efficient private matching and set intersection eurocrypt 2004
Download
Skip this Video
Download Presentation
Efficient Private Matching and Set Intersection (EUROCRYPT, 2004)

Loading in 2 Seconds...

play fullscreen
1 / 13

Efficient Private Matching and Set Intersection (EUROCRYPT, 2004) - PowerPoint PPT Presentation


  • 74 Views
  • Uploaded on

Efficient Private Matching and Set Intersection (EUROCRYPT, 2004). Author : Michael J.Freedman Kobbi Nissim Benny Pinkas. Presentered by Chia Jui Hsu Date : 2009-02-10. Outline. Introduction Private Matching Scheme Adversary models Security Conclusion

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Efficient Private Matching and Set Intersection (EUROCRYPT, 2004)' - kamal-arnold


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
efficient private matching and set intersection eurocrypt 2004

Efficient Private Matching and Set Intersection (EUROCRYPT, 2004)

Author:Michael J.Freedman

Kobbi Nissim

Benny Pinkas

Presentered by Chia Jui Hsu

Date:2009-02-10

outline
Outline
  • Introduction
  • Private Matching Scheme
  • Adversary models
  • Security
  • Conclusion
  • References
introduction 1 3
Introduction (1/3)

Intersection

A

B

DataSets

introduction 2 3
Introduction (2/3)
  • Oblivious Transfer(忘卻式傳輸/模糊傳送)

OR

Sender

Receiver

1 out of 2 OT

1.傳送者不知道接收者是否得到密文

2.接收者只能得到他選擇的密文

M. Rabin, "How to Exchange Secrets by Oblivious Transfer", Technical Report TR-81,Aiken Computation Laboratory, Harvard Univ.,1981.

introduction 3 3
Introduction (3/3)
  • Homomorphic encryption system
    • E(m1)⊙E(m2)= E(m1 m2)
    • c=E(m), ck=E(km)

Θ

private matching scheme 1 4
Private Matching Scheme (1/4)
  • PM Scheme
    • client/chooser (C) and server/sender (S)
    • C inputs X = {x1,…,xkc} and S inputs Y = {y1,…,yks}
    • C learns X∩Y :PM(X,Y)
  • Polynomial

input of size

C

讓S算的變數

private matching scheme 2 4
Private Matching Scheme (2/4)
  • Horner scheme
  • example
    • 若y=3,則P(y)=5
private matching scheme 3 4
Private Matching Scheme (3/4)
  • 法二
  • 法三

y=3,P(y)=5

private matching scheme 4 4
Private Matching Scheme (4/4)

Server

Client

X={x1,…xkc}

Y={y1,…yks}

1.內插法算出多項式

2.對多項式的係數做同態加密

4.選擇一個亂數值γ

5.

3.上傳至Server

6.重新排列後回傳KS個

7.解密,若一樣,則解出y

不一樣,則解出亂數

adversary models
Adversary models
  • Semi-honest
    • 1.pretecting the client
      • indistinguishability
    • 2.protecting the sender
      • comparison to the ideal model
  • Malicious
    • adversary may behave arbitrarily
      • 1.拒絕參與協定(PM)
      • 2.用任意值代替輸入
      • 3.過早中止協定(PM)
security
Security
  • Correctness
  • C’s privacy is preserved
  • S’s privacy is preserved
conclusion
Conclusion
  • use homomorphic encryption and balanced hashing for both semi-honest (standard model) and malicious (random oracle model) environments.
  • list length k, communication O(k), and computation is O(klnlnk).
references
References
  • Efficient Private Matching and Set Intersection, 2004
  • http://en.wikipedia.org/wiki/Horner_scheme
ad