Laconic updatable private set intersection

IF 3.8 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications Pub Date : 2025-01-16 DOI:10.1016/j.jisa.2025.103969

Xiangqian Kong , Lanxiang Chen , Yizhao Zhu , Yi Mu

{"title":"Laconic updatable private set intersection","authors":"Xiangqian Kong , Lanxiang Chen , Yizhao Zhu , Yi Mu","doi":"10.1016/j.jisa.2025.103969","DOIUrl":null,"url":null,"abstract":"<div><div>A laconic private set intersection (PSI) protocol features a two-round communication process with an initial message that remains independent of the set sizes. It is useful for efficiently matching large server sets with smaller client sets without multiple rounds of interaction. The previous work by Aranha et al. (CCS’22) demonstrated superior efficiency but relied on a trusted third party to generate a secret value <span><math><mi>s</mi></math></span> and all its powers, denoted as <span><math><mrow><mo>(</mo><mi>g</mi><mo>,</mo><msup><mrow><mi>g</mi></mrow><mrow><mi>s</mi></mrow></msup><mo>,</mo><mo>…</mo><mo>,</mo><msup><mrow><mi>g</mi></mrow><mrow><msup><mrow><mi>s</mi></mrow><mrow><mn>2</mn></mrow></msup></mrow></msup><mo>,</mo><mo>…</mo><mo>,</mo><msup><mrow><mi>g</mi></mrow><mrow><msup><mrow><mi>s</mi></mrow><mrow><mrow><mo>|</mo><mi>X</mi><mo>|</mo></mrow></mrow></msup></mrow></msup><mo>)</mo></mrow></math></span>, where <span><math><mrow><mo>|</mo><mi>X</mi><mo>|</mo></mrow></math></span> represents the size of the receiver’s set <span><math><mi>X</mi></math></span>. However, these protocols did not address the practical need for updatable sets for both the receiver and sender, which implies the ability to add new elements, delete existing ones, or update an element by deleting it and subsequently adding a new one. In our work, we present an updatable private set intersection protocol that eliminates the need for a trusted third party. Our approach achieves constant communication complexity from the receiver to the sender and linear complexity from the sender to the receiver while partially hiding the size of the receiver’s set. We first establish an efficient PSI protocol and then propose two variants that allow both parties to modify their sets. Additionally, we prove the security of our proposed protocol against semi-honest participants within our security model.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"89 ","pages":"Article 103969"},"PeriodicalIF":3.8000,"publicationDate":"2025-01-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Information Security and Applications","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2214212625000079","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

A laconic private set intersection (PSI) protocol features a two-round communication process with an initial message that remains independent of the set sizes. It is useful for efficiently matching large server sets with smaller client sets without multiple rounds of interaction. The previous work by Aranha et al. (CCS’22) demonstrated superior efficiency but relied on a trusted third party to generate a secret value

s

and all its powers, denoted as

(g, g^{s}, \dots, g^{s^{2}}, \dots, g^{s^{| X |}})

, where

| X |

represents the size of the receiver’s set

X

. However, these protocols did not address the practical need for updatable sets for both the receiver and sender, which implies the ability to add new elements, delete existing ones, or update an element by deleting it and subsequently adding a new one. In our work, we present an updatable private set intersection protocol that eliminates the need for a trusted third party. Our approach achieves constant communication complexity from the receiver to the sender and linear complexity from the sender to the receiver while partially hiding the size of the receiver’s set. We first establish an efficient PSI protocol and then propose two variants that allow both parties to modify their sets. Additionally, we prove the security of our proposed protocol against semi-honest participants within our security model.

查看原文本刊更多论文

简洁可更新的私有集合交集

一个简洁的私有集合交集（PSI）协议的特点是一个两轮通信过程，初始消息保持独立于集合大小。它有助于有效地将大型服务器集与较小的客户端集匹配起来，而无需多轮交互。Aranha等人之前的工作（CCS ' 22）证明了更高的效率，但依赖于可信的第三方来生成一个秘密值s及其所有权力，表示为（g,gs，…，gs2，…，gs|X|），其中|X|表示接收方集合X的大小。然而，这些协议并没有解决接收方和发送方对可更新集合的实际需求，这意味着能够添加新元素，删除现有元素，或者通过删除元素并随后添加新元素来更新元素。在我们的工作中，我们提出了一个可更新的私有集合交集协议，消除了对可信第三方的需要。我们的方法实现了从接收方到发送方的恒定通信复杂度和从发送方到接收方的线性复杂度，同时部分隐藏了接收方集合的大小。我们首先建立了一个有效的PSI协议，然后提出了两种允许双方修改其集合的变体。此外，我们在我们的安全模型中针对半诚实的参与者证明了我们提出的协议的安全性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Journal of Information Security and Applications Computer Science-Computer Networks and Communications

CiteScore

10.90

自引率

5.40%

发文量

206

审稿时长

56 days

期刊介绍： Journal of Information Security and Applications (JISA) focuses on the original research and practice-driven applications with relevance to information security and applications. JISA provides a common linkage between a vibrant scientific and research community and industry professionals by offering a clear view on modern problems and challenges in information security, as well as identifying promising scientific and "best-practice" solutions. JISA issues offer a balance between original research work and innovative industrial approaches by internationally renowned information security experts and researchers.