Private Matching

  • Yaping Li
  • J. D. Tygar
  • Joseph M. Hellerstein


Consider two organizations that wish to privately match data. They want to find common data elements (or perform a join) over two databases without revealing private information. This was the premise of a recent paper by Agrawal, Evfimievski, and Srikant. We show that Agrawal et al. only examined one point in a much larger problem set and we critique their results. We set the problem in a broader context by considering three independent design criteria and two independent threat model factors, for a total of five orthogonal dimensions of analysis.

Novel contributions include a taxonomy of design criteria for private matching, a secure data ownership certificate that can attest to the proper ownership of data in a database, a set of new private matching protocols for a variety of different scenarios together with a full security analysis. We conclude with a list of open problems in the area.


Threat Model Security Goal Private Information Retrieval Credit Card Number Spoof Attack 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [Agrawal et al., 2003]
    Agrawal, R., Evfimievski, A., and Srikant, R. (2003). Information sharing across private databases. In Proceedings of the 2003 ACM SIGMOD Int'l Conf. on Management of Data, San Diego, CA.Google Scholar
  2. [Agrawal et al., 2002]
    Agrawal, Rakesh, Kiernan, Jerry, Srikant, Ramakrishnan, and Xu, Yirong (2002). Hippocratic databases. In 28th Int'l Conf. on Very Large Databases (VLDB), Hong Kong.Google Scholar
  3. [Beimel and Ishai, 2001]
    Beimel, Amos and Ishai, Yuval (2001). Information-theoretic private information retrieval: A unified construction. Lecture Notes in Computer Science, 2076.Google Scholar
  4. [Bellare et al., 1996]
    Bellare, M., Canetti, Ran, and Krawczyk, Hugo (1996). Keying hash functions for message authentication. In Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology table of contents, pages 1–15. Lecture Notes In Computer Science archive.Google Scholar
  5. [Boneh and Franklin, 2004]
    Boneh, D. and Franklin, M. (2004). Public key encryption with keyword search. In Eurocrypt 2004, LNCS 3027, pages 56–73.Google Scholar
  6. [Cachin et al., 1999]
    Cachin, Christian, Micali, Silvio, and Stadler, Markus (1999). Computationally private information retrieval with polylogarithmic communication. Lecture Notes in Computer Science, 1592.Google Scholar
  7. [Canetti, 1996]
    Canetti, Ran (1996). Studies in Secure Multiparty Computation and Applications. PhD thesis, The Weizmann Institute of Science.Google Scholar
  8. [Chor et al., 1995]
    Chor, Benny, Goldreich, Oded, Kushilevitz, Eyal, and Sudan, Madhu (1995). Private information retrieval. In IEEE Symposium on Foundations of Computer Science, pages 41–50.Google Scholar
  9. [Gertner et al., 1998]
    Gertner, Yael, Ishai, Yuval, Kushilevitz, Eyal, and Malkin, Tal (1998). Protecting data privacy in private information retrieval schemes. In The Thirtieth Annual ACM Symposium on Theory of Computing, pages 151–160.Google Scholar
  10. [Goldreich et al., 1987]
    Goldreich, O., Micali, S., and Wigderson, A. (1987). How to play any mental game. In Proc. of 19th STOC, pages 218–229.Google Scholar
  11. [Goldreich, 2002]
    Goldreich, Oded (2002). Secure multi-party computation. Final (incomplete) draft, version 1.4.Google Scholar
  12. [Huberman et al., 1999]
    Huberman, B. A., Franklin, M., and Hogg, T. (1999). Enhancing privacy and trust in electronic communities. In ACM Conference on Electronic Commerce, pages 78–86.Google Scholar
  13. [Johnson et al., 2002]
    Johnson, Robert, Molnar, David, Song, Dawn Xiaodong, and Wagner, David (2002). Homomorphic signature schemes. In CT-RSA, pages 244–262.Google Scholar
  14. [Kalyanasundaram and Schnitger, 1992]
    Kalyanasundaram, B. and Schnitger, G. (1992). The probabilistic communication complexity of set intersection. SIAM J. Discrete Mathematics.Google Scholar
  15. [Menezes et al., 1996]
    Menezes, A., van Oorschot, P., and Vanstone, S (1996). Handbook of applied cryptography. CRC Press.Google Scholar
  16. [Parliament, 1995]
    Parliament, European (1995). Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data.Google Scholar
  17. [Song et al., 2000]
    Song, Dawn Xiaodong, Wagner, David, and Perrig, Adrian (2000). Practical techniques for searches on encrypted data. In IEEE Symposium on Security and Privacy, pages 44–55.Google Scholar
  18. [Waters et al., 2004]
    Waters, Brent R., Balfanz, Dirk, Durfee, Glenn, and Smetters, D.K. (2004). Building an encrypted and searchable audit log. In The 11th Annual Network and Distributed System Security Symposium.Google Scholar
  19. [Yao., 1986]
    Yao., A.C. (1986). How to generate and exchange secrets. In In Proceedings of the 27th IEEE Symposium on Foundations of Computer Science, pages 162–167.Google Scholar

Copyright information

© Springer Science+Business Media, Inc. 2005

Authors and Affiliations

  • Yaping Li
    • 1
  • J. D. Tygar
    • 1
  • Joseph M. Hellerstein
    • 2
  1. 1.UC BerkeleyBerkeley
  2. 2.Intel Research BerkeleyUC BerkeleyBerkeley

Personalised recommendations