Cryptology ePrint Archive: Report 2021/122

PSImple: Practical Multiparty Maliciously-Secure Private Set Intersection

Aner Ben Efraim and Olga Nissenbaum and Eran Omri and Anat Paskin-Cherniavsky

Abstract: Private set intersection (PSI) protocols allow a set of mutually distrustful parties, each holding a private set of items, to compute the intersection over all their sets, such that no other information is revealed. PSI has a wide variety of applications including online advertising (e.g., efficacy computation), security (e.g., botnet detection, intrusion detection), proximity testing (e.g., COVID-19 contact tracing), and more. Private set intersection is a rapidly developing area and there exist many highly efficient protocols. However, almost all of these protocols are for the case of two parties or for semi-honest security. In particular, despite the high interest in this problem, prior to our work there has been no concretely efficient, maliciously secure multiparty PSI protocol.

We present PSImple, the first concretely efficient maliciously-secure multiparty PSI protocol. Our construction is based on oblivious transfer and garbled Bloom filters. To demonstrate the practicality of the PSImple protocol, we implemented the protocol and ran experiments with up to $32$ parties and $2^{20}$ inputs. We show that PSImple is competitive even with the state-of-the-art concretely efficient semi-honest multiparty PSI protocols.

Additionally, we revisit the garbled Bloom filter parameters used in the 2-party PSI protocol of Rindal and Rosulek (Eurocrypt 2017). Using a more careful analysis, we show that the size of the garbled Bloom filters and the number of oblivious transfers required for malicious security can be significantly reduced, often by more than $20\%$. These improved parameters can be used both in the 2-party PSI protocol of Rindal and Rosulek and in PSImple.

Category / Keywords: cryptographic protocols / Private set intersection; Concrete efficiency; Malicious security;

Date: received 2 Feb 2021, last revised 13 May 2021

Contact author: omrier at gmail com,anermosh@post bgu ac il,olga@nissenbaum ru,anps83@gmail com

Available format(s): PDF | BibTeX Citation

Version: 20210513:071211 (All versions of this report)

Short URL: ia.cr/2021/122


[ Cryptology ePrint archive ]