Results 1  10
of
40
Privacypreserving set operations
 in Advances in Cryptology  CRYPTO 2005, LNCS
, 2005
"... In many important applications, a collection of mutually distrustful parties must perform private computation over multisets. Each party’s input to the function is his private input multiset. In order to protect these private sets, the players perform privacypreserving computation; that is, no part ..."
Abstract

Cited by 161 (0 self)
 Add to MetaCart
In many important applications, a collection of mutually distrustful parties must perform private computation over multisets. Each party’s input to the function is his private input multiset. In order to protect these private sets, the players perform privacypreserving computation; that is, no party learns more information about other parties ’ private input sets than what can be deduced from the result. In this paper, we propose efficient techniques for privacypreserving operations on multisets. By employing the mathematical properties of polynomials, we build a framework of efficient, secure, and composable multiset operations: the union, intersection, and element reduction operations. We apply these techniques to a wide range of practical problems, achieving more efficient results than those of previous work.
Location privacy via private proximity testing
 In NDSS
, 2011
"... We study privacypreserving tests for proximity: Alice can test if she is close to Bob without either party revealing any other information about their location. We describe several secure protocols that support private proximity testing at various levels of granularity. We study the use of “locatio ..."
Abstract

Cited by 53 (1 self)
 Add to MetaCart
(Show Context)
We study privacypreserving tests for proximity: Alice can test if she is close to Bob without either party revealing any other information about their location. We describe several secure protocols that support private proximity testing at various levels of granularity. We study the use of “location tags ” generated from the physical environment in order to strengthen the security of proximity testing. We implemented our system on the Android platform and report on its effectiveness. Our system uses a social network (Facebook) to manage user public keys. 1
Efficient robust private set intersection
 IN: ACNS
, 2009
"... Computing Set Intersection privately and efficiently between two mutually mistrusting parties is an important basic procedure in the area of private data mining. Assuring robustness, namely, coping with potentially arbitrarily misbehaving (i.e., malicious) parties, while retaining protocol efficien ..."
Abstract

Cited by 46 (1 self)
 Add to MetaCart
(Show Context)
Computing Set Intersection privately and efficiently between two mutually mistrusting parties is an important basic procedure in the area of private data mining. Assuring robustness, namely, coping with potentially arbitrarily misbehaving (i.e., malicious) parties, while retaining protocol efficiency (rather than employing costly generic techniques) is an open problem. In this work the first solution to this problem is presented.
Verifiable homomorphic oblivious transfer and private equality test
 In Proc. of Asiacrypt
, 2003
"... Abstract. We describe slightly modified version (that we call the HOT protocol) of the AielloIshaiReingold oblivious transfer protocol from Eurocrypt 2001. In particular, the HOT protocol will be what we call weakly secure when coupled with many different homomorphic semantically secure publickey ..."
Abstract

Cited by 43 (2 self)
 Add to MetaCart
(Show Context)
Abstract. We describe slightly modified version (that we call the HOT protocol) of the AielloIshaiReingold oblivious transfer protocol from Eurocrypt 2001. In particular, the HOT protocol will be what we call weakly secure when coupled with many different homomorphic semantically secure publickey cryptosystems. Based on the HOT protocol, we construct an efficient verifiable oblivious transfer protocol and an efficient verifiable private equality test. As a concrete application of our results, we propose a novel protocol called proxy verifiable private equality test, and apply it to a cryptographic auction scheme to improve its security.
A secure distributed framework for achieving kanonymity
"... kanonymity provides a measure of privacy protection by preventing reidentification of data to fewer than a group of k data items. While algorithms exist for producing kanonymous data, the model has been that of a single source wanting to publish data. Due to privacy issues, it is common that data ..."
Abstract

Cited by 39 (0 self)
 Add to MetaCart
kanonymity provides a measure of privacy protection by preventing reidentification of data to fewer than a group of k data items. While algorithms exist for producing kanonymous data, the model has been that of a single source wanting to publish data. Due to privacy issues, it is common that data from different sites cannot be shared directly. Therefore, this paper presents a twoparty framework along with an application that generates kanonymous data from two vertically partitioned sources without disclosing data from one site to the other. The framework is privacy preserving in the sense that it satisfies the secure definition commonly defined in the literature of Secure Multiparty Computation.
Private intersection of certified sets
 IN: FINANCIAL CRYPTOGRAPHY AND DATA SECURITY
, 2009
"... This paper introduces certified sets to the private set intersection problem. A private set intersection protocol allows Alice and Bob to jointly compute the set intersection function without revealing their input sets. Since the inputs are private, malicious participants may choose their sets arbi ..."
Abstract

Cited by 36 (1 self)
 Add to MetaCart
(Show Context)
This paper introduces certified sets to the private set intersection problem. A private set intersection protocol allows Alice and Bob to jointly compute the set intersection function without revealing their input sets. Since the inputs are private, malicious participants may choose their sets arbitrarily and may use this flexibility to affect the result or learn more about the input of an honest participant. With certified sets, a trusted party ensures the inputs are valid and binds them to each participant. The strength of the malicious model with certified inputs increases the applicability of private set intersection to real world problems. With respect to efficiency the new certified set intersection protocol improves existing malicious model private set intersection protocols by a constant factor.
Resource Fairness and Composability of Cryptographic Protocols
 In Cryptology ePrint Archive, http://eprint.iacr.org/2005/370
"... Abstract. We introduce the notion of resourcefair protocols. Informally, this property states that if one party learns the output of the protocol, then so can all other parties, as long as they expend roughly the same amount of resources. As opposed to similar previously proposed definitions, our d ..."
Abstract

Cited by 30 (2 self)
 Add to MetaCart
Abstract. We introduce the notion of resourcefair protocols. Informally, this property states that if one party learns the output of the protocol, then so can all other parties, as long as they expend roughly the same amount of resources. As opposed to similar previously proposed definitions, our definition follows the standard simulation paradigm and enjoys strong composability properties. In particular, our definition is similar to the security definition in the universal composability (UC) framework, but works in a model that allows any party to request additional resources from the environment to deal with dishonest parties that may prematurely abort. In this model we specify the ideally fair functionality as allowing parties to “invest resources ” in return for outputs, but in such an event offering all other parties a fair deal. (The formulation of fair dealings is kept independent of any particular functionality, by defining it using a “wrapper.”) Thus, by relaxing the notion of fairness, we avoid a wellknown impossibility result for fair multiparty computation with corrupted majority; in particular, our definition admits constructions that tolerate arbitrary number of corruptions. We also show that, as in the UC framework, protocols in our framework may be arbitrarily and concurrently composed. Turning to constructions, we define a “commitprovefairopen ” functionality and design an efficient resourcefair protocol that securely realizes it, using a new variant of a cryptographic primitive known as “timelines.” With (the fairly wrapped version of) this functionality we show that some of the existing secure multiparty computation protocols can be easily transformed into resourcefair protocols while preserving their security. 1
Efficient cryptographic protocol design based on distributed El Gamal encryption
 In Proceedings of 8th International Conference on Information Security and Cryptology (ICISC
, 2005
"... Abstract. We propose a set of primitives based on El Gamal encryption that can be used to construct efficient multiparty computation protocols for certain lowcomplexity functions. In particular, we show how to privately count the number of true Boolean disjunctions of literals and pairwise exclusiv ..."
Abstract

Cited by 28 (0 self)
 Add to MetaCart
(Show Context)
Abstract. We propose a set of primitives based on El Gamal encryption that can be used to construct efficient multiparty computation protocols for certain lowcomplexity functions. In particular, we show how to privately count the number of true Boolean disjunctions of literals and pairwise exclusive disjunctions of literals. Applications include efficient twoparty protocols for computing the Hamming distance of two bitstrings and the greaterthan function. The resulting protocols only require 6 rounds of interaction (in the random oracle model) and their communication complexity is O(kQ) where k is the length of bitstrings and Q is a security parameter. The protocols are secure against active adversaries but do not provide fairness. Security relies on the decisional DiffieHellman assumption and error probability is negligible in Q. 1
Private and Threshold SetIntersection
 In Advances in Cryptology – CRYPTO ’05
, 2004
"... In this paper we consider the problem of privately computing the intersection of sets (setintersection), as well as several variations on this problem: cardinality setintersection, threshold setintersection, and overthreshold setintersection. Cardinality setintersection is the problem of deter ..."
Abstract

Cited by 22 (2 self)
 Add to MetaCart
(Show Context)
In this paper we consider the problem of privately computing the intersection of sets (setintersection), as well as several variations on this problem: cardinality setintersection, threshold setintersection, and overthreshold setintersection. Cardinality setintersection is the problem of determining the size of the intersection set, without revealing the actual threshold set. In threshold setintersection, only the elements which appear at least a threshold number t times in the players' private inputs are revealed. Overthreshold setintersection is a variation on threshold setintersection in which not only the threshold set is revealed, but also the number of times each element in the threshold set appeared in the private inputs. We propose protocols that are more...