TY - GEN
T1 - Laconic Private Set Intersection and Applications
AU - Alamati, Navid
AU - Branco, Pedro
AU - Döttling, Nico
AU - Garg, Sanjam
AU - Hajiabadi, Mohammad
AU - Pu, Sihang
N1 - Funding Information:
Acknowledgment. Pedro Branco thanks the support from DP-PMI and FCT (Portugal) through the grant PD/BD/135181/2017. This work is supported by Security and Quantum Information Group of Instituto de Telecomunica¸cões, by the Funda¸cão para a Ciência e a Tecnologia (FCT) through national funds, by FEDER, COMPETE 2020, and by Regional Operational Program of Lisbon, under UIDB/50008/2020.
Funding Information:
Nico Döttling: This work is partially funded by the Helmholtz Association within the project “Trustworthy Federated Data Analytics” (TFDA) (funding number ZT-I-OO1 4).
Funding Information:
Sanjam Garg is supported in part by DARPA under Agreement No. HR00 112020026, AFOSR Award FA9550-19-1-0200, NSF CNS Award 1936826, and research grants by the Sloan Foundation, Visa Inc., and Center for Long-Term Cybersecurity (CLTC, UC Berkeley). Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the United States Government or DARPA. Mohammad Hajiabadi is supported in part by NSF CNS Award 2055564.
Funding Information:
Pedro Branco thanks the support from DP-PMI and FCT (Por-tugal) through the grant PD/BD/135181/2017. This work is supported by Security and Quantum Information Group of Instituto de Telecomunica??es, by the Funda??o para a Ci?ncia e a Tecnologia (FCT) through national funds, by FEDER, COMPETE 2020, and by Regional Operational Program of Lisbon, under UIDB/50008/2020. Nico D?ttling: This work is partially funded by the Helmholtz Association within the project ?Trustworthy Federated Data Analytics? (TFDA) (funding number ZT-I-OO1 4). Sanjam Garg is supported in part by DARPA under Agreement No. HR00 112020026, AFOSR Award FA9550-19-1-0200, NSF CNS Award 1936826, and research grants by the Sloan Foundation, Visa Inc., and Center for Long-Term Cybersecurity (CLTC, UC Berkeley). Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the United States Government or DARPA. Mohammad Hajiabadi is supported in part by NSF CNS Award 2055564.
Publisher Copyright:
© 2021, International Association for Cryptologic Research.
PY - 2021
Y1 - 2021
N2 - Consider a server with a large set S of strings { x1, x2…, xN} that would like to publish a small hash h of its set S such that any client with a string y can send the server a short message allowing it to learn y if y∈ S and nothing otherwise. In this work, we study this problem of two-round private set intersection (PSI) with low (asymptotically optimal) communication cost, or what we call laconic private set intersection (ℓ PSI) and its extensions. This problem is inspired by the recent general frameworks for laconic cryptography [Cho et al. CRYPTO 2017, Quach et al. FOCS’18]. We start by showing the first feasibility result for realizing ℓ PSI based on the CDH assumption, or LWE with polynomial noise-to-modulus ratio. However, these feasibility results use expensive non-black-box cryptographic techniques leading to significant inefficiency. Next, with the goal of avoiding these inefficient techniques, we give a construction of ℓ PSI schemes making only black-box use of cryptographic functions. Our construction is secure against semi-honest receivers, malicious senders and reusable in the sense that the receiver’s message can be reused across any number of executions of the protocol. The scheme is secure under the ϕ -hiding, decisional composite residuosity and subgroup decision assumptions. Finally, we show natural applications of ℓ PSI to realizing a semantically-secure encryption scheme that supports detection of encrypted messages belonging to a set of “illegal” messages (e.g., an illegal video) circulating online. Over the past few years, significant effort has gone into realizing laconic cryptographic protocols. Nonetheless, our work provides the first black-box constructions of such protocols for a natural application setting.
AB - Consider a server with a large set S of strings { x1, x2…, xN} that would like to publish a small hash h of its set S such that any client with a string y can send the server a short message allowing it to learn y if y∈ S and nothing otherwise. In this work, we study this problem of two-round private set intersection (PSI) with low (asymptotically optimal) communication cost, or what we call laconic private set intersection (ℓ PSI) and its extensions. This problem is inspired by the recent general frameworks for laconic cryptography [Cho et al. CRYPTO 2017, Quach et al. FOCS’18]. We start by showing the first feasibility result for realizing ℓ PSI based on the CDH assumption, or LWE with polynomial noise-to-modulus ratio. However, these feasibility results use expensive non-black-box cryptographic techniques leading to significant inefficiency. Next, with the goal of avoiding these inefficient techniques, we give a construction of ℓ PSI schemes making only black-box use of cryptographic functions. Our construction is secure against semi-honest receivers, malicious senders and reusable in the sense that the receiver’s message can be reused across any number of executions of the protocol. The scheme is secure under the ϕ -hiding, decisional composite residuosity and subgroup decision assumptions. Finally, we show natural applications of ℓ PSI to realizing a semantically-secure encryption scheme that supports detection of encrypted messages belonging to a set of “illegal” messages (e.g., an illegal video) circulating online. Over the past few years, significant effort has gone into realizing laconic cryptographic protocols. Nonetheless, our work provides the first black-box constructions of such protocols for a natural application setting.
UR - http://www.scopus.com/inward/record.url?scp=85120041340&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85120041340&partnerID=8YFLogxK
U2 - 10.1007/978-3-030-90456-2_4
DO - 10.1007/978-3-030-90456-2_4
M3 - Conference contribution
AN - SCOPUS:85120041340
SN - 9783030904555
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 94
EP - 125
BT - Theory of Cryptography - 19th International Conference, TCC 2021, Proceedings
A2 - Nissim, Kobbi
A2 - Waters, Brent
A2 - Waters, Brent
PB - Springer Science and Business Media Deutschland GmbH
T2 - 19th International Conference on Theory of Cryptography, TCC 2021
Y2 - 8 November 2021 through 11 November 2021
ER -