Security Analysis of a Verifiable Server-Aided Approximate Similarity Computation

  • Rui XuEmail author
  • Kirill Morozov
  • Anirban Basu
  • Mohammad Shahriar Rahman
  • Shinsaku Kiyomoto
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10418)


In this work, we report security analysis of the recently proposed server-aided verifiable approximate set similarity computation protocol by Qiu et al. (Security in Cloud Computing 2016). This protocol uses a certain consistency check mechanism to verify the computation result returned by a potentially malicious server. According to the original paper, the proposed consistency check can identify a misconduct of the malicious server with high probability. We show the flaws in their analysis and design a set of attacks to break their protocols (including a generalized one). Experimental results are presented that demonstrate the effectiveness of our attacks.


Verifiable computation Server-aided computation Cryptanalysis Privacy-preserving 



The authors are grateful to the anonymous reviewers of IWSEC 2017 for their constructive comments that helped improve the presentation of this work.


  1. 1.
    Blundo, C., Cristofaro, E., Gasti, P.: EsPRESSo: efficient privacy-preserving evaluation of sample set similarity. In: Pietro, R., Herranz, J., Damiani, E., State, R. (eds.) DPM/SETOP -2012. LNCS, vol. 7731, pp. 89–103. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-35890-6_7 CrossRefGoogle Scholar
  2. 2.
    Broder, A.Z.: On the resemblance and containment of documents. In: Compression and Complexity of Sequences 1997, Proceedings, pp. 21–29. IEEE (1997)Google Scholar
  3. 3.
    Cristofaro, E., Gasti, P., Tsudik, G.: Fast and private computation of cardinality of set intersection and union. In: Pieprzyk, J., Sadeghi, A.-R., Manulis, M. (eds.) CANS 2012. LNCS, vol. 7712, pp. 218–231. Springer, Heidelberg (2012). doi: 10.1007/978-3-642-35404-5_17 CrossRefGoogle Scholar
  4. 4.
    Dong, C., Chen, L., Wen, Z.: When private set intersection meets big data: an efficient and scalable protocol. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, pp. 789–800. ACM (2013)Google Scholar
  5. 5.
    Freedman, M.J., Hazay, C., Nissim, K., Pinkas, B.: Efficient set intersection with simulation-based security. J. Cryptology 29(1), 115–155 (2016)MathSciNetCrossRefzbMATHGoogle Scholar
  6. 6.
    Huang, Y., Evans, D., Katz, J.: Private set intersection: are garbled circuits better than custom protocols? In: NDSS (2012)Google Scholar
  7. 7.
    Jaccard, P.: Distribution comparée de la flore alpine dans quelques régions des alpes occidentales et orientales. Bulletin de la Murithienne 31, 81–92 (1902)Google Scholar
  8. 8.
    Kamara, S., Mohassel, P., Raykova, M., Sadeghian, S.: Scaling private set intersection to billion-element sets. In: Christin, N., Safavi-Naini, R. (eds.) FC 2014. LNCS, vol. 8437, pp. 195–215. Springer, Heidelberg (2014). doi: 10.1007/978-3-662-45472-5_13 Google Scholar
  9. 9.
    Leskovec, J., Rajaraman, A., Ullman, J.D.: Mining of Massive Datasets. Cambridge University Press, New York (2014)CrossRefGoogle Scholar
  10. 10.
    Lindell, Y., Pinkas, B.: Privacy preserving data mining. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 36–54. Springer, Heidelberg (2000). doi: 10.1007/3-540-44598-6_3 CrossRefGoogle Scholar
  11. 11.
    Pinkas, B., Schneider, T., Zohner, M.: Faster private set intersection based on OT extension. In: 23rd USENIX Security Symposium (USENIX Security 2014), pp. 797–812 (2014)Google Scholar
  12. 12.
    Qiu, S., Wang, B., Li, M., Victors, J., Liu, J., Shi, Y., Wang, W.: Fast, private and verifiable: server-aided approximate similarity computation over large-scale datasets. In: Proceedings of the 4th ACM International Workshop on Security in Cloud Computing, pp. 29–36. ACM (2016)Google Scholar
  13. 13.
    Qui, S.: Personal communication (2017)Google Scholar
  14. 14.
    Schneider, T., Zohner, M.: GMW vs. Yao? efficient secure two-party computation with low depth circuits. In: Sadeghi, A.-R. (ed.) FC 2013. LNCS, vol. 7859, pp. 275–292. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-39884-1_23 CrossRefGoogle Scholar
  15. 15.
    Yao, A.C.: Protocols for secure computations. In: 23rd Annual Symposium on Foundations of Computer Science, SFCS’08, pp. 160–164. IEEE (1982)Google Scholar
  16. 16.

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  • Rui Xu
    • 1
    Email author
  • Kirill Morozov
    • 2
  • Anirban Basu
    • 1
  • Mohammad Shahriar Rahman
    • 3
  • Shinsaku Kiyomoto
    • 1
  1. 1.KDDI Research, Inc.FujiminoJapan
  2. 2.School of ComputingTokyo Institute of TechnologyTokyoJapan
  3. 3.University of Asia PacificDhakaBangladesh

Personalised recommendations