We present PSImple, the first concretely efficient maliciously-secure multiparty PSI protocol. Our construction is based on oblivious transfer and garbled Bloom filters. To demonstrate the practicality of the PSImple protocol, we implemented the protocol and ran experiments with up to $32$ parties and $2^{20}$ inputs. We show that PSImple is competitive even with the state-of-the-art concretely efficient semi-honest multiparty PSI protocols.
Additionally, we revisit the garbled Bloom filter parameters used in the 2-party PSI protocol of Rindal and Rosulek (Eurocrypt 2017). Using a more careful analysis, we show that the size of the garbled Bloom filters and the number of oblivious transfers required for malicious security can be significantly reduced, often by more than $20\%$. These improved parameters can be used both in the 2-party PSI protocol of Rindal and Rosulek and in PSImple.
Category / Keywords: cryptographic protocols / Private set intersection; Concrete efficiency; Malicious security; Date: received 2 Feb 2021, last revised 13 May 2021 Contact author: omrier at gmail com, anermosh at post bgu ac il, olga at nissenbaum ru, anps83 at gmail com Available format(s): PDF | BibTeX Citation Version: 20210513:071211 (All versions of this report) Short URL: ia.cr/2021/122