On the Security of O-PSI: A Delegated Private Set Intersection on Outsourced Datasets (Extended Version)

ISC Int. J. Inf. Secur. Pub Date : 2018-07-01 DOI:10.22042/ISECURE.2018.120860.410

Mahdi Mahdavi Oliaee, M. Delavar, Mohammad Hassan Ameri, J. Mohajeri, M. Aref

{"title":"On the Security of O-PSI: A Delegated Private Set Intersection on Outsourced Datasets (Extended Version)","authors":"Mahdi Mahdavi Oliaee, M. Delavar, Mohammad Hassan Ameri, J. Mohajeri, M. Aref","doi":"10.22042/ISECURE.2018.120860.410","DOIUrl":null,"url":null,"abstract":"In recent years, determining the common information privately and efficiently between two mutually mistrusting parties have become an important issue in social networks. Many Private Set Intersection (PSI) protocols have been introduced to address this issue. By applying these protocols, two parties can compute the intersection between their sets without disclosing any information about components that are not in the intersection. Due to the broad range of computational resources that the cloud can provide for its users, determining the set intersection by cloud may decrease the computational cost of the users. The proposed protocols by Abadi et al. are two protocols in this context. In this paper, we show that their protocols are vulnerable to eavesdropping attack. Also, a solution is proposed to secure the protocol against mentioned attack. Moreover, we analyze the performance of both O-PSI and modified O-PSI protocols and show that our scheme is comparable with the O-PSI protocol. Actually, one trivial solution for the Abadi et al.’s proposed schemes is to use a secure channel like TLS. However, in the performance evaluation, we compare our applied modification with this trivial solution, and show that our proposed modification is more efficient as some extra encryptions imposed by TLS are no longer required.","PeriodicalId":436674,"journal":{"name":"ISC Int. J. Inf. Secur.","volume":"17 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"ISC Int. J. Inf. Secur.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.22042/ISECURE.2018.120860.410","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

In recent years, determining the common information privately and efficiently between two mutually mistrusting parties have become an important issue in social networks. Many Private Set Intersection (PSI) protocols have been introduced to address this issue. By applying these protocols, two parties can compute the intersection between their sets without disclosing any information about components that are not in the intersection. Due to the broad range of computational resources that the cloud can provide for its users, determining the set intersection by cloud may decrease the computational cost of the users. The proposed protocols by Abadi et al. are two protocols in this context. In this paper, we show that their protocols are vulnerable to eavesdropping attack. Also, a solution is proposed to secure the protocol against mentioned attack. Moreover, we analyze the performance of both O-PSI and modified O-PSI protocols and show that our scheme is comparable with the O-PSI protocol. Actually, one trivial solution for the Abadi et al.’s proposed schemes is to use a secure channel like TLS. However, in the performance evaluation, we compare our applied modification with this trivial solution, and show that our proposed modification is more efficient as some extra encryptions imposed by TLS are no longer required.

查看原文本刊更多论文

论O-PSI的安全性:外包数据集上的委托私有集交集(扩展版)

近年来，如何在互不信任的双方之间私下高效地确定共同信息已成为社交网络中的一个重要问题。为了解决这个问题，引入了许多私有集交集(PSI)协议。通过应用这些协议，双方可以计算其集合之间的交集，而不会泄露任何关于不在交集中的组件的信息。由于云可以为其用户提供广泛的计算资源，通过云确定集合交集可以降低用户的计算成本。Abadi等人提出的方案是这方面的两种方案。在本文中，我们证明了它们的协议容易受到窃听攻击。同时，提出了一种保护协议免受上述攻击的解决方案。此外，我们还分析了O-PSI协议和改进的O-PSI协议的性能，表明我们的方案与O-PSI协议具有可比性。实际上，Abadi等人提出的方案的一个简单解决方案是使用像TLS这样的安全通道。然而，在性能评估中，我们将应用的修改与这个平凡的解决方案进行比较，并表明我们提出的修改更有效，因为不再需要TLS强加的一些额外加密。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

ISC Int. J. Inf. Secur.

自引率

0.00%

发文量