Cryptology ePrint Archive: Report 2018/120

Efficient Circuit-based PSI via Cuckoo Hashing

Benny Pinkas and Thomas Schneider and Christian Weinert and Udi Wieder

Abstract: While there has been a lot of progress in designing efficient custom protocols for computing Private Set Intersection (PSI), there has been less research on using generic Multi-Party Computation (MPC) protocols for this task. However, there are many variants of the set intersection functionality that are not addressed by the existing custom PSI solutions and are easy to compute with generic MPC protocols (e.g., comparing the cardinality of the intersection with a threshold or measuring ad conversion rates).

Generic PSI protocols work over circuits that compute the intersection. For sets of size $n$, the best known circuit constructions conduct $O(n \log n)$ or $O(n \log n / \log\log n)$ comparisons (Huang et al., NDSS'12 and Pinkas et al., USENIX Security'15). In this work, we propose new circuit-based protocols for computing variants of the intersection with an almost linear number of comparisons. Our constructions are based on new variants of Cuckoo hashing in two dimensions.

We present an asymptotically efficient protocol as well as a protocol with better concrete efficiency. For the latter protocol, we determine the required sizes of tables and circuits experimentally, and show that the run-time is concretely better than that of existing constructions.

The protocol can be extended to a larger number of parties. The proof technique for analyzing Cuckoo hashing in two dimensions is new and can be generalized to analyzing standard Cuckoo hashing as well as other new variants of it.

Category / Keywords: cryptographic protocols / Private Set Intersection, Secure Computation

Original Publication (with major differences): IACR-EUROCRYPT-2018

Date: received 31 Jan 2018, last revised 24 Jan 2019

Contact author: weinert at encrypto cs tu-darmstadt de

Available format(s): PDF | BibTeX Citation

Note: Fix description of private intersection-sum protocol (Ion et al., Cryptology ePrint Report 2017/738).

Version: 20190124:191518 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]