Leap: A Fast, Lattice-based OPRF With Application to Private Set Intersection

Lena Heimberger; Daniel Kales; Riccardo Lolato; Omid Mir; Sebastian Ramacher; Christian Rechberger

Paper 2025/333

Leap: A Fast, Lattice-based OPRF With Application to Private Set Intersection

Lena Heimberger

, Graz University of Technology

Daniel Kales

, Taceo

Riccardo Lolato

, University of Trento

Omid Mir

, Austrian Institute of Technology

Sebastian Ramacher

, Austrian Institute of Technology

Christian Rechberger

, University of Graz, Taceo

Abstract

Oblivious pseudorandom functions (OPRFs) are an important primitive in privacy-preserving cryptographic protocols. The growing interest in OPRFs, both in theory and practice, has led to the development of numerous constructions and variations. However, most of these constructions rely on classical assumptions. Potential future quantum attacks may limit the practicality of those OPRFs for real-world applications. To close this gap, we introduce Leap, a novel OPRF based on heuristic lattice assumptions. Fundamentally, Leap builds upon the Spring [BBL+15] pseudorandom function (PRF), which relies on the learning with rounding assumption, and integrates techniques from multi-party computation, specifically Oblivious Transfer (OT) and Oblivious Linear Evaluation (OLE). With this combination of oblivious protocols, we construct an OPRF that evaluates in less than a millisecond on a modern computer. Efficiency-wise, our prototype implementation achieves computation times of just 11 microseconds for the client and 750 microseconds for the server, excluding some base OT preprocessing overhead. Moreover, Leap requires an online communication cost of 23 kB per evaluation, where the client only has to send around 380 bytes online. To demonstrate the practical applicability of Leap, we present an efficient private set intersection (PSI) protocol built on top of Leap. This application highlights the potential for the integration of Leap into various privacy-preserving applications: We can compute an unbalanced set intersection with set sizes of 2^24 and 2^15 in under a minute of online time and just over two minutes overall.

Note: Full version with additional benchmarks and graphics.

Metadata

Available format(s): PDF
Category: Cryptographic protocols
Publication info: A major revision of an IACR publication in EUROCRYPT 2025
Keywords: OPRF Oblivious Pseudorandom Function PSI Private Set Intersection LWR Lattices Naor-Reingold Post-Quantum
Contact author(s): lena heimberger @ tugraz at
History: 2025-02-25: approved; 2025-02-24: received; See all versions
Short URL: https://ia.cr/2025/333
License: CC BY

BibTeX

@misc{cryptoeprint:2025/333,
      author = {Lena Heimberger and Daniel Kales and Riccardo Lolato and Omid Mir and Sebastian Ramacher and Christian Rechberger},
      title = {Leap: A Fast, Lattice-based {OPRF} With Application to Private Set Intersection},
      howpublished = {Cryptology {ePrint} Archive, Paper 2025/333},
      year = {2025},
      url = {https://eprint.iacr.org/2025/333}
}