Abstract
Consider two organizations that wish to privately match data. They want to find common data elements (or perform a join) over two databases without revealing private information. This was the premise of a recent paper by Agrawal, Evfimievski, and Srikant. We show that Agrawal et al. only examined one point in a much larger problem set and we critique their results. We set the problem in a broader context by considering three independent design criteria and two independent threat model factors, for a total of five orthogonal dimensions of analysis.
Novel contributions include a taxonomy of design criteria for private matching, a secure data ownership certificate that can attest to the proper ownership of data in a database, a set of new private matching protocols for a variety of different scenarios together with a full security analysis. We conclude with a list of open problems in the area.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Agrawal, R., Evfimievski, A., and Srikant, R. (2003). Information sharing across private databases. In Proceedings of the 2003 ACM SIGMOD Int'l Conf. on Management of Data, San Diego, CA.
Agrawal, Rakesh, Kiernan, Jerry, Srikant, Ramakrishnan, and Xu, Yirong (2002). Hippocratic databases. In 28th Int'l Conf. on Very Large Databases (VLDB), Hong Kong.
Beimel, Amos and Ishai, Yuval (2001). Information-theoretic private information retrieval: A unified construction. Lecture Notes in Computer Science, 2076.
Bellare, M., Canetti, Ran, and Krawczyk, Hugo (1996). Keying hash functions for message authentication. In Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology table of contents, pages 1–15. Lecture Notes In Computer Science archive.
Boneh, D. and Franklin, M. (2004). Public key encryption with keyword search. In Eurocrypt 2004, LNCS 3027, pages 56–73.
Cachin, Christian, Micali, Silvio, and Stadler, Markus (1999). Computationally private information retrieval with polylogarithmic communication. Lecture Notes in Computer Science, 1592.
Canetti, Ran (1996). Studies in Secure Multiparty Computation and Applications. PhD thesis, The Weizmann Institute of Science.
Chor, Benny, Goldreich, Oded, Kushilevitz, Eyal, and Sudan, Madhu (1995). Private information retrieval. In IEEE Symposium on Foundations of Computer Science, pages 41–50.
Gertner, Yael, Ishai, Yuval, Kushilevitz, Eyal, and Malkin, Tal (1998). Protecting data privacy in private information retrieval schemes. In The Thirtieth Annual ACM Symposium on Theory of Computing, pages 151–160.
Goldreich, O., Micali, S., and Wigderson, A. (1987). How to play any mental game. In Proc. of 19th STOC, pages 218–229.
Goldreich, Oded (2002). Secure multi-party computation. Final (incomplete) draft, version 1.4.
Huberman, B. A., Franklin, M., and Hogg, T. (1999). Enhancing privacy and trust in electronic communities. In ACM Conference on Electronic Commerce, pages 78–86.
Johnson, Robert, Molnar, David, Song, Dawn Xiaodong, and Wagner, David (2002). Homomorphic signature schemes. In CT-RSA, pages 244–262.
Kalyanasundaram, B. and Schnitger, G. (1992). The probabilistic communication complexity of set intersection. SIAM J. Discrete Mathematics.
Menezes, A., van Oorschot, P., and Vanstone, S (1996). Handbook of applied cryptography. CRC Press.
Parliament, European (1995). Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data.
Song, Dawn Xiaodong, Wagner, David, and Perrig, Adrian (2000). Practical techniques for searches on encrypted data. In IEEE Symposium on Security and Privacy, pages 44–55.
Waters, Brent R., Balfanz, Dirk, Durfee, Glenn, and Smetters, D.K. (2004). Building an encrypted and searchable audit log. In The 11th Annual Network and Distributed System Security Symposium.
Yao., A.C. (1986). How to generate and exchange secrets. In In Proceedings of the 27th IEEE Symposium on Foundations of Computer Science, pages 162–167.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer Science+Business Media, Inc.
About this chapter
Cite this chapter
Li, Y., Tygar, J.D., Hellerstein, J.M. (2005). Private Matching. In: Lee, D.T., Shieh, S.P., Tygar, J.D. (eds) Computer Security in the 21st Century. Springer, Boston, MA. https://doi.org/10.1007/0-387-24006-3_3
Download citation
DOI: https://doi.org/10.1007/0-387-24006-3_3
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-24005-3
Online ISBN: 978-0-387-24006-0
eBook Packages: Computer ScienceComputer Science (R0)