TY - GEN
T1 - PSImple
T2 - 17th ACM ASIA Conference on Computer and Communications Security 2022, ASIA CCS 2022
AU - Ben-Efraim, Aner
AU - Nissenbaum, Olga
AU - Omri, Eran
AU - Paskin-Cherniavsky, Anat
N1 - Publisher Copyright:
© 2022 ACM.
PY - 2022/5/30
Y1 - 2022/5/30
N2 - Private set intersection (PSI) protocols allow a set of mutually distrustful parties, each holding a private set of items, to compute the intersection over all their sets, such that no other information is revealed. PSI has a wide variety of applications including online advertising (e.g., efficacy computation), security (e.g., botnet detection, intrusion detection), proximity testing (e.g., COVID-19 contact tracing), and more. Private set intersection is a rapidly developing area and there exist many highly efficient protocols. However, almost all of these protocols are for the case of two parties or for semi-honest security. In particular, despite the high interest in this problem, prior to our work there has been no concretely efficient, maliciously secure multiparty PSI protocol. We present PSImple, the first concretely efficient maliciously-secure multiparty PSI protocol. Our construction is based on oblivious transfer and garbled Bloom filters, and has a round-optimal online phase. To demonstrate the practicality of PSImple, we implemented it and ran experiments with up to 32 parties and 2 20 inputs. We show that PSImple is competitive even with the state-of-the-art concretely efficient semi-honest multiparty PSI protocols. Additionally, we revisit the garbled Bloom filter parameters used in the 2-party PSI protocol of Rindal and Rosulek (Eurocrypt 2017). Using a more careful analysis, we show that the size of the garbled Bloom filters and the number of oblivious transfers required for malicious security can be significantly reduced, often by more than 20%. These improved parameters also imply a better security guarantee, and can be used both in the 2-party PSI protocol of Rindal and Rosulek and in i>PSImple.
AB - Private set intersection (PSI) protocols allow a set of mutually distrustful parties, each holding a private set of items, to compute the intersection over all their sets, such that no other information is revealed. PSI has a wide variety of applications including online advertising (e.g., efficacy computation), security (e.g., botnet detection, intrusion detection), proximity testing (e.g., COVID-19 contact tracing), and more. Private set intersection is a rapidly developing area and there exist many highly efficient protocols. However, almost all of these protocols are for the case of two parties or for semi-honest security. In particular, despite the high interest in this problem, prior to our work there has been no concretely efficient, maliciously secure multiparty PSI protocol. We present PSImple, the first concretely efficient maliciously-secure multiparty PSI protocol. Our construction is based on oblivious transfer and garbled Bloom filters, and has a round-optimal online phase. To demonstrate the practicality of PSImple, we implemented it and ran experiments with up to 32 parties and 2 20 inputs. We show that PSImple is competitive even with the state-of-the-art concretely efficient semi-honest multiparty PSI protocols. Additionally, we revisit the garbled Bloom filter parameters used in the 2-party PSI protocol of Rindal and Rosulek (Eurocrypt 2017). Using a more careful analysis, we show that the size of the garbled Bloom filters and the number of oblivious transfers required for malicious security can be significantly reduced, often by more than 20%. These improved parameters also imply a better security guarantee, and can be used both in the 2-party PSI protocol of Rindal and Rosulek and in i>PSImple.
KW - concrete efficiency
KW - garbled bloom filters
KW - malicious security
KW - private set intersection
KW - secure multiparty computation
KW - uc-security
UR - http://www.scopus.com/inward/record.url?scp=85133193940&partnerID=8YFLogxK
U2 - 10.1145/3488932.3523254
DO - 10.1145/3488932.3523254
M3 - Conference contribution
AN - SCOPUS:85133193940
T3 - ASIA CCS 2022 - Proceedings of the 2022 ACM Asia Conference on Computer and Communications Security
SP - 1098
EP - 1112
BT - ASIA CCS 2022 - Proceedings of the 2022 ACM Asia Conference on Computer and Communications Security
PB - Association for Computing Machinery, Inc
Y2 - 30 May 2022 through 3 June 2022
ER -