New Realizations of Efficient and Secure Private Set Intersection Protocols Preserving Fairness

Private Set Intersection (PSI) is a useful cryptographic primitive for developing practical privacy preserving techniques for Big Data. PSI allows entities to securely extract intersection of the large data sets they own, without revealing any other crucial information for their input sets. Fairness is a critical issue for both mutual Private Set Intersection (mPSI) and its cardinality variant, namely mutual Private Set Intersection Cardinality (mPSI-CA). Achieving fairness over prime order groups with linear complexity in malicious model remains an interesting challenge for both mPSI and mPSI-CA. None of the prior works achieve all the aforementioned properties together. We address these issues using an off-line semi-trusted third party, called arbiter. Arbiter is semi-trusted in the sense that he cannot get access to the private information of the parties but follow the protocol honestly. In this work, we propose a construction of fair and efficient mPSI with linear communication and computation overheads using prime order groups. Our mPSI employs (Distributed) ElGamal encryption and the verifiable encryption of Cramer-Shoup. A concrete security analysis is provided against malicious parties under Decisional Diffie-Hellman (DDH) assumption. We further extend our mPSI to mPSI-CA retaining all the security properties of mPSI. On a more positive note, our mPSI-CA is the first in its kind with linear complexity preserving fairness.