Phasing: Private Set Intersection Using Permutation-based Hashing

نویسندگان

  • Benny Pinkas
  • Thomas Schneider
  • Gil Segev
  • Michael Zohner
چکیده

Private Set Intersection (PSI) allows two parties to compute the intersection of private sets while revealing nothing more than the intersection itself. PSI needs to be applied to large data sets in scenarios such as measurement of ad conversion rates, data sharing, or contact discovery. Existing PSI protocols do not scale up well, and therefore some applications use insecure solutions instead. We describe a new approach for designing PSI protocols based on permutation-based hashing, which enables to reduce the length of items mapped to bins while ensuring that no collisions occur. We denote this approach as Phasing, for Permutation-based Hashing Set Intersection. Phasing can dramatically improve the performance of PSI protocols whose overhead depends on the length of the representations of input items. We apply Phasing to design a new approach for circuit-based PSI protocols. The resulting protocol is up to 5 times faster than the previously best Sort-CompareShuffle circuit of Huang et al. (NDSS 2012). We also apply Phasing to the OT-based PSI protocol of Pinkas et al. (USENIX Security 2014), which is the fastest PSI protocol to date. Together with additional improvements that reduce the computation complexity by a logarithmic factor, the resulting protocol improves run-time by a factor of up to 20 and can also have similar communication overhead as the previously best PSI protocol in that respect. The new protocol is only moderately less efficient than an insecure PSI protocol that is currently used by real-world applications, and is therefore the first secure PSI protocol that is scalable to the demands and the constraints of current real-world settings. ∗Please cite the conference version of this paper published at USENIX Security’15 [PSSZ15].

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

روابط جدید زمان چرخه بهینه برای تقاطع‌های پیش‌زمان‌بندی شده مستقل با تغییر رابطه وبستر براساس روش HCM 2000

When the degree of saturation at intersection approaches one, Webster’s optimum cycle length equation becomes inapplicable, because the cycle length will becomes very big when the degree of saturation approaches one and will be fully unrealistic when the degree of saturation becomes greater than one. This is not a problem for HCM2000 method. But optimum cycle length calculation in this method h...

متن کامل

On the Security of O-PSI a Delegated Private Set Intersection on Outsourced Datasets (Extended Version)

In recent years, determining the common information privately and efficiently between two mutually mistrusting parties have become an important issue in social networks. Many Private set intersection (PSI) protocols have been introduced to address this issue. By applying these protocols, two parties can compute the intersection between their sets without disclosing any information about compone...

متن کامل

Sufficient conditions for sound hashing using a truncated permutation

In this paper we give a generic security proof for hashing modes that make use of an underlying fixed-length permutation. We formulate a set of five simple conditions, which are easy to implement and to verify, for such a hashing mode to be sound. These hashing modes include tree hashing modes and sequential hashing modes. We provide a proof that for any hashing mode satisfying the five conditi...

متن کامل

An Optimal Dynamic Control Method for an Isolated Intersection Using Fuzzy Systems

Traffic flow systems are nonlinear and uncertain, so it is very difficult to find their optimal points. In traditional traffic control systems, the traffic lights of crossings change in a fixed time period that is not optimal. On the other hand, most proposed systems are sufficiently capable of coping with the uncertainties of traffic flow. To solve this problem, there is a need to develop expe...

متن کامل

One Permutation Hashing

Abstract Minwise hashing is a standard procedure in the context of search, for efficiently estimating set similarities in massive binary data such as text. Recently, b-bit minwise hashing has been applied to large-scale learning and sublinear time nearneighbor search. The major drawback of minwise hashing is the expensive preprocessing, as the method requires applying (e.g.,) k = 200 to 500 per...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2015