[Resource Topic] 2024/1476: The Concrete Security of Two-Party Computation: Simple Definitions, and Tight Proofs for PSI and OPRFs

Welcome to the resource topic for 2024/1476

Title:
The Concrete Security of Two-Party Computation: Simple Definitions, and Tight Proofs for PSI and OPRFs

Authors: Mihir Bellare, Rishabh Ranjan, Doreen Riepel, Ali Aldakheel

Abstract:

This paper initiates a concrete-security treatment of two-party secure computation. The first step is to propose, as target, a simple, indistinguishability-based definition that we call InI. This could be considered a poor choice if it were weaker than standard simulation-based definitions, but it is not; we show that for functionalities satisfying a condition called invertibility, that we define and show is met by functionalities of practical interest like PSI and its variants, the two definitions are equivalent. Based on this, we move forward to study the concrete security of a canonical OPRF-based construction of PSI, giving a tight proof of InI security of the constructed PSI protocol based on the security of the OPRF. This leads us to the concrete security of OPRFs, where we show how different DH-style assumptions on the underlying group yield proofs of different degrees of tightness, including some that are tight, for the well-known and efficient 2H-DH OPRF, and thus for the corresponding DH PSI protocol. We then give a new PSI protocol, called salted-DH PSI, that is as efficient as DH-PSI, yet enjoys tighter proofs.

ePrint: https://eprint.iacr.org/2024/1476

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .