research-article

Blazing Fast PSI from Improved OKVS and Subfield VOLE

Authors:

Srinivasan Raghuraman,

Peter RindalAuthors Info & Claims

CCS '22: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security

Pages 2505 - 2517

https://doi.org/10.1145/3548606.3560658

Published: 07 November 2022 Publication History

Abstract

We present new semi-honest and malicious secure PSI protocols that outperform all prior works by several times in both communication and running time. Our semi-honest protocol for n = 2^20 can be performed in 0.37 seconds compared to the previous best of 2 seconds (Kolesnikov et al., CCS 2016). This can be further reduced to 0.16 seconds with 4 threads. Similarly, our protocol sends 187n bits compared to 426n bits of the next most communication-efficient protocol (Rindal et al., Eurocrypt 2021). Additionally, we apply our new techniques to the circuit PSI protocol of Rindal et al. and observe a 6x improvement in running time. These performance results are obtained by two types of improvements.

The first is an optimization to the protocol of Rindal et al. to utilize sub-field vector oblivious linear evaluation. This optimization allows our construction to be the first to achieve a communication complexity of O(n lambda + n log n) where lambda is the statistical security parameter. In particular, the communication overhead of our protocol does not scale with the computational security parameter times n.

Our second improvement is to the OKVS data structure which our protocol crucially relies on. In particular, our construction improves both the computation and communication efficiency as compared to prior work (Garimella et al., Crypto 2021). These improvements stem from algorithmic changes to the data structure along with new techniques for obtaining both asymptotic and tight concrete bounds on its failure probability.

References

[1]

Béla Bollobás. 1984. The Evolution of Random Graphs. Trans. Amer. Math. Soc. 286, 1 (1984), 257--274.

[2]

Elette Boyle, Geoffroy Couteau, Niv Gilboa, Yuval Ishai, Lisa Kohl, Peter Rindal, and Peter Scholl. 2019. Efficient Two-Round OT Extension and Silent NonInteractive Secure Computation. In Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, CCS 2019, London, UK, November 11--15, 2019, Lorenzo Cavallaro, Johannes Kinder, XiaoFeng Wang, and Jonathan Katz (Eds.). ACM, 291--308.

Digital Library

[3]

Prasad Buddhavarapu, Andrew Knox, Payman Mohassel, Shubho Sengupta, Erik Taubeneck, and Vlad Vlaskin. 2020. Private Matching for Compute. IACR Cryptol. ePrint Arch. 2020 (2020), 599.

[4]

Nishanth Chandran, Divya Gupta, and Akash Shah. 2022. Circuit-PSI with Linear Complexity via Relaxed Batch OPPRF. Proceedings on Privacy Enhancing Technologies (PETs). https://doi.org/10.2478/popets-2022-0018 https://eprint. iacr.org/2021/034.

[5]

Geoffroy Couteau, Peter Rindal, and Srinivasan Raghuraman. 2021. Silver: Silent VOLE and Oblivious Transfer from Hardness of Decoding Structured LDPC Codes. In Advances in Cryptology - CRYPTO 2021 - 41st Annual International Cryptology Conference, CRYPTO 2021, Virtual Event, August 16--20, 2021, Proceedings, Part III (Lecture Notes in Computer Science, Vol. 12827), Tal Malkin and Chris Peikert (Eds.). Springer, 502--534.

[6]

Emiliano De Cristofaro and Gene Tsudik. 2010. Practical Private Set Intersection Protocols with Linear Complexity. In Financial Cryptography (Lecture Notes in Computer Science, Vol. 6052). Springer, 143--159.

Digital Library

[7]

Amir Dembo and Andrea Montanari. 2008. Finite size scaling for the core of large random hypergraphs. The Annals of Applied Probability 18, 5 (2008).

[8]

Paul Erdös and Alfréd Rényi. 1959. On random graphs I. Publ. Math. Debrecen 6 (1959), 290--397.

[9]

Quentin Fortier. 2017. Aspects of connectivity with matroid constraints in graphs Modeling and Simulation. Université Grenoble Alpes NNT : 2017GREAM059 (2017).

[10]

András Frank, Tamás Király, and Matthias Kriesell. 2003. On decomposing a hypergraph into k connected sub-hypergraphs. Discret. Appl. Math. 131, 2 (2003), 373--383.

Digital Library

[11]

Alan Frieze and Michal Karo'ski. 2021. Introduction to Random Graphs.

[12]

Gayathri Garimella, Benny Pinkas, Mike Rosulek, Ni Trieu, and Avishay Yanai. 2021. Oblivious Key-Value Stores and Amplification for Private Set Intersection. In Advances in Cryptology - CRYPTO 2021 - 41st Annual International Cryptology Conference, CRYPTO 2021, Virtual Event, August 16--20, 2021, Proceedings, Part II (Lecture Notes in Computer Science, Vol. 12826), Tal Malkin and Chris Peikert (Eds.). Springer, 395--425.

[13]

Yan Huang, David Evans, and Jonathan Katz. 2012. Private Set Intersection: Are Garbled Circuits Better than Custom Protocols?. In 19th Annual Network and Distributed System Security Symposium, NDSS 2012, San Diego, California, USA, February 5--8, 2012. The Internet Society. https://www.ndss-symposium.org/ndss2012/ private-set-intersection-are-garbled-circuits-better-custom-protocols

[14]

Mihaela Ion, Ben Kreuter, Ahmet Erhan Nergiz, Sarvar Patel, Shobhit Saxena, Karn Seth, Mariana Raykova, David Shanahan, and Moti Yung. 2020. On Deploying Secure Computing: Private Intersection-Sum-with-Cardinality. In EuroS&P. IEEE, 370--389.

[15]

Yuval Ishai, Joe Kilian, Kobbi Nissim, and Erez Petrank. 2003. Extending Oblivious Transfers Efficiently. In CRYPTO (Lecture Notes in Computer Science, Vol. 2729). Springer, 145--161.

[16]

Vladimir Kolesnikov, Ranjit Kumaresan, Mike Rosulek, and Ni Trieu. 2016. Efficient Batched Oblivious PRF with Applications to Private Set Intersection. IACR Cryptol. ePrint Arch. (2016), 799. http://eprint.iacr.org/2016/799

[17]

Tomasz Luczak. 1990. Component Behavior Near the Critical Point of the Random Graph Process. Random Struct. Algorithms 1, 3 (1990), 287--310.

Digital Library

[18]

Catherine A. Meadows. 1986. A More Efficient Cryptographic Matchmaking Protocol for Use in the Absence of a Continuously Available Third Party. In IEEE Symposium on Security and Privacy. IEEE Computer Society, 134--137.

[19]

Ofri Nevo, Ni Trieu, and Avishay Yanai. 2021. Simple, Fast Malicious Multiparty Private Set Intersection. https://ia.cr/2021/1221.

[20]

Michele Orrù, Emmanuela Orsini, and Peter Scholl. 2017. Actively Secure 1- out-of-N OT Extension with Application to Private Set Intersection. In CT-RSA (Lecture Notes in Computer Science, Vol. 10159). Springer, 381--396.

[21]

J.G. Oxley. 2006. Matroid Theory. Oxford University Press. https://books.google. com/books?id=puKta1Hdz-8C

[22]

Christos H. Papadimitriou and David Wolfe. 1988. The Complexity of Facets Resolved. J. Comput. Syst. Sci. 37, 1 (1988), 2--13.

Digital Library

[23]

Benny Pinkas, Mike Rosulek, Ni Trieu, and Avishay Yanai. 2019. SpOT-Light: Lightweight Private Set Intersection from Sparse OT Extension. In CRYPTO (3) (Lecture Notes in Computer Science, Vol. 11694). Springer, 401--431.

[24]

Benny Pinkas, Mike Rosulek, Ni Trieu, and Avishay Yanai. 2020. PSI from PaXoS: Fast, Malicious Private Set Intersection. In Advances in Cryptology - EUROCRYPT 2020 - 39th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Zagreb, Croatia, May 10--14, 2020, Proceedings, Part II (Lecture Notes in Computer Science, Vol. 12106), Anne Canteaut and Yuval Ishai (Eds.). Springer, 739--767.

[25]

Benny Pinkas, Thomas Schneider, Gil Segev, and Michael Zohner. 2015. Phasing: Private Set Intersection Using Permutation-based Hashing. In USENIX Security Symposium. USENIX Association, 515--530.

[26]

Benny Pinkas, Thomas Schneider, and Michael Zohner. 2014. Faster Private Set Intersection Based on OT Extension. In USENIX Security Symposium. USENIX Association, 797--812.

[27]

Peter Rindal and Mike Rosulek. 2017. Malicious-Secure Private Set Intersection via Dual Execution. In ACM Conference on Computer and Communications Security. ACM, 1229--1242.

Digital Library

[28]

Peter Rindal and Phillipp Schoppmann. 2021. VOLE-PSI: Fast OPRF and CircuitPSI from Vector-OLE. In Advances in Cryptology - EUROCRYPT 2021 - 40th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Zagreb, Croatia, October 17--21, 2021, Proceedings, Part II (Lecture Notes in Computer Science, Vol. 12697), Anne Canteaut and François-Xavier Standaert (Eds.). Springer, 901--930.

Digital Library

[29]

Stefan Walzer. 2021. Peeling Close to the Orientability Threshold - Spatial Coupling in Hashing-Based Data Structures. In Proceedings of the 2021 ACMSIAM Symposium on Discrete Algorithms, SODA 2021, Virtual Conference, January 10 - 13, 2021, Dániel Marx (Ed.). SIAM, 2194--2211.

[30]

Jianmin Zhang, Sikun Li, and ShengYu Shen. 2006. Extracting Minimum Unsatisfiable Cores with a Greedy Genetic Algorithm. In AI 2006: Advances in Artificial Intelligence, 19th Australian Joint Conference on Artificial Intelligence, Hobart, Australia, December 4--8, 2006, Proceedings (Lecture Notes in Computer Science, Vol. 4304), Abdul Sattar and Byeong-Ho Kang (Eds.). Springer, 847--856.

Digital Library

Cited By

Pang XChen L(2025)Efficient and privacy-preserving butterfly counting on encrypted bipartite graphsJournal of Information Security and Applications10.1016/j.jisa.2024.10395289(103952)Online publication date: Mar-2025
https://doi.org/10.1016/j.jisa.2024.103952
van Baarsen AStevens M(2024)Amortizing Circuit-PSI in the Multiple Sender/Receiver SettingIACR Communications in Cryptology10.62056/a0fhsgvtwOnline publication date: 7-Oct-2024
https://doi.org/10.62056/a0fhsgvtw
Chen YDing NGu DBian Y(2024)Practical multi-party private set intersection cardinality and intersection-sum protocols under arbitrary collusion1Journal of Computer Security10.3233/JCS-230091(1-41)Online publication date: 4-Apr-2024
https://doi.org/10.3233/JCS-230091
Show More Cited By

Index Terms

Blazing Fast PSI from Improved OKVS and Subfield VOLE
1. Security and privacy
  1. Cryptography

Recommendations

Efficient Batched Oblivious PRF with Applications to Private Set Intersection
CCS '16: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security

We describe a lightweight protocol for oblivious evaluation of a pseudorandom function (OPRF) in the presence of semihonest adversaries. In an OPRF protocol a receiver has an input r; the sender gets output s and the receiver gets output F(s; r), where ...
Efficient Linear Multiparty PSI and Extensions to Circuit/Quorum PSI
CCS '21: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security

Multiparty Private Set Intersection (mPSI), enables n parties, each holding private sets (each of size m) to securely compute the intersection of these private sets. While several protocols are known for this task, the only concretely efficient protocol ...
Revisiting OKVS-Based OPRF and PSI: Cryptanalysis and Better Construction
Advances in Cryptology – ASIACRYPT 2024
Abstract
Oblivious pseudorandom function (OPRF) is a two-party cryptographic protocol that allows the receiver to input x and learn F(x) for some PRF F, only known to the sender. For private set intersection (PSI) applications, OPRF protocols have evolved ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

CCS '22: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security

November 2022

3598 pages

ISBN:9781450394505

DOI:10.1145/3548606

General Chairs:
Heng Yin
University of California, Riverside
,
Angelos Stavrou
Virginia Tech
,
Program Chairs:
Cas Cremers
CISPA Helmholtz Center for Information Security
,
Elaine Shi
Carnegie Mellon University

Copyright © 2022 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 07 November 2022

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CCS '22

Sponsor:

SIGSAC

CCS '22: 2022 ACM SIGSAC Conference on Computer and Communications Security

November 7 - 11, 2022

CA, Los Angeles, USA

Acceptance Rates

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '25

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 13 - 17, 2025

Taipei , Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

33
Total Citations
View Citations
653
Total Downloads

Downloads (Last 12 months)251
Downloads (Last 6 weeks)46

Reflects downloads up to 09 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Pang XChen L(2025)Efficient and privacy-preserving butterfly counting on encrypted bipartite graphsJournal of Information Security and Applications10.1016/j.jisa.2024.10395289(103952)Online publication date: Mar-2025
https://doi.org/10.1016/j.jisa.2024.103952
van Baarsen AStevens M(2024)Amortizing Circuit-PSI in the Multiple Sender/Receiver SettingIACR Communications in Cryptology10.62056/a0fhsgvtwOnline publication date: 7-Oct-2024
https://doi.org/10.62056/a0fhsgvtw
Chen YDing NGu DBian Y(2024)Practical multi-party private set intersection cardinality and intersection-sum protocols under arbitrary collusion1Journal of Computer Security10.3233/JCS-230091(1-41)Online publication date: 4-Apr-2024
https://doi.org/10.3233/JCS-230091
Sun YKatz JRaykova MSchoppmann PWang XLuo BLiao XXu JKirda ELie D(2024)Actively Secure Private Set Intersection in the Client-Server SettingProceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security10.1145/3658644.3690349(1478-1492)Online publication date: 2-Dec-2024
https://dl.acm.org/doi/10.1145/3658644.3690349
Zhang CChen YLiu WPeng LHao MWang AWang XLuo BLiao XXu JKirda ELie D(2024)Unbalanced Private Set Union with Reduced Computation and CommunicationProceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security10.1145/3658644.3690308(1434-1447)Online publication date: 2-Dec-2024
https://dl.acm.org/doi/10.1145/3658644.3690308
Gao YLuo YWang LLiu XQi LWang WZhou MLuo BLiao XXu JKirda ELie D(2024)Efficient Scalable Multi-Party Private Set Intersection(-Variants) from Bicentric Zero-SharingProceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security10.1145/3658644.3690245(4137-4151)Online publication date: 2-Dec-2024
https://dl.acm.org/doi/10.1145/3658644.3690245
Patel SPersiano GSeo JYeo KLuo BLiao XXu JKirda ELie D(2024)Efficient Secret Sharing for Large-Scale ApplicationsProceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security10.1145/3658644.3670379(3065-3079)Online publication date: 2-Dec-2024
https://dl.acm.org/doi/10.1145/3658644.3670379
Kang XMa ZLiu YLi TYing ZZhang B(2024)Multi-Party Private Edge Computing for Collaborative Quantitative Exposure Detection of Endemic DiseasesIEEE Transactions on Mobile Computing10.1109/TMC.2024.340366423:12(12020-12034)Online publication date: Dec-2024
https://doi.org/10.1109/TMC.2024.3403664
Li SZeng YWang YZhong YZhou ZTong Y(2024)An Experimental Study on Federated Equi-JoinsIEEE Transactions on Knowledge and Data Engineering10.1109/TKDE.2024.337502836:9(4443-4457)Online publication date: Sep-2024
https://doi.org/10.1109/TKDE.2024.3375028
Yang YChen XPan YShen JCao ZDong XLi XSun JYang GDeng R(2024)OpenVFL: A Vertical Federated Learning Framework With Stronger Privacy-PreservingIEEE Transactions on Information Forensics and Security10.1109/TIFS.2024.347792419(9670-9681)Online publication date: 2024
https://doi.org/10.1109/TIFS.2024.3477924
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents