Secure Set Intersection with Untrusted Hardware Tokens
Secure set intersection protocols are the core building block for a manifold of privacy-preserving applications.
In a recent work, Hazay and Lindell (ACM CCS 2008) introduced the idea of using trusted hardware tokens for the set intersection problem, devising protocols which improve over previous (in the standard model of two-party computation) protocols in terms of efficiency and secure composition. Their protocol uses only a linear number of symmetrickey computations and the amount of data stored in the token does not depend on the sizes of the sets. The security proof of the protocol is in the universal composability model and is based on the strong assumption that the token is trusted by both parties.
In this paper we revisit the idea and model of hardware-based secure set intersection, and in particular consider a setting where tokens are not necessarily trusted by both participants to additionally cover threats like side channel attacks, firmware trapdoors and malicious hardware. Our protocols are very efficient and achieve the same level of security as those by Hazay and Lindell for trusted tokens. For untrusted tokens, our protocols ensure privacy against malicious adversaries, and correctness facing covert adversaries.
Keywordscryptographic protocols set intersection untrusted hardware
Unable to display preview. Download preview PDF.
- 1.Hazay, C., Lindell, Y.: Constructions of truly practical secure protocols using standard smartcards. In: CCS 2008, pp. 491–500. ACM, New York (2008)Google Scholar
- 2.Canetti, R.: Universally composable security: A new paradigm for cryptographic protocols. In: FOCS 2001, pp. 136–145 (2001)Google Scholar
- 3.Sharangpani, H.P., Barton, M.L.: Statistical analysis of floating point flaw in the PentiumTMprocessor. White paper, Intel Corporation (1994)Google Scholar
- 5.Security, H.: Hacker extracts crypto key from TPM chip (2010), http://www.h-online.com/security/news/item/Hacker-extracts-crypto-key-from-TPM-chip-927077.html
- 10.Ateniese, G., De Cristofaro, E., Tsudik, G.: (If) size matters: Size-hiding private set intersection. Cryptology ePrint Archive, Report 2010/220 (2010), http://eprint.iacr.org/
- 11.Sang, Y., Shen, H.: Privacy preserving set intersection protocol secure against malicious behaviors. In: PDCAT 2007, pp. 461–468. IEEE Computer Society, Los Alamitos (2007)Google Scholar
- 20.Iliev, A., Smith, S.: More efficient secure function evaluation using tiny trusted third parties. Technical Report TR2005-551, Dartmouth College, Computer Science, Hanover, NH (2005)Google Scholar
- 21.Hofheinz, D., Müller-Quade, J., Unruh, D.: Universally composable zero-knowledge arguments and commitments from signature cards. In: MoraviaCrypt 2005 (2005)Google Scholar