[Resource Topic] 2024/789: FairSec: Fair and Maliciously Secure Circuit-PSI via SPDZ-Compatible Oblivious PRF

Welcome to the resource topic for 2024/789

FairSec: Fair and Maliciously Secure Circuit-PSI via SPDZ-Compatible Oblivious PRF

Authors: Yaxi Yang, Xiaojian Liang, Xiangfu Song, Linting Huang, Hongyu Ren, Changyu Dong, Jianying Zhou


Private Set Intersection (PSI) allows two parties to compute the intersection of their input sets without revealing more information than the computation results. PSI and its variants have numerous applications in practice. Circuit-PSI is a famous variant and aims to compute any functionality f on items in the intersection set. However, the existing circuit-PSI protocols only provide security against \emph{semi-honest} adversaries. One straightforward solution is to extend a pure garbled-circuit-based PSI (NDSS’12) to a maliciously secure circuit-PSI, but it will result in non-concrete complexity. Another is converting state-of-the-art semi-honest circuit-PSI protocols (EUROCRYPT’21; PoPETS’22) to be secure in the malicious setting. However, it will come across \emph{the consistency issue} since parties can not guarantee the inputs of functionality f stay unchanged as obtained from the last step.

This paper addresses the aforementioned issue by introducing FairSec, the first malicious circuit-PSI protocol. The central building block of FairSec, called Distributed Dual-key Oblivious PRF (DDOPRF), provides an oblivious evaluation of secret-shared inputs with dual keys. Additionally, we ensure the compatibility of DDOPRF with SPDZ, enhancing the versatility of our circuit-PSI protocol. Notably, our construction allows us to guarantee fairness within circuit-PSI effortlessly. Importantly, FairSec also achieves linear computation and communication complexities.

ePrint: https://eprint.iacr.org/2024/789

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .