Ágnes Kiss,Jian Liu,Thomas Schneider,N. Asokan,Benny Pinkas

DOI: https://doi.org/10.1515/popets-2017-0044

2017-01-01

Proceedings on Privacy Enhancing Technologies

Abstract:Abstract Private set intersection (PSI) is a cryptographic technique that is applicable to many privacy-sensitive scenarios. For decades, researchers have been focusing on improving its efficiency in both communication and computation. However, most of the existing solutions are inefficient for an unequal number of inputs, which is common in conventional client-server settings. In this paper, we analyze and optimize the efficiency of existing PSI protocols to support precomputation so that they can efficiently deal with such input sets. We transform four existing PSI protocols into the precomputation form such that in the setup phase the communication is linear only in the size of the larger input set, while in the online phase the communication is linear in the size of the smaller input set. We implement all four protocols and run experiments between two PCs and between a PC and a smartphone and give a systematic comparison of their performance. Our experiments show that a protocol based on securely evaluating a garbled AES circuit achieves the fastest setup time by several orders of magnitudes, and the fastest online time in the PC setting where AES-NI acceleration is available. In the mobile setting, the fastest online time is achieved by a protocol based on the Diffie-Hellman assumption.

Jinfei Liu,Juncheng Yang,Li Xiong,Jian Pei

DOI: https://doi.org/10.1109/icde.2017.117

2017-01-01

Abstract:Outsourcing data and computation to cloud server provides a cost-e ective way to support large scale data storage and query processing. However, due to security and privacy concerns, sensitive data (e.g., medical records) need to be protected from the cloud server and other unauthorized users. One approach is to outsource encrypted data to the cloud server and have the cloud server perform query processing on the encrypted data only. It remains a challenging task to support various queries over encrypted data in a secure and e cient way such that the cloud server does not gain any knowledge about the data, query, and query result. In this paper, we study the problem of secure skyline queries over encrypted data. The skyline query is particularly important for multicriteria decision making but also presents significant challenges due to its complex computations. We propose a fully secure skyline query protocol on data encrypted using semanticallysecure encryption. As a key subroutine, we present a new secure dominance protocol, which can be also used as a building block for other queries. Finally, we provide both serial and parallelized implementations and empirically study the protocols in terms of e ciency and scalability under di erent parameter settings, verifying the feasibility of our proposed solutions.

Yu-Chi Chen,Kuan-Chun Huang

DOI: https://doi.org/10.1109/tifs.2023.3295941

IF: 7.231

2023-08-05

IEEE Transactions on Information Forensics and Security

Abstract:In the era of big data with an ever-increasing amount of data, the demand for data processing is increasing, and various computing service agreements have also been created. While data are widely used, data providers worry that their privacy will be infringed, so the security of the data has also received more attention. Private set intersection (PSI) allows two data-owning parties to jointly compute the intersection of private datasets. The party cannot obtain any other information except for the intersection results. However, Bloom filter (BF) is a naive solution that can be used to potentially obtain PSI, but the verifiability of using BF is usually a concern for effectiveness. Hence, garbled Bloom filter is indeed expected to overcome this concern in two-party setting. We aim for the outsourced scenario where there are many data-owning parties in distributed setting. These parties would like to jointly obtain the set intersection in a private manner supported by an outsourced cloud, and further to obtain data integration. The main challenges are that the previous solutions cannot be directly transformed into an outsourced scenario. In this paper, the proposed joint and effective privacy preserving outsourced set intersection and data integration protocols are called . They are generic constructions. We start by introducing a basic outsourced PSI protocol from the cryptographic building blocks and new BF and GBF techniques. Then, we modify the basic protocol and propose the full-fledged scheme to achieve an outsourced multi-party PSI protocol. Finally, we analyze the security and execution efficiency aspects to ensure usability.

computer science, theory & methods,engineering, electrical & electronic

Jintong Sun,Fucai Zhou,Qiang Wang,Zi Jiao,Yun Zhang

DOI: https://doi.org/10.1016/j.jisa.2023.103438

IF: 4.96

2023-02-09

Journal of Information Security and Applications

Abstract:Private Set Intersection (PSI) is a fundamental cryptographic protocol with a wide range of application scenarios. It is the method that allows multiple parties who hold private data sets to calculate the intersection of their data without revealing any information other than the intersection to others. Cloud computing reduces computation and data management overhead by outsourcing such computations. However, since the cloud is not trustworthy, cryptographic methods need to be applied to maintain the confidentiality of outsourced datasets, and verifiable computing algorithms need to be used to detect the correctness of outsourced computations. But encryption reduces the availability, which creates challenges for PSI calculations. For the first time, this paper presents a revocable and verifiable private set intersection (RV-PSI) scheme, which provides an efficient verification function and a flexible authorization-revocation mechanism. RV-PSI enables data owners to exercise fine-grained access control over outsourced datasets in PSI computations. Security definitions of RV-PSI and corresponding proofs are provided in this paper. And we implement our scheme and report by performance evaluation results.

computer science, information systems

Chengzhe Lai,Hanyue Zhang,Rongxing Lu,Dong Zheng

DOI: https://doi.org/10.1109/jiot.2024.3350029

IF: 10.6

2024-01-01

IEEE Internet of Things Journal

Abstract:The conflict between data privacy and sharing among healthcare institutions creates data silos, causing wasteful duplication, incomplete information, and potential hindrances to scientific research. In this paper, we present a privacy-preserving medical data sharing scheme based on cloud-assisted private set intersection (PSI) and aggregate signature technique. Firstly, we propose a novel authenticated cloud-assisted private set intersection, named AC-PSI, which can achieve client authentication and randomized processing of private data by using Diffie-Hellman-based Oblivious Pseudorandom Function (DH-OPRF) and Vector Oblivious Linear-Function Evaluation-based Oblivious Pseudorandom Function (VOLE-OPRF), respectively. Secondly, based on the AC-PSI and locally verifiable signature (LVS), we design a privacy-preserving and secure medical data sharing scheme, which can provide enhanced security features by enabling access control of computing resources and resist pre-computation attacks from external sources. Our approach has been proven through a rigorous analysis of security. Finally, through comparative analysis with the existing schemes, it is demonstrated that the proposed AC-PSI and medical data sharing scheme has low communication and computation overhead while achieving a higher level of privacy preservation and security.

computer science, information systems,telecommunications,engineering, electrical & electronic

Benny Pinkas,Thomas Schneider,Michael Zohner

DOI: https://doi.org/10.1145/3154794

IF: 2.717

2018-02-24

ACM Transactions on Privacy and Security

Abstract:Private set intersection (PSI) allows two parties to compute the intersection of their sets without revealing any information about items that are not in the intersection. It is one of the best studied applications of secure computation and many PSI protocols have been proposed. However, the variety of existing PSI protocols makes it difficult to identify the solution that performs best in a respective scenario, especially since they were not compared in the same setting. In addition, existing PSI protocols are several orders of magnitude slower than an insecure naïve hashing solution, which is used in practice. In this article, we review the progress made on PSI protocols and give an overview of existing protocols in various security models. We then focus on PSI protocols that are secure against semi-honest adversaries and take advantage of the most recent efficiency improvements in Oblivious Transfer (OT) extension, propose significant optimizations to previous PSI protocols, and suggest a new PSI protocol whose runtime is superior to that of existing protocols. We compare the performance of the protocols, both theoretically and experimentally, by implementing all protocols on the same platform, give recommendations on which protocol to use in a particular setting, and evaluate the progress on PSI protocols by comparing them to the currently employed insecure naïve hashing protocol. We demonstrate the feasibility of our new PSI protocol by processing two sets with a billion elements each.

computer science, information systems

Lifei Wei,Jihai Liu,Lei Zhang,Qin Wang,Wuji Zhang,Xiansong Qian

DOI: https://doi.org/10.1016/j.csi.2023.103764

IF: 3.721

2024-01-01

Computer Standards & Interfaces

Abstract:Private set intersection (PSI) has attracted the researchers and the developers both from academia and industry in cooperating the private data to achieve privacy preserving. Traditional PSI protocols allow the two participants with each private sets interactively calculating the intersection without revealing any additional information. Multi-party private set intersection (MP-PSI) is quite different from the conventional two-party PSI, which could not directly obtain from the two-party PSI, and become an emerging topic in collaborative data analytics from different private data owners. However, the most of the existing MP-PSI protocols always consider the small number of the participants with large set size and the performance drops with the increasing number of participants. In addition, the participants with small set size also bring the heavy communication and computation overhead. To overcome the above drawbacks, we propose two efficient MP-PSI protocols for large number of participants and small set size, and formally prove secure against collision attack in the semi-honest model and malicious model. The experiments show that when the participant number increases from 5 to 50 and the set size scales from 2 7 to 2 10 , our protocols are faster than the most efficient MP-PSI protocol. Thus, our MP-PSI protocols are considering to be practical solutions, which fit the scenarios in small set size with increasing participants.

computer science, software engineering, hardware & architecture

Li Xiuguang,Pan Feng,Liu Shuguang

DOI: https://doi.org/10.1109/incos.2015.77

2015-01-01

Abstract:With the advent of the era of big data, the data scale being processed is more and more large, which brings new challenge to the design of privacy-preserving protocols. For the Private Set Intersection (PSI) problem, when the sizes of sets is large, keeping its efficiency and scalability is becoming very difficult. In addition, elements in these sets are likely to be twodimensional data, which usually contains an attribute and its corresponding weight. That increases the difficulty to solve the problem. Some creative protocols were proposed to settle the PSI problem recently. However, these protocols can only protect the privacy of the one-dimension elements of users' private sets. And when the elements are two-dimensional, they are not work. In this paper, we propose an efficient and scalable protocol for sets which have two-dimensional elements. Thorough security analysis indicate that our scheme is effective and efficient.

Ruochen Wang,Jun Zhou,Zhenfu Cao,Xiaolei Dong,Kim-Kwang Raymond Choo

DOI: https://doi.org/10.1109/tifs.2024.3461475

IF: 7.231

2024-09-27

IEEE Transactions on Information Forensics and Security

Abstract:Private set intersection (PSI) facilitates the computation of intersection between the private sets of two parties, ensuring that no additional information beyond the intersection itself is revealed. However, most state-of-the-art are limited to static PSI, leaving updatable PSI untouched. Existing PSI protocols will cost huge computational resources to compute intersection on updated sets. More seriously, none of the existing updatable PSI approaches can achieve both secure addition and deletion operations in once update. To address these challenges, we propose Forward Private Updatable PSI (FUPSI) for two-party setting. FUPSI is designed to support addition and deletion simultaneously, while ensuring forward privacy against semi-honest adversaries. In this work, we analyze the infeasibility of secure synchronous addition and deletion in the existing updatable PSI approaches, by presenting a practical attack which would lead to privacy leakages while deletion function is performed. Then, to resist this attack against semi-honest adversaries, we demonstrate how FUPSI can protect the forward privacy of user sets, by utilizing a variant of keyword Private Information Retrieval (PIR) to hide sensitive intermediate parameters. Specifically in FUPSI, two parties execute keyword PIR to retrieve a flag indicating that the current element is added or deleted so as to determine whether it is in the participants' datasets. Finally, we provide the formal security proof for our proposed FUPSI, and extensive experimental results demonstrate efficiency and the practicality of our proposal. For instance, the communication complexity of our proposal is only logarithmically related to the size of update sets and the computational overhead is mainly composed of logarithmical times PIR calculations. Owing to the variant of keyword PIR, our work also incurs minimal communication overhead even for enormous datasets, which performs well in updatable settings and slow networks.

computer science, theory & methods,engineering, electrical & electronic

Lifeng Zhou,Chunguang Li

DOI: https://doi.org/10.1109/access.2016.2535103

IF: 3.9

2016-01-01

IEEE Access

Abstract:Cloud computing enables customers with limited computational resources to outsource their huge computation workloads to the cloud with massive computational power. However, in order to utilize this computing paradigm, it presents various challenges that need to be addressed, especially security. As eigen-decomposition (ED) and singular value decomposition (SVD) of a matrix are widely applied in engineering tasks, we are motivated to design secure, correct, and efficient protocols for outsourcing the ED and SVD of a matrix to a malicious cloud in this paper. In order to achieve security, we employ efficient privacy-preserving transformations to protect both the input and output privacy. In order to check the correctness of the result returned from the cloud, an efficient verification algorithm is employed. A computational complexity analysis shows that our protocols are highly efficient. We also introduce an outsourcing principle component analysis as an application of our two proposed protocols.

Ziyu Niu,Hao Wang,Zhi Li,Xiangfu Song

DOI: https://doi.org/10.1002/int.22420

IF: 8.993

2021-03-28

International Journal of Intelligent Systems

Abstract:<p>With the rapid development of Internet and the widespread application of distributed computing, people enjoy various conveniences while at the same time their privacy has also been threatened. Secure multiparty computation (MPC) can solve the problem of how data owners who do not trust each other jointly compute in distributed scenarios. Using MPC technique, people can not only realize data joint computing, but also ensure data privacy. In most data application scenarios, private data held by different parties can often be represented by sets. To complete the relevant statistical computations of the intersection of two private sets, we propose a suite of protocols based on MPC. These protocols can compute the statistical functions of the associated data of the intersection, including cardinality, sum, average, variance, range, and so forth, without revealing any additional information other than the result. To achieve these functions, we design a private membership test protocol with the result as the arithmetic sharing value, called the arithmetic shared private membership test (ASPMT) protocol. On the basis of the ASPMT protocol, the size and other statistics of the intersection can be computed securely and efficiently. All fundamental computations are constructed based on secret sharing and oblivious transfer techniques. Thanks to the use of precomputation technique, all protocols are highly efficient.</p>

computer science, artificial intelligence

Ziyuan Liang,Weiran Liu,Fan Zhang,Bingsheng Zhang,Jian Liu,Lei Zhang,Kui Ren

2020-01-01

Abstract:Private Set Intersection (PSI) is a specified protocol of secure Multi-Party Computation (MPC). PSI allows two parties to obtain the intersection of their private sets while nothing else is revealed. In contrast to the great demand for PSI in real-world applications, there is still no evaluation results of different general practical PSI framework. Most existing PSI implmentations are based on C/C++, which also makes them hard to compute in parallel. In this paper, we propose a generic Java-based PSI framework and implement all up-to-date OT-based PSI protocols within the framework until now. We evaluate these OT-based PSI protocols and the dependent cryptographic primitives and provide the best combination of primitives for constructing a best-performed OT-based PSI from the ground up. Additional optimizations are also applied to the protocols in our framework, including both generic and custom-tailored ones. We adopt filters to significantly reduce the communication of OT-based PSI protocols. The implementations in our framework support concurrence by using the natural feature of Java, which avoids to manurally allocate threads when using C/C++. We believe that our framework benefits a lot for future MPC and PSI researches and helps the promotion of PSI-based applications.

Jiabo Wang,Elmo Xuyun Huang,Pu Duan,Huaxiong Wang,Kwok-Yan Lam

2024-10-07

Abstract:Enforcement of privacy regulation is essential for collaborative data analytics. In this work, we address a scenario in which two companies expect to securely join their datasets with respect to their common customers to maximize data insights. Apart from the necessary protection of raw data, it becomes more challenging to protect the identities and attributes of common customers, as it requires participants to align their records associated with common customers without knowing who they are. We proposed a solution, dubbed PSA, for this scenario, which is effectively applicable to real-world use cases, such as evaluating advertising conversion using data from both publishers and merchants. The contributions of this work are threefold: 1. We defined the notion of PSA with two levels of privacy protection and proposed novel PSA protocols based on the modified oblivious switching network, which leverages efficient symmetric key operations and offline precomputation to save online run time. 2. We implemented and benchmarked the proposed protocols in different network conditions by joining two datasets, each at the scale of one million records, in 35.5 sec on a single thread with a network bandwidth of 500 Mbps, resulting in an X100 improvement over the existing Homomorphic based protocols. 3. We give new proof for an algorithm of quasi-linear complexity that constructs an oblivious switching network to achieve a target permutation distinct from the existing one in the literature.

Cryptography and Security

Yafeng Chen,Axin Wu,Yuer Yang,Xiangjun Xin,Chang Song

DOI: https://doi.org/10.1109/tcc.2024.3360098

IF: 5.697

2024-03-08

IEEE Transactions on Cloud Computing

Abstract:Private set intersection cardinality (PSI-CA) allows two parties to learn the size of the intersection between two private sets without revealing other additional information, which is a promising technique to solve privacy concerns in contact tracing. Efficient PSI protocols typically use oblivious transfer, involving multiple rounds of interaction and leading to heavy local computation overheads and protocol delays, especially when interacting with many receivers. Cloud-assisted PSI-CA is a better solution as it relieves participants' burdens of computation and communication. However, cloud servers may return incorrect or incomplete results for some reason, leading to an incorrectness issue. At present, to our knowledge, existing cloud-assisted PSI-CA protocols cannot address such a concern. To address this, we propose two specific verifiable cloud-assisted PSI-CA protocols: one based on a two-server protocol and the other on a single-server protocol. Further, we employ Cuckoo hashing to optimize these two protocols, enabling the receiver's computational costs independent of the size of the sender's set. We also prove the security of the protocols and implement them. Finally, we analyze and discuss their performance demonstrating that the single-server verifiable PSI-CA protocol does not introduce significant computation or communication costs while adding functionalities.

computer science, information systems, theory & methods

Rasoul Akhavan Mahdavi,Nils Lukas,Faezeh Ebrahimianghazani,Thomas Humphries,Bailey Kacsmar,John Premkumar,Xinda Li,Simon Oya,Ehsan Amjadian,Florian Kerschbaum

2024-08-19

Abstract:Two parties with private data sets can find shared elements using a Private Set Intersection (PSI) protocol without revealing any information beyond the intersection. Circuit PSI protocols privately compute an arbitrary function of the intersection - such as its cardinality, and are often employed in an unbalanced setting where one party has more data than the other. Existing protocols are either computationally inefficient or require extensive server-client communication on the order of the larger set. We introduce Practically Efficient PSI or PEPSI, a non-interactive solution where only the client sends its encrypted data. PEPSI can process an intersection of 1024 client items with a million server items in under a second, using less than 5 MB of communication. Our work is over 4 orders of magnitude faster than an existing non-interactive circuit PSI protocol and requires only 10% of the communication. It is also up to 20 times faster than the work of Ion et al., which computes a limited set of functions and has communication costs proportional to the larger set. Our work is the first to demonstrate that non-interactive circuit PSI can be practically applied in an unbalanced setting.

Cryptography and Security

Lin Liu,Jinshu Su,Ximeng Liu,Rongmao Chen,Xinyi Huang,Guang Kou,Shaojing Fu

DOI: https://doi.org/10.1109/tcc.2023.3269510

IF: 5.697

2023-01-01

IEEE Transactions on Cloud Computing

Abstract:Efficiently mining frequent itemsets and association rules on the encrypted outsourced data remains a great challenge for the time-consuming ciphertext computations. Nowadays, it has been not well addressed for privacy-preserving frequent itemsets and association rule mining schemes with mining efficiency, dataset, and query confidentiality simultaneously. In this paper, we investigate the study of privacy issues on frequent itemset mining and association rule mining on outsourced data in a two-cloud model, where the data are encrypted and outsourced by multiple owners holding different public keys. We develop several secure computation protocols based on additively homomorphic cryptosystem and additive secret sharing, which enable the clouds could securely mine the frequent itemsets and association rules. Furthermore, we also design two kinds of frequent itemset and association rule query service models, i.e., service customers query the cloud-mined results, and service customers query with their own decided threshold. The proposed scheme not only supports the mining process on the data encrypted by multiple public keys without compromising the security of the datasets, query data and query results, but also offline users. In addition, the experimental results show that our query scheme is much more efficient than the state-of-the-art work.

computer science, information systems, theory & methods

Lu Li,Xufeng Jiang,Fei Zhu,An Liu

DOI: https://doi.org/10.1007/978-981-15-3281-8_9

2020-01-01

Abstract:In the cloud computing paradigm, data owners could outsource their databases to the service provider, and thus reap huge benefits from releasing the heavy storage and management tasks to the cloud server. However, sensitive data, such as medical or financial records, should be encrypted before uploading to the cloud server. Unfortunately, this will introduce new challenges to data utilization. In this paper, we study the problem of skyline queries in a way that data privacy for both data owner and the client is preserved. We propose a hybrid protocol via additively homomorphic encryption system and Yao’s garbled circuits. By taking advantages of Yao’s protocol, we design a highly improved protocol which can be used to determine the skyline point and exclude the points dominated by others in an oblivious way. Based on this subroutine, we construct a fully secure protocol for skyline queries. We theoretically prove that the protocols are secure in the semi-honest model. Through analysis and extensive experiments, we demonstrate the efficiency and scalability of our proposed solutions.

Kai Fan,Tingting Liu,Kuan Zhang,Hui Li,Yintang Yang

DOI: https://doi.org/10.1016/j.jpdc.2019.09.008

IF: 4.542

2020-01-01

Journal of Parallel and Distributed Computing

Abstract:<p>With the development of computer technology, it makes malicious users more easily get data stored in cloud. However, these data are always related to users' privacy, and it is harmful when the data are acquired by attackers. Ciphertext-policy attribute-based encryption (CP-ABE) is suitable to achieve privacy and security in cloud. In this paper, we put forward a secure and efficient outsourced computation algorithm on data sharing scheme for privacy computing. Existing schemes only outsource decryption computation to the cloud, users still have heavy burden in encryption. In order to reduce the computing burden of users, most encryption and decryption computations are outsourced to the cloud service provider in our construction. At the same time, to apply in practice, we propose efficient user and attribute revocation. Finally, the security analysis and simulation results show that our scheme is secure and efficient compared with existing schemes.</p>

computer science, theory & methods

Jiuheng Su,Zhili Chen,Xiaomin Yang

2024-01-23

Abstract:We present a new circuit-based protocol for multi-party private set intersection (PSI) that allows m parties to compute the intersection of their datasets without revealing any additional information about the items outside the intersection. Building upon the two-party Sort-Compare-Shuffle (SCS) protocol, we seamlessly extend it to a multi-party setting. Demonstrating its practicality through implementation, our protocol exhibits acceptable performance. Specifically, with 7 parties, each possessing a set size of 2^{12}, our protocol completes in just 19 seconds. Moreover, circuit-based protocols like ours have an advantage over using custom protocols to perform more complex computation. We substantiate this advantage by incorporating a module for calculating the Jaccard similarity metric of the private sets which can be used in the application domain of network traffic analysis for anomaly detection. This extension showcases the versatility of our protocol beyond set intersection computations, demonstrating its efficacy in preserving privacy while efficiently identifying abnormal patterns in network flow.

Cryptography and Security

Li Yang,Cheng Li,Yuting Cheng,Shui Yu,Jianfeng Ma

DOI: https://doi.org/10.1016/j.ins.2021.09.034

IF: 8.1

2022-01-01

Information Sciences

Abstract:Increasingly more user data are transferred to the cloud for storage and analysis. Due to the dishonesty of the cloud, user data are at risk of leakage. CP-ABE is considered one of the most promising technologies for protecting outsourced data. However, in most existing schemes, the attacker may learn user privacy information from the policy plaintext. Furthermore, schemes supporting policy hiding either only achieve partial policy hiding or cannot hide policies in large universes. In this paper, we use hide both the values and names of attributes in policies by using private set intersections (PSIs). CP-ABE supports a complete hiding strategy. At the same time, it can calculate the authorization relationship and mapping between the user's password and key. We use polynomial-based PSI and a recursive algorithm to calculate the former. With the help of this algorithm and tag vectors, the mapping is determined in the case of communication restrictions. By outsourcing exponents, we achieve an efficient hiding policy and effectively reduces users' computing overhead. We also prove its security. Finally, the performance evaluation and simulation results reveal that our model achieves better performance compared with other schemes while preserving sensitive attributes.

computer science, information systems