Fair private set intersection with a semi-trusted arbiter

Changyu Dong, Liqun Chen, Jan Camenisch, Giovanni Russello

Research output: Chapter in Book/Report/Conference proceedingConference contribution book

16 Citations (Scopus)

Abstract

A private set intersection (PSI) protocol allows two parties to compute the intersection of their input sets privately. Most of the previous PSI protocols only output the result to one party and the other party gets nothing from running the protocols. However, a mutual PSI protocol in which both parties can get the output is highly desirable in many applications. A major obstacle in designing a mutual PSI protocol is how to ensure fairness. In this paper we present the first fair mutual PSI protocol which is efficient and secure. Fairness of the protocol is obtained in an optimistic fashion, i.e. by using an offline third party arbiter. In contrast to many optimistic protocols which require a fully trusted arbiter, in our protocol the arbiter is only required to be semi-trusted, in the sense that we consider it to be a potential threat to both parties' privacy but believe it will follow the protocol. The arbiter can resolve disputes without knowing any private information belongs to the two parties. This feature is appealing for a PSI protocol in which privacy may be of ultimate importance.
LanguageEnglish
Title of host publicationData and Applications Security and Privacy XXVII
Subtitle of host publication27th Annual IFIP WG 11.3 Conference, DBSec 2013, Newark, NJ, USA, July 15-17, 2013. Proceedings
EditorsLingyu Wang, Basit Shafiq
PublisherSpringer
Pages128-144
Number of pages17
Volume7964
DOIs
Publication statusPublished - 2013

Publication series

NameLecture Notes in Computer Science
PublisherSpringer
Volume7964
ISSN (Print)0302-9743

Keywords

  • data encryption
  • communication networks
  • private set intersection

Cite this

Dong, C., Chen, L., Camenisch, J., & Russello, G. (2013). Fair private set intersection with a semi-trusted arbiter. In L. Wang, & B. Shafiq (Eds.), Data and Applications Security and Privacy XXVII: 27th Annual IFIP WG 11.3 Conference, DBSec 2013, Newark, NJ, USA, July 15-17, 2013. Proceedings (Vol. 7964, pp. 128-144). (Lecture Notes in Computer Science; Vol. 7964). Springer. https://doi.org/10.1007/978-3-642-39256-6_9
Dong, Changyu ; Chen, Liqun ; Camenisch, Jan ; Russello, Giovanni. / Fair private set intersection with a semi-trusted arbiter. Data and Applications Security and Privacy XXVII: 27th Annual IFIP WG 11.3 Conference, DBSec 2013, Newark, NJ, USA, July 15-17, 2013. Proceedings. editor / Lingyu Wang ; Basit Shafiq. Vol. 7964 Springer, 2013. pp. 128-144 (Lecture Notes in Computer Science).
@inproceedings{9427dcf5bd2c4da2a9d59faeca206e30,
title = "Fair private set intersection with a semi-trusted arbiter",
abstract = "A private set intersection (PSI) protocol allows two parties to compute the intersection of their input sets privately. Most of the previous PSI protocols only output the result to one party and the other party gets nothing from running the protocols. However, a mutual PSI protocol in which both parties can get the output is highly desirable in many applications. A major obstacle in designing a mutual PSI protocol is how to ensure fairness. In this paper we present the first fair mutual PSI protocol which is efficient and secure. Fairness of the protocol is obtained in an optimistic fashion, i.e. by using an offline third party arbiter. In contrast to many optimistic protocols which require a fully trusted arbiter, in our protocol the arbiter is only required to be semi-trusted, in the sense that we consider it to be a potential threat to both parties' privacy but believe it will follow the protocol. The arbiter can resolve disputes without knowing any private information belongs to the two parties. This feature is appealing for a PSI protocol in which privacy may be of ultimate importance.",
keywords = "data encryption, communication networks, private set intersection",
author = "Changyu Dong and Liqun Chen and Jan Camenisch and Giovanni Russello",
note = "This is a pre-print of an article accepted to 27th Annual IFIP WG 11.3 Conference. The final publication is available at Springer via http://dx.doi.org/10.1007/978-3-642-39256-6_9",
year = "2013",
doi = "10.1007/978-3-642-39256-6_9",
language = "English",
volume = "7964",
series = "Lecture Notes in Computer Science",
publisher = "Springer",
pages = "128--144",
editor = "Lingyu Wang and Basit Shafiq",
booktitle = "Data and Applications Security and Privacy XXVII",

}

Dong, C, Chen, L, Camenisch, J & Russello, G 2013, Fair private set intersection with a semi-trusted arbiter. in L Wang & B Shafiq (eds), Data and Applications Security and Privacy XXVII: 27th Annual IFIP WG 11.3 Conference, DBSec 2013, Newark, NJ, USA, July 15-17, 2013. Proceedings. vol. 7964, Lecture Notes in Computer Science, vol. 7964, Springer, pp. 128-144. https://doi.org/10.1007/978-3-642-39256-6_9

Fair private set intersection with a semi-trusted arbiter. / Dong, Changyu; Chen, Liqun; Camenisch, Jan; Russello, Giovanni.

Data and Applications Security and Privacy XXVII: 27th Annual IFIP WG 11.3 Conference, DBSec 2013, Newark, NJ, USA, July 15-17, 2013. Proceedings. ed. / Lingyu Wang; Basit Shafiq. Vol. 7964 Springer, 2013. p. 128-144 (Lecture Notes in Computer Science; Vol. 7964).

Research output: Chapter in Book/Report/Conference proceedingConference contribution book

TY - GEN

T1 - Fair private set intersection with a semi-trusted arbiter

AU - Dong, Changyu

AU - Chen, Liqun

AU - Camenisch, Jan

AU - Russello, Giovanni

N1 - This is a pre-print of an article accepted to 27th Annual IFIP WG 11.3 Conference. The final publication is available at Springer via http://dx.doi.org/10.1007/978-3-642-39256-6_9

PY - 2013

Y1 - 2013

N2 - A private set intersection (PSI) protocol allows two parties to compute the intersection of their input sets privately. Most of the previous PSI protocols only output the result to one party and the other party gets nothing from running the protocols. However, a mutual PSI protocol in which both parties can get the output is highly desirable in many applications. A major obstacle in designing a mutual PSI protocol is how to ensure fairness. In this paper we present the first fair mutual PSI protocol which is efficient and secure. Fairness of the protocol is obtained in an optimistic fashion, i.e. by using an offline third party arbiter. In contrast to many optimistic protocols which require a fully trusted arbiter, in our protocol the arbiter is only required to be semi-trusted, in the sense that we consider it to be a potential threat to both parties' privacy but believe it will follow the protocol. The arbiter can resolve disputes without knowing any private information belongs to the two parties. This feature is appealing for a PSI protocol in which privacy may be of ultimate importance.

AB - A private set intersection (PSI) protocol allows two parties to compute the intersection of their input sets privately. Most of the previous PSI protocols only output the result to one party and the other party gets nothing from running the protocols. However, a mutual PSI protocol in which both parties can get the output is highly desirable in many applications. A major obstacle in designing a mutual PSI protocol is how to ensure fairness. In this paper we present the first fair mutual PSI protocol which is efficient and secure. Fairness of the protocol is obtained in an optimistic fashion, i.e. by using an offline third party arbiter. In contrast to many optimistic protocols which require a fully trusted arbiter, in our protocol the arbiter is only required to be semi-trusted, in the sense that we consider it to be a potential threat to both parties' privacy but believe it will follow the protocol. The arbiter can resolve disputes without knowing any private information belongs to the two parties. This feature is appealing for a PSI protocol in which privacy may be of ultimate importance.

KW - data encryption

KW - communication networks

KW - private set intersection

UR - http://www.scopus.com/inward/record.url?scp=84881161658&partnerID=8YFLogxK

UR - http://eprint.iacr.org/2012/252

U2 - 10.1007/978-3-642-39256-6_9

DO - 10.1007/978-3-642-39256-6_9

M3 - Conference contribution book

VL - 7964

T3 - Lecture Notes in Computer Science

SP - 128

EP - 144

BT - Data and Applications Security and Privacy XXVII

A2 - Wang, Lingyu

A2 - Shafiq, Basit

PB - Springer

ER -

Dong C, Chen L, Camenisch J, Russello G. Fair private set intersection with a semi-trusted arbiter. In Wang L, Shafiq B, editors, Data and Applications Security and Privacy XXVII: 27th Annual IFIP WG 11.3 Conference, DBSec 2013, Newark, NJ, USA, July 15-17, 2013. Proceedings. Vol. 7964. Springer. 2013. p. 128-144. (Lecture Notes in Computer Science). https://doi.org/10.1007/978-3-642-39256-6_9