Advertisement

Breaking and Fixing the Security Proof of Garbled Bloom Filters

  • Cédric Van RompayEmail author
  • Melek Önen
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10980)

Abstract

We identify a flaw in the proof of security of Garbled Bloom Filters, a recent hash structure introduced by Dong et al. (ACM CCS 2013) that is used to design Private Set Intersection (PSI) protocols, a important family of protocols for secure cloud computing. We give counter-examples invalidating a claim that is central to the original proof and we show that variants of the GBF construction have the same issue in their security analysis. We then give a new proof of security that shows that Garbled Bloom Filters are secure nonetheless.

Keywords

Garbled bloom filter Private set intersection Provable security 

Notes

Acknowledgements

We would like to thank the anonymous reviewers for valuable comments. This work was supported by the EU FP7 ERANET program under grant CHIST-ERA-2016 UPRISE-IOT.

References

  1. 1.
    Bloom, B.H.: Space/time trade-offs in hash coding with allowable errors. Commun. ACM 13(7), 422–426 (1970). http://doi.acm.org/10.1145/362686.362692CrossRefGoogle Scholar
  2. 2.
    Broder, A.Z., Mitzenmacher, M.: Survey: network applications of bloom filters: a survey. Internet Math. 1(4), 485–509 (2003).  https://doi.org/10.1080/15427951.2004.10129096MathSciNetCrossRefzbMATHGoogle Scholar
  3. 3.
    Dong, C., Chen, L.: A fast secure dot product protocol with application to privacy preserving association rule mining. In: Tseng, V.S., Ho, T.B., Zhou, Z.-H., Chen, A.L.P., Kao, H.-Y. (eds.) PAKDD 2014. LNCS (LNAI), vol. 8443, pp. 606–617. Springer, Cham (2014).  https://doi.org/10.1007/978-3-319-06608-0_50CrossRefGoogle Scholar
  4. 4.
    Dong, C., Chen, L., Wen, Z.: When private set intersection meets big data: an efficient and scalable protocol. In: 2013 ACM SIGSAC Conference on Computer and Communications Security, CCS 2013, Berlin, Germany, pp. 789–800, 4–8 November 2013.  https://doi.org/10.1145/2508859.2516701
  5. 5.
    Ghosh, E., Ohrimenko, O., Papadopoulos, D., Tamassia, R., Triandopoulos, N.: Zero-knowledge accumulators and set algebra. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016. LNCS, vol. 10032, pp. 67–100. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-53890-6_3CrossRefGoogle Scholar
  6. 6.
    Katz, J., Lindell, Y.: Introduction to Modern Cryptography, 2nd edn. CRC Press, Boca Raton (2014)zbMATHGoogle Scholar
  7. 7.
    Kiss, A., Liu, J., Schneider, T., Asokan, N., Pinkas, B.: Private set intersection for unequal set sizes with mobile applications. In: IACR Cryptology ePrint Archive 2017, p. 670 (2017). http://eprint.iacr.org/2017/670
  8. 8.
    Lambaek, M.: Breaking and fixing private set intersection protocols. In: IACR Cryptology ePrint Archive 2016, p. 665 (2016). http://eprint.iacr.org/2016/665
  9. 9.
    Lentz, M., Erdélyi, V., Aditya, P., Shi, E., Druschel, P., Bhattacharjee, B.: SDDR: light-weight, secure mobile encounters. In: Proceedings of the 23rd USENIX Security Symposium, San Diego, CA, USA, pp. 925–940, 20–22 August 2014. https://www.usenix.org/conference/usenixsecurity14/technical-sessions/presentation/lentz
  10. 10.
    Patsakis, C., Zigomitros, A., Solanas, A.: Privacy-aware genome mining: server-assisted protocols for private set intersection and pattern matching. In: Proceedings of 28th IEEE International Symposium on Computer-Based Medical Systems, CBMS 2015, Sao Carlos, Brazil, pp. 276–279, 22–25 June 2015.  https://doi.org/10.1109/CBMS.2015.70
  11. 11.
    Pinkas, B., Schneider, T., Zohner, M.: Faster private set intersection based on OT extension. In: Proceedings of the 23rd USENIX Security Symposium, San Diego, CA, USA, pp. 797–812, 20–22 August 2014. https://www.usenix.org/conference/usenixsecurity14/technical-sessions/presentation/pinkas
  12. 12.
    Rindal, P., Rosulek, M.: Improved private set intersection against malicious adversaries. In: Coron, J.-S., Nielsen, J.B. (eds.) EUROCRYPT 2017. LNCS, vol. 10210, pp. 235–259. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-56620-7_9CrossRefGoogle Scholar
  13. 13.
    Rompay, C.V., Molva, R., Önen, M.: Secure and scalable multi-user searchable encryption (2018)Google Scholar
  14. 14.
    Wang, X.S., Huang, Y., Zhao, Y., Tang, H., Wang, X., Bu, D.: Efficient genome-wide, privacy-preserving similar patient query based on private edit distance. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, Denver, CO, USA, pp. 492–503, 6–12 October 2015. http://doi.acm.org/10.1145/2810103.2813725
  15. 15.
    Wen, Z., Dong, C.: Efficient protocols for private record linkage. In: Symposium on Applied Computing, SAC 2014, Gyeongju, Republic of Korea, pp. 1688–1694, 24–28 March 2014. http://doi.acm.org/10.1145/2554850.2555001
  16. 16.
    Zhao, Y., Chow, S.S.M.: Are you the one to share? secret transfer with access structure. PoPETs 2017(1), 149–169 (2017).  https://doi.org/10.1515/popets-2017-0010
  17. 17.
    Zheng, Q., Xu, S.: Verifiable delegated set intersection operations on outsourced encrypted data. In: Proceedings of 2015 IEEE International Conference on Cloud Engineering, IC2E 2015, Tempe, AZ, USA, pp. 175–184, 9–13 March 2015.  https://doi.org/10.1109/IC2E.2015.38

Copyright information

© IFIP International Federation for Information Processing 2018

Authors and Affiliations

  1. 1.EURECOMBiotFrance

Personalised recommendations