Paper 2022/590
Secure Merge in Linear Time and O(log log N) Rounds
Abstract
The problem of Secure Merge consists of combining two sorted lists (which are either held separately by two parties, or secret-shared among two or more parties), and outputting a single merged (sorted) list, secret-shared among all parties. Just as insecure algorithms for comparison-based sorting are slower than merging (i.e., for lists of size $n$, $\Theta(n \log n)$ versus $\Theta(n)$), we explore whether the analogous separation exists for secure protocols; namely, if there exist techniques for performing secure merge that are more performant than simply invoking a secure multiparty sort. We answer this question affirmatively by constructing a semi-honest protocol with optimal $\Theta(n)$ communication and computation, and $\Theta(\log \log n)$ rounds of communication. Our results are based solely on black-box use of basic secure primitives, such as secure comparison and secure shuffle. Since two-party secure primitives require computational assumptions, while three-party secure primitive do not, our result imply a computationally secure two-party secure merge protocol and an information-theoretically secure three-party secure merge protocol with these bounds. Secure sort is a fundamental building block used in many MPC protocols, e.g., various private set intersection protocols and oblivious RAM protocols. More efficient secure sort can lead to concrete improvements in the overall run-time. Since secure sort can often be replaced by secure merge -- since inputs (from different participating players) can be presorted -- an efficient secure merge protocol has wide applicability. There are also a range of applications in the field of secure databases, including secure database joins, as well as updatable database storage and search, whereby secure merge can be used to insert new entries into an existing (sorted) database. In building our secure merge protocol, we develop several subprotocols that may be of independent interest. For example, we develop a protocol for secure asymmetric merge (where one list is much larger than the other).
Note: Revised for readability and clarity of exposition.
Metadata
- Available format(s)
- Category
- Cryptographic protocols
- Publication info
- Preprint.
- Keywords
- Secure MergeSecure SortSecure DatabasePrivate Set Intersection.
- Contact author(s)
-
mark @ stealthsoftwareinc com
paul @ stealthsoftwareinc com
sam @ stealthsoftwareinc com
steve @ stealthsoftwareinc com
rafail @ cs ucla edu - History
- 2024-02-04: revised
- 2022-05-17: received
- See all versions
- Short URL
- https://ia.cr/2022/590
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2022/590, author = {Mark Blunk and Paul Bunn and Samuel Dittmer and Steve Lu and Rafail Ostrovsky}, title = {Secure Merge in Linear Time and O(log log N) Rounds}, howpublished = {Cryptology {ePrint} Archive, Paper 2022/590}, year = {2022}, url = {https://eprint.iacr.org/2022/590} }