Information Security pp 69-86 | Cite as

# Round-Efficient Private Stable Matching from Additive Homomorphic Encryption

## Abstract

In the present paper, we propose private stable matching protocols to solve the stable marriage problem with the round complexity \(O(n^2)\), where *n* is the problem size. In the multiparty setting, the round complexity of our protocol is better than all of the existing practical protocols. We also implement our protocol on a standard personal computer, smartphones, and tablet computers for experimental performance evaluation. Our protocols are constructed by using additive homomorphic encryption only, and this construction yields improved round complexity and implementation-friendliness. To the best of our knowledge, our experiment is the first implementation report of a private stable matching protocol that has a feasible running time.

## Notes

### Acknowledgements

The work is supported by FIRST program and Grant-in-Aid 12913388. The authors would like to thank Jacob Schuldt, Nuttapong Attrapadung, and Naoto Yanai for the valuable discussion and comments. We also thank the members of Shin-Akarui-Angou-Benkyou-Kai and the anonymous reviewers of ISC 2013 for their valuable discussion and comments.

## References

- 1.Beaver, D., Micali, S., Rogaway, P.: The round complexity of secure protocols (extended abstract). In: Ortiz, H. (ed.) STOC, pp. 503–513. ACM (1990)Google Scholar
- 2.Damgård, I.B., Fitzi, M., Kiltz, E., Nielsen, J.B., Toft, T.: Unconditionally secure constant-rounds multi-party computation for equality, comparison, bits and exponentiation. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 285–304. Springer, Heidelberg (2006) CrossRefGoogle Scholar
- 3.Damgård, I., Jurik, M.: A generalisation, a simplification and some applications of Paillier’s probabilistic public-key system. In: Kim, K. (ed.) PKC 2001. LNCS, vol. 1992, pp. 119–136. Springer, Heidelberg (2001) CrossRefGoogle Scholar
- 4.ECRYPT II: Yearly report on algorithms and keysize (2011–2012), September 2012. http://www.ecrypt.eu.org/
- 5.El Gamal, T.: A public key cryptosystem and a signature scheme based on discrete logarithms. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 10–18. Springer, Heidelberg (1985) CrossRefGoogle Scholar
- 6.Fouque, P.-A., Poupard, G., Stern, J.: Sharing decryption in the context of voting or lotteries. In: Frankel, Y. (ed.) FC 2000. LNCS, vol. 1962, pp. 90–104. Springer, Heidelberg (2001) CrossRefGoogle Scholar
- 7.Franklin, M.K., Gondree, M., Mohassel, P.: Improved efficiency for private stable matching. In: Abe, M. (ed.) CT-RSA 2007. LNCS, vol. 4377, pp. 163–177. Springer, Heidelberg (2006) CrossRefGoogle Scholar
- 8.Franklin, M.K., Gondree, M., Mohassel, P.: Multi-party indirect indexing and applications. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol. 4833, pp. 283–297. Springer, Heidelberg (2007) CrossRefGoogle Scholar
- 9.Gale, D., Shapley, L.S.: College admissions and the stability of marriage. Am. Math. Mon.
**69**(1), 9–15 (1962)zbMATHMathSciNetCrossRefGoogle Scholar - 10.Gennaro, R., Jarecki, S., Krawczyk, H., Rabin, T.: Secure distributed key generation for discrete-log based cryptosystems. J. Crypt.
**20**(1), 51–83 (2007)zbMATHMathSciNetCrossRefGoogle Scholar - 11.Goldwasser, S., Micali, S.: Probabilistic encryption. J. Comput. Syst. Sci.
**28**(2), 270–299 (1984)zbMATHMathSciNetCrossRefGoogle Scholar - 12.Golle, P.: A private stable matching algorithm. In: Di Crescenzo, G., Rubin, A. (eds.) FC 2006. LNCS, vol. 4107, pp. 65–80. Springer, Heidelberg (2006) CrossRefGoogle Scholar
- 13.Golle, P., Juels, A.: Parallel mixing. In: Atluri, V., Pfitzmann, B., McDaniel, P.D. (eds.) ACM Conference on Computer and Communications Security, pp. 220–226. ACM (2004)Google Scholar
- 14.Google, Open Handset Alliance: Android developers. http://developer.android.com/
- 15.Gusfield, D., Irving, R.W.: The Stable Marriage Problem: Structure and Algorithms. The Foundations of Computing. MIT Press, Cambridge (1989) zbMATHGoogle Scholar
- 16.Lipmaa, H.: Verifiable homomorphic oblivious transfer and private equality test. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 416–433. Springer, Heidelberg (2003) CrossRefGoogle Scholar
- 17.Naor, M., Nissim, K.: Communication preserving protocols for secure function evaluation. In: Vitter, J.S., Spirakis, P.G., Yannakakis, M. (eds.) STOC, pp. 590–599. ACM (2001)Google Scholar
- 18.NIST: Special publication 800–57, recommendation for key management - part 1: General (revision 3), July 2012. http://csrc.nist.gov/publications/PubsSPs.html
- 19.Oracle: Java.com. http://java.com/
- 20.Paillier, P.: Public-key cryptosystems based on composite degree residuosity classes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 223–238. Springer, Heidelberg (1999) CrossRefGoogle Scholar
- 21.Stern, J.P.: A new and efficient all-or-nothing disclosure of secrets protocol. In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998. LNCS, vol. 1514, pp. 357–371. Springer, Heidelberg (1998) CrossRefGoogle Scholar
- 22.Yao, A.C.C.: How to generate and exchange secrets (extended abstract). In: FOCS, pp. 162–167. IEEE Computer Society (1986)Google Scholar