PSI from PaXoS: Fast, Malicious Private Set Intersection

Benny Pinkas; Mike Rosulek; Ni Trieu; Avishay Yanai

doi:10.1007/978-3-030-45724-2_25

PSI from PaXoS: Fast, Malicious Private Set Intersection

Benny Pinkas, Mike Rosulek, Ni Trieu, Avishay Yanai

Department of Computer Science

Bar-Ilan University

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

We present a 2-party private set intersection (PSI) protocol which provides security against malicious participants, yet is almost as fast as the fastest known semi-honest PSI protocol of Kolesnikov et al. (CCS 2016). Our protocol is based on a new approach for two-party PSI, which can be instantiated to provide security against either malicious or semi-honest adversaries. The protocol is unique in that the only difference between the semi-honest and malicious versions is an instantiation with different parameters for a linear error-correction code. It is also the first PSI protocol which is concretely efficient while having linear communication and security against malicious adversaries, while running in the OT-hybrid model (assuming a non-programmable random oracle). State of the art semi-honest PSI protocols take advantage of cuckoo hashing, but it has proven a challenge to use cuckoo hashing for malicious security. Our protocol is the first to use cuckoo hashing for malicious-secure PSI. We do so via a new data structure, called a probe-and-XOR of strings (PaXoS), which may be of independent interest. This abstraction captures important properties of previous data structures, most notably garbled Bloom filters. While an encoding by a garbled Bloom filter is larger by a factor of Ω (λ) than the original data, we describe a significantly improved PaXoS based on cuckoo hashing that achieves constant rate while being no worse in other relevant efficiency measures.

Original language	English
Title of host publication	Advances in Cryptology – EUROCRYPT 2020 - 39th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings
Editors	Anne Canteaut, Yuval Ishai
Pages	739-767
Number of pages	29
DOIs	https://doi.org/10.1007/978-3-030-45724-2_25
State	Published - 2020
Event	39th Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2020 - Zagreb, Croatia Duration: 10 May 2020 → 14 May 2020

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	12106 LNCS

Conference

Conference	39th Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2020
Country/Territory	Croatia
City	Zagreb
Period	10/05/20 → 14/05/20

All Science Journal Classification (ASJC) codes

Theoretical Computer Science
General Computer Science

Access to Document

10.1007/978-3-030-45724-2_25

Cite this

Pinkas, B., Rosulek, M., Trieu, N., & Yanai, A. (2020). PSI from PaXoS: Fast, Malicious Private Set Intersection. In A. Canteaut, & Y. Ishai (Eds.), Advances in Cryptology – EUROCRYPT 2020 - 39th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings (pp. 739-767). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 12106 LNCS). https://doi.org/10.1007/978-3-030-45724-2_25

Pinkas, Benny ; Rosulek, Mike ; Trieu, Ni et al. / PSI from PaXoS : Fast, Malicious Private Set Intersection. Advances in Cryptology – EUROCRYPT 2020 - 39th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings. editor / Anne Canteaut ; Yuval Ishai. 2020. pp. 739-767 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{e63fe950336845578924f6fc4238bc92,

title = "PSI from PaXoS: Fast, Malicious Private Set Intersection",

abstract = "We present a 2-party private set intersection (PSI) protocol which provides security against malicious participants, yet is almost as fast as the fastest known semi-honest PSI protocol of Kolesnikov et al. (CCS 2016). Our protocol is based on a new approach for two-party PSI, which can be instantiated to provide security against either malicious or semi-honest adversaries. The protocol is unique in that the only difference between the semi-honest and malicious versions is an instantiation with different parameters for a linear error-correction code. It is also the first PSI protocol which is concretely efficient while having linear communication and security against malicious adversaries, while running in the OT-hybrid model (assuming a non-programmable random oracle). State of the art semi-honest PSI protocols take advantage of cuckoo hashing, but it has proven a challenge to use cuckoo hashing for malicious security. Our protocol is the first to use cuckoo hashing for malicious-secure PSI. We do so via a new data structure, called a probe-and-XOR of strings (PaXoS), which may be of independent interest. This abstraction captures important properties of previous data structures, most notably garbled Bloom filters. While an encoding by a garbled Bloom filter is larger by a factor of Ω (λ) than the original data, we describe a significantly improved PaXoS based on cuckoo hashing that achieves constant rate while being no worse in other relevant efficiency measures.",

author = "Benny Pinkas and Mike Rosulek and Ni Trieu and Avishay Yanai",

note = "Publisher Copyright: {\textcopyright} International Association for Cryptologic Research 2020.; 39th Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2020 ; Conference date: 10-05-2020 Through 14-05-2020",

year = "2020",

doi = "10.1007/978-3-030-45724-2_25",

language = "الإنجليزيّة",

isbn = "9783030457235",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

pages = "739--767",

editor = "Anne Canteaut and Yuval Ishai",

booktitle = "Advances in Cryptology – EUROCRYPT 2020 - 39th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings",

}

Pinkas, B, Rosulek, M, Trieu, N & Yanai, A 2020, PSI from PaXoS: Fast, Malicious Private Set Intersection. in A Canteaut & Y Ishai (eds), Advances in Cryptology – EUROCRYPT 2020 - 39th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 12106 LNCS, pp. 739-767, 39th Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2020, Zagreb, Croatia, 10/05/20. https://doi.org/10.1007/978-3-030-45724-2_25

PSI from PaXoS: Fast, Malicious Private Set Intersection. / Pinkas, Benny; Rosulek, Mike; Trieu, Ni et al.
Advances in Cryptology – EUROCRYPT 2020 - 39th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings. ed. / Anne Canteaut; Yuval Ishai. 2020. p. 739-767 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 12106 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - PSI from PaXoS

T2 - 39th Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2020

AU - Pinkas, Benny

AU - Rosulek, Mike

AU - Trieu, Ni

AU - Yanai, Avishay

PY - 2020

Y1 - 2020

N2 - We present a 2-party private set intersection (PSI) protocol which provides security against malicious participants, yet is almost as fast as the fastest known semi-honest PSI protocol of Kolesnikov et al. (CCS 2016). Our protocol is based on a new approach for two-party PSI, which can be instantiated to provide security against either malicious or semi-honest adversaries. The protocol is unique in that the only difference between the semi-honest and malicious versions is an instantiation with different parameters for a linear error-correction code. It is also the first PSI protocol which is concretely efficient while having linear communication and security against malicious adversaries, while running in the OT-hybrid model (assuming a non-programmable random oracle). State of the art semi-honest PSI protocols take advantage of cuckoo hashing, but it has proven a challenge to use cuckoo hashing for malicious security. Our protocol is the first to use cuckoo hashing for malicious-secure PSI. We do so via a new data structure, called a probe-and-XOR of strings (PaXoS), which may be of independent interest. This abstraction captures important properties of previous data structures, most notably garbled Bloom filters. While an encoding by a garbled Bloom filter is larger by a factor of Ω (λ) than the original data, we describe a significantly improved PaXoS based on cuckoo hashing that achieves constant rate while being no worse in other relevant efficiency measures.

AB - We present a 2-party private set intersection (PSI) protocol which provides security against malicious participants, yet is almost as fast as the fastest known semi-honest PSI protocol of Kolesnikov et al. (CCS 2016). Our protocol is based on a new approach for two-party PSI, which can be instantiated to provide security against either malicious or semi-honest adversaries. The protocol is unique in that the only difference between the semi-honest and malicious versions is an instantiation with different parameters for a linear error-correction code. It is also the first PSI protocol which is concretely efficient while having linear communication and security against malicious adversaries, while running in the OT-hybrid model (assuming a non-programmable random oracle). State of the art semi-honest PSI protocols take advantage of cuckoo hashing, but it has proven a challenge to use cuckoo hashing for malicious security. Our protocol is the first to use cuckoo hashing for malicious-secure PSI. We do so via a new data structure, called a probe-and-XOR of strings (PaXoS), which may be of independent interest. This abstraction captures important properties of previous data structures, most notably garbled Bloom filters. While an encoding by a garbled Bloom filter is larger by a factor of Ω (λ) than the original data, we describe a significantly improved PaXoS based on cuckoo hashing that achieves constant rate while being no worse in other relevant efficiency measures.

UR - http://www.scopus.com/inward/record.url?scp=85084798188&partnerID=8YFLogxK

U2 - 10.1007/978-3-030-45724-2_25

DO - 10.1007/978-3-030-45724-2_25

M3 - منشور من مؤتمر

SN - 9783030457235

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 739

EP - 767

BT - Advances in Cryptology – EUROCRYPT 2020 - 39th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings

A2 - Canteaut, Anne

A2 - Ishai, Yuval

Y2 - 10 May 2020 through 14 May 2020

ER -

Pinkas B, Rosulek M, Trieu N, Yanai A. PSI from PaXoS: Fast, Malicious Private Set Intersection. In Canteaut A, Ishai Y, editors, Advances in Cryptology – EUROCRYPT 2020 - 39th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings. 2020. p. 739-767. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-030-45724-2_25

PSI from PaXoS: Fast, Malicious Private Set Intersection

Abstract

Publication series

Conference

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this