Cryptology ePrint Archive: Report 2016/108

An Efficient Toolkit for Computing Private Set Operations

Alex Davidson and Carlos Cid

Abstract: Private set operation (PSO) protocols provide a natural way of securely performing operations on data sets, such that crucial details of the input sets are not revealed. Such protocols have an ever-increasing number of practical applications, particularly when implementing privacy-preserving data mining schemes. Protocols for computing private set operations have been prevalent in multi-party computation literature over the past decade, and in the case of private set intersection (PSI), have become practically feasible to run in real applications. In contrast, other set operations such as union have received less attention from the research community, and the few existing designs are often limited in their feasibility. In this work we aim to fill this gap, and present a new technique using Bloom filter data structures and additive homomorphic encryption to develop the first private set union protocol with both linear computation and communication complexities. Moreover, we show how to adapt this protocol to give novel ways of computing PSI and private set intersection/union cardinality with only minor changes to the protocol computation. Our work resembles therefore a toolkit for scalable private set computation with linear complexities, and we provide a thorough experimental analysis that shows that the online phase of our designs is practical up to large set sizes.

Category / Keywords: Private set operations, Bloom filters, additively homomorphic encryption, secure computation, data mining.

Original Publication (in the same form): ACISP 2017

Date: received 9 Feb 2016, last revised 10 May 2017

Contact author: alex davidson 2014 at rhul ac uk

Available format(s): PDF | BibTeX Citation

Note: Change of title, formerly known as "Computing Private Set Operations with Linear Complexities"

Version: 20170510:123638 (All versions of this report)

Short URL: ia.cr/2016/108

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]