How to prove yourself: practical solutions to identification and signature problems
Proceedings on Advances in cryptology---CRYPTO '86
The knowledge complexity of interactive proof systems
SIAM Journal on Computing
The probabilistic communication complexity of set intersection
SIAM Journal on Discrete Mathematics
On the distributional complexity of disjointness
Theoretical Computer Science
Comparing information without leaking it
Communications of the ACM
Oblivious transfer and polynomial evaluation
STOC '99 Proceedings of the thirty-first annual ACM symposium on Theory of computing
Universally Composable Commitments
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
Wallet Databases with Observers
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
Proofs of Partial Knowledge and Simplified Design of Witness Hiding Protocols
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
Zero-Knowledge Proofs for Finite Field Arithmetic; or: Can Zero-Knowledge be for Free?
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
On Defining Proofs of Knowledge
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
How to generate and exchange secrets
SFCS '86 Proceedings of the 27th Annual Symposium on Foundations of Computer Science
On monotone formula closure of SZK
SFCS '94 Proceedings of the 35th Annual Symposium on Foundations of Computer Science
A secure and optimally efficient multi-authority election scheme
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
An improved protocol for demonstrating possession of discrete logarithms and some generalizations
EUROCRYPT'87 Proceedings of the 6th annual international conference on Theory and application of cryptographic techniques
Efficient concurrent zero-knowledge in the auxiliary string model
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
On private scalar product computation for privacy-preserving data mining
ICISC'04 Proceedings of the 7th international conference on Information Security and Cryptology
ACNS '07 Proceedings of the 5th international conference on Applied Cryptography and Network Security
Efficient Disjointness Tests for Private Datasets
ACISP '08 Proceedings of the 13th Australasian conference on Information Security and Privacy
Unconditionally secure disjointness tests for private datasets
International Journal of Applied Cryptography
Efficient Robust Private Set Intersection
ACNS '09 Proceedings of the 7th International Conference on Applied Cryptography and Network Security
CANS '09 Proceedings of the 8th International Conference on Cryptology and Network Security
Secure computation of the vector dominance problem
ISPEC'08 Proceedings of the 4th international conference on Information security practice and experience
Distributed private matching and set operations
ISPEC'08 Proceedings of the 4th international conference on Information security practice and experience
Efficient protocols for privacy preserving matching against distributed datasets
ICICS'06 Proceedings of the 8th international conference on Information and Communications Security
Honest-verifier private disjointness testing without random oracles
PET'06 Proceedings of the 6th international conference on Privacy Enhancing Technologies
Syntax-Driven private evaluation of quantified membership queries
ACNS'06 Proceedings of the 4th international conference on Applied Cryptography and Network Security
Oblivious scalar-product protocols
ACISP'06 Proceedings of the 11th Australasian conference on Information Security and Privacy
Efficient robust private set intersection
International Journal of Applied Cryptography
| Hi-index | 0.00 |
Two parties, say Alice and Bob, possess two sets of elements that belong to a universe of possible values and wish to test whether these sets are disjoint or not. In this paper we consider the above problem in the setting where Alice and Bob wish to disclose no information to each other about their sets beyond the single bit: “whether the intersection is empty or not.” This problem has many applications in commercial settings where two mutually distrustful parties wish to decide with minimum possible disclosure whether there is any overlap between their private datasets. We present three protocols that solve the above problem that meet different efficiency and security objectives and data representation scenarios. Our protocols are based on Homomorphic encryption and in our security analysis, we consider the semi-honest setting as well as the malicious setting. Our most efficient construction for a large universe in terms of overall communication complexity uses a new encryption primitive that we introduce called “superposed encryption.” We formalize this notion and provide a construction that may be of independent interest. For dealing with the malicious adversarial setting we take advantage of recent efficient constructions of Universally-Composable commitments based on verifiable encryption as well as zero-knowledge proofs of language membership.