Private set intersection
| General | |
|---|---|
| Related to | homomorphic encryption |
Private set intersection is a secure multiparty computation cryptographic technique[1] that allows two parties holding sets to compare encrypted versions of these sets in order to compute the intersection. In this scenario, neither party reveals anything to the counterparty except for the elements in the intersection.
Other variants of this exist, such as the server-client scenario, in which only the client learns the intersection of her set with the set of the server, without the server learning intersection of his set with the clients. [2]
For the comparison of data sets by cryptographic hashes on a small and predictable domain, precautions should be taken to prevent dictionary attacks. [3]
Apple uses this technique in Password Monitoring.[4] It has proposed using the technology for its announced Expanded Protections for Children [5]
In general, PSI protocols can be categorized into two broad categories: (1) traditional PSI and (2) delegated PSI. In the traditional PSI category, the data owners interact directly with each other and need to have a copy of their set at the time of the computation, e.g., [6]. In the delegated PSI the computation of PSI and/or the storage of sets can be delegated to a third-party server (that is itself might be a passive or active adversary). The delegated PSI category can be further divided into two classes: (a) those that support one-off delegation, and (b) those that support repeated delegation. The PSI protocols that support one-off delegation require the data owner to re-encode its data and send the encoded data to the server for each computation, e.g., [7]. Those that support repeated delegation allow the data owners to upload their (encrypted) data to the server only once, and then re-use it many times for each computation carried out but the server, e.g., [8]
Recently, researchers have proposed a variant of PSI protocol (in both traditional and delegated categories) that support data update, e.g., [9], [10]. This type of PSI protocol lets data owners insert/delete set elements into/from their data with low overheads and in a privacy-preserving manner.
References
- ^ Chen, Hao; Laine, Kim; Rindal, Peter (2018-05-16). Fast Private Set Intersection from Homomorphic Encryption. ISBN 9781450349468.
- ^ Pinkas, Benny. Private Set Intersection (PDF).
- ^ Ihle, Cornelius; Schubotz, Moritz; Meuschke, Norman; Gipp, Bela (2020-08-02). "A First Step Towards Content Protecting Plagiarism Detection". Proceedings of the ACM/IEEE Joint Conference on Digital Libraries in 2020. Virtual Event China: ACM: 341–344. arXiv:2005.11504. doi:10.1145/3383583.3398620. ISBN 978-1-4503-7585-6.
- ^ "Password Monitoring". Retrieved 8 August 2021.
- ^ "Child Safety". Retrieved 8 August 2021.
- ^ Freedman, Michael J; Nissim, Kobbi; Pinkas, Benny (2004). Efficient private matching and set intersection (PDF). pp. 1--19.
{{cite book}}:|journal=ignored (help) - ^ Kamara, Seny; Mohassel, Payman; Raykova, Mariana; Sadeghian, Saeed (2014). Scaling private set intersection to billion-element sets (PDF). pp. 195--215.
{{cite book}}:|journal=ignored (help) - ^ Abadi, Aydin; Terzis, Sotirios; Dong, Changyu (2016). VD-PSI: verifiable delegated private set intersection on outsourced private datasets (PDF). pp. 149--168.
{{cite book}}:|journal=ignored (help) - ^ Abadi, Aydin; Dong, Changyu; Murdoch, Steven J; Terzis, Sotirios (2022). Multi-party Updatable Delegated Private Set Intersection (PDF).
{{cite book}}:|journal=ignored (help) - ^ Badrinarayanan, Saikrishna; Miao, Peihan; Xie, Tiancheng (2022). Updatable Private Set Intersection (PDF).
{{cite book}}:|journal=ignored (help)
 | This cryptography-related article is a stub. You can help Wikipedia by expanding it. |