Cryptology ePrint Archive: Report 2017/670

Private Set Intersection for Unequal Set Sizes with Mobile Applications

Ágnes Kiss and Jian Liu and Thomas Schneider and N. Asokan and Benny Pinkas

Abstract: Private set intersection (PSI) is a cryptographic technique that is applicable to many privacy-sensitive scenarios. For decades, researchers have been focusing on improving its efficiency in both communication and computation. However, most of the existing solutions are inefficient for an unequal number of inputs, which is common in conventional client-server settings.

In this paper, we analyze and optimize the efficiency of existing PSI protocols to support precomputation so that they can efficiently deal with such input sets. We transform four existing PSI protocols into the precomputation form such that in the setup phase the communication is linear only in the size of the larger input set, while in the online phase the communication is linear in the size of the smaller input set. We implement all four protocols and run experiments between two PCs and between a PC and a smartphone and give a systematic comparison of their performance. Our experiments show that a protocol based on securely evaluating a garbled AES circuit achieves the fastest setup time by several orders of magnitudes, and the fastest online time in the PC setting where AES-NI acceleration is available. In the mobile setting, the fastest online time is achieved by a protocol based on the Diffie-Hellman assumption.

Category / Keywords: cryptographic protocols / Private set intersection, Bloom filter, oblivious pseudorandom function

Original Publication (with minor differences): Proceedings on Privacy Enhancing Technologies 2017 (PoPETs'17)

Date: received 3 Jul 2017, last revised 19 Oct 2017

Contact author: agnes kiss at crisp-da de

Available format(s): PDF | BibTeX Citation

Note: Correction in Table 5.

Version: 20171019:132944 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]