Abstract

<p style='text-indent:20px;'>In the field of privacy preserving protocols, Private Set Intersection (PSI) plays an important role. In most of the cases, PSI allows two parties to securely determine the intersection of their private input sets, and no other information. In this paper, employing a Bloom filter, we propose a Multiparty Private Set Intersection Cardinality (MPSI-CA), where the number of participants in PSI is not limited to two. The security of our scheme is achieved in the standard model under the Decisional Diffie-Hellman (DDH) assumption against semi-honest adversaries. Our scheme is flexible in the sense that set size of one participant is independent from that of the others. We consider the number of modular exponentiations in order to determine computational complexity. In our construction, communication and computation overheads of each participant is <inline-formula><tex-math id="M1">\begin{document}$ O(v_{\sf max}k) $\end{document}</tex-math></inline-formula> except that the complexity of the designated party is <inline-formula><tex-math id="M2">\begin{document}$ O(v_1) $\end{document}</tex-math></inline-formula>, where <inline-formula><tex-math id="M3">\begin{document}$ v_{\sf max} $\end{document}</tex-math></inline-formula> is the maximum set size, <inline-formula><tex-math id="M4">\begin{document}$ v_1 $\end{document}</tex-math></inline-formula> denotes the set size of the designated party and <inline-formula><tex-math id="M5">\begin{document}$ k $\end{document}</tex-math></inline-formula> is a security parameter. Particularly, our MSPI-CA is the <i>first</i> that incurs <i>linear</i> complexity in terms of set size, namely <inline-formula><tex-math id="M6">\begin{document}$ O(nv_{\sf max}k) $\end{document}</tex-math></inline-formula>, where <inline-formula><tex-math id="M7">\begin{document}$ n $\end{document}</tex-math></inline-formula> is the number of participants. Further, we extend our MPSI-CA to MPSI retaining all the security attributes and other properties. As far as we are aware of, there is no other MPSI so far where individual computational cost of each participant is independent of the number of participants. Unlike MPSI-CA, our MPSI does not require any kind of broadcast channel as it uses star network topology in the sense that a designated party communicates with everyone else.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.