusing on the model of malicious parties. Our main results are constant-round protocols that exhibit linear communication and a (practically) linear number of exponentiations with simulation-based security. At the heart of these constructions is a technique based on a combination of a perfectly hiding commitment and an oblivious pseudorandom function evaluation protocol. Our protocols readily transform into protocols that are UC secure, and we discuss how to perform these transformations.
Article PDF
Similar content being viewed by others
References
G. Aggarwal, N. Mishra, B. Pinkas, Secure computation of the kth-ranked element, in EUROCRYPT’04. LNCS, vol. 3027 (Springer, Berlin, 2004), pp. 40–55
Y. Aumann, Y. Lindell, Security against covert adversaries: efficient protocols for realistic adversaries, in 4th TCC. LNCS, vol. 4392 (Springer, Berlin, 2007), pp. 137–156
Y. Azar, A.Z. Broder, A.R. Karlin, E. Upfal, Balanced allocations. SIAM J. Comput. 29(1), 180–200 (1999)
M. Ben-Or, S. Goldwasser, A. Wigderson, Completeness theorems for non cryptographic fault tolerant distributed computations, in 20th STOC (1988), pp. 1–10
D. Boneh, E. Goh, K. Nissim, Evaluating 2-DNF formulas on ciphertexts, in 2nd TCC. LNCS, vol. 3378 (Springer, Berlin, 2005), pp. 325–341
S. Böttcher, S. Obermeier, Secure set union and bag union computation for guaranteeing anonymity of distrustful participants. J. Softw. 3(1), 9–17 (2008)
R. Canetti, Security and composition of multiparty cryptographic protocols. J. Cryptol. 13(1), 143–202 (2000)
J. Camenisch, G.M. Zaverucha, Private intersection of certified sets, in Financial Crypto (2009), pp. 128–127
R. Canetti, Universally composable security: A new paradigm for cryptographic protocols, in 42nd FOCS (2001), pp. 136–145
R. Canetti, E. Kushilevitz, Y. Lindell, On the limitations of universal composable two-party computation without set-up assumptions, in 44th FOCS (2003), pp. 136–145
D. Chaum, T.P. Pedersen, Wallet databases with observers, in CRYPTO’92. LNCS, vol. 740 (Springer, Berlin, 1992), pp. 89–105
D. Chaum, C. Crépeau, I. Damgård, Multiparty unconditionally secure protocols, in 20th STOC (1988), pp. 11–19
R. Cramer, I. Damgård, B. Schoenmakers, Proofs of partial knowledge and simplified design of witness hiding protocols, in CRYPTO’94. LNCS, vol. 839 (Springer, Berlin, 1994), pp. 174–187
D. Dachman-Soled, T. Malkin, M. Raykova, M. Yung, Efficient robust private set intersection, in ANCS. LNCS, vol. 5479 (Springer, Berlin, 2009), pp. 125–142
I. Damgård, Efficient concurrent zero-knowledge in the auxiliary string model, in EUROCRYPT’00. LNCS, vol. 1807 (Springer, Berlin, 2000), pp. 418–430
I. Damgård, M. Jurik, A generalisation, a simplification and some applications of Paillier’s probabilistic public-key system, in Public Key Cryptography. LNCS, vol. 1992 (Springer, Berlin, 2001), pp. 119–136
I. Damgård, J.B. Nielsen, Perfect hiding and perfect binding universally composable commitment schemes with constant expansion factor, in CRYPTO’02. LNCS, vol. 2442 (Springer, Berlin, 2002), pp. 3–42
I. Damgård, M. Jurik, J.B. Nielsen, A generalization of Paillier’s public-key system with applications to electronic voting, in Public Key Cryptography (2001), pp. 119–136
T. ElGamal, A public-key cryptosystem and a signature scheme based on discrete logarithms, in CRYPTO’84. LNCS, vol. 196 (Springer, Berlin, 1984), pp. 10–18
J. Feigenbaum, Y. Ishai, T. Malkin, K. Nissim, M.J. Strauss, R.N. Wright, Secure multiparty computation of approximations. ACM Trans. Algorithms 2(3), 435–472 (2006)
P. Fouque, D. Pointcheval, Threshold cryptosystems secure against chosen-ciphertext attacks, in Asiacrypt (2000), pp. 573–584
P. Fouque, G. Poupard, J. Stern, Sharing decryption in the context of voting of lotteries, in Financial Crypto (2009), pp. 90–104
M.J. Freedman, Y. Ishai, B. Pinkas, O. Reingold, Keyword search and oblivious pseudorandom functions, in 2nd TCC. LNCS, vol. 3378 (Springer, Berlin, 2005), pp. 303–324
M. Freedman, K. Nissim, B. Pinkas, Efficient private matching and set-intersection, in EUROCRYPT’04. LNCS, vol. 3027 (Springer, Berlin, 2004), pp. 1–19
O. Goldreich, Foundations of Cryptography: Volume 1—Basic Tools (Cambridge University Press, Cambridge, 2001)
O. Goldreich, Foundations of Cryptography: Volume 2—Basic Applications (Cambridge University Press, Cambridge, 2004)
O. Goldreich, A. Kahan, How to construct constant-round zero-knowledge proof systems for NP. J. Cryptol. 9(3), 167–190 (1996)
O. Goldreich, S. Micali, A. Wigderson, How to play any mental game, in 19th STOC (1987), pp. 218–229
S. Goldwasser, S. Micali, Probabilistic encryption. J. Comput. Syst. Sci. 28(2), 270–299 (1984)
C. Hazay, Y. Lindell, Efficient protocols for set intersection and pattern matching with security against malicious and covert adversaries, in 5th TCC. LNCS, vol. 4948 (Springer, Berlin, 2008), pp. 155–175
S. Jarecki, Personal Communication
S. Jarecki, X. Liu, Efficient oblivious pseudorandom function with applications to adaptive OT and secure computation of set intersection, in 6th TCC. LNCS, vol. 5444 (Springer, Berlin, 2009), pp. 577–594
E. Kiltz, P. Mohassel, E. Weinreb, M.K. Franklin, Secure linear algebra using linearly recurrent sequences, in 5th TCC. LNCS, vol. 4392 (Springer, Berlin, 2007), pp. 291–310
L. Kissner, D.X. Song, Privacy-preserving set operations, in CRYPTO’05. LNCS, vol. 3621 (Springer, Berlin, 2005), pp. 241–257. See technical report CMU-CS-05-113 for the full version
Y. Lindell, B. Pinkas, Privacy preserving data mining. J. Cryptol. 15(3), 177–206 (2002)
P. Mohassel, E. Weinreb, Efficient secure linear algebra in the presence of covert or computationally unbounded adversaries, in CRYPTO’08. LNCS, vol. 5157 (Springer, Berlin, 2009), pp. 481–496
M. Naor, K. Nissim, Communication preserving protocols for secure function evaluation, in 33th STOC (2001), pp. 590–599
M. Naor, O. Reingold, Number-theoretic constructions of efficient pseudo-random functions, in 38th FOCS (1997), pp. 231–262
K. Nissim, E. Weinreb, Communication efficient secure linear algebra, in 4th TCC (2006), pp. 522–541
T. Okamoto, Provably secure and practical identification schemes and corresponding signature schemes, in CRYPTO’92. LNCS, vol. 740 (Springer, Berlin, 1992), pp. 31–53
P. Paillier, Public-key cryptosystems based on composite degree residuosity classes, in EUROCRYPT’99. LNCS, vol. 1592 (Springer, Berlin, 1999), pp. 223–238
T.P. Pedersen, Non-interactive and information-theoretical secure verifiable secret sharing, in CRYPTO’91. LNCS, vol. 576 (Springer, Berlin, 1991), pp. 129–140
C. Peikert, V. Vaikuntanathan, B. Waters, A framework for efficient and composable oblivious transfer, in CRYPTO’08. LNCS, vol. 5157 (Springer, Berlin, 2008), pp. 554–571
C.P. Schnorr, Efficient identification and signatures for smart cards, in CRYPTO’89. LNCS, vol. 435 (Springer, Berlin, 1989), pp. 239–252
B. Vocking, How asymmetry helps load balancing. J. ACM 50(4), 568–589 (2003)
A.C. Yao, Protocols for secure computations, in 23th FOCS (1982), pp. 160–164
Author information
Authors and Affiliations
Corresponding author
Additional information
Communicated by Ivan Damgård
C. Hazay research was supported by an Eshkol scholarship and the Israel Science Foundation (grant No. 70/80).
K. Nissim research partly supported by the Israel Science Foundation (grant No. 860/06).
Rights and permissions
About this article
Cite this article
Hazay, C., Nissim, K. Efficient Set Operations in the Presence of Malicious Adversaries. J Cryptol 25, 383–433 (2012). https://doi.org/10.1007/s00145-011-9098-x
Received:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00145-011-9098-x