Paper 2024/1146

Breaking Free: Efficient Multi-Party Private Set Union Without Non-Collusion Assumptions

Minglang Dong
Yu Chen, School of Cyber Science and Technology, Shandong University, Qingdao 266237, China
Cong Zhang, Institute for Advanced Study, BNRist, Tsinghua University, Beijing, China
Yujie Bai, School of Cyber Science and Technology, Shandong University, Qingdao 266237, China
Abstract

Multi-party private set union (MPSU) protocol enables $m$ $(m > 2)$ parties, each holding a set, to collectively compute the union of their sets without revealing any additional information to other parties. There are two main categories of MPSU protocols: The first builds on public-key techniques. All existing works in this category involve a super-linear number of public-key operations, resulting in poor practical efficiency. The second builds on oblivious transfer and symmetric-key techniques. The only existing work in this category is proposed by Liu and Gao (ASIACRYPT 2023), which features the best concrete performance among all existing protocols, despite its super-linear computation and communication. Unfortunately, it does not achieve the standard semi-honest security, as it inherently relies on a non-collusion assumption, which is unlikely to hold in practice. Therefore, the problem of constructing a practical MPSU protocol based on oblivious transfer and symmetric-key techniques in standard semi-honest model remains open. Furthermore, there is no MPSU protocol achieving both linear computation and linear communication complexity, which leaves another unresolved problem. In this work, we resolve these two open problems. - We propose the first MPSU protocol based on oblivious transfer and symmetric-key techniques in the standard semi-honest model. This protocol is $4.9-9.3 \times$ faster than Liu and Gao in the LAN setting. Concretely, our protocol requires only $3.6$ seconds in online phase for 3 parties with sets of $2^{20}$ items each. - We propose the first MPSU protocol achieving both linear computation and linear communication complexity, based on public-key operations. This protocol has the lowest overall communication costs and shows a factor of $3.0-36.5\times$ improvement in terms of overall communication compared to Liu and Gao. We implement our protocols and conduct an extensive experiment to compare the performance of our protocols and the state-of-the-art. To the best of our knowledge, our implementation is the first correct and secure implementation of MPSU that reports on large-size experiments.

Note: This paper is also available at https://arxiv.org/abs/2406.07011.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Preprint.
Keywords
Multi-Party Private Set Union
Contact author(s)
minglang_dong @ mail sdu edu cn
yuchen @ sdu edu cn
zhangcong @ mail tsinghua edu cn
baiyujie @ mail sdu edu cn
History
2024-07-15: approved
2024-07-15: received
See all versions
Short URL
https://ia.cr/2024/1146
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2024/1146,
      author = {Minglang Dong and Yu Chen and Cong Zhang and Yujie Bai},
      title = {Breaking Free: Efficient Multi-Party Private Set Union Without Non-Collusion Assumptions},
      howpublished = {Cryptology ePrint Archive, Paper 2024/1146},
      year = {2024},
      note = {\url{https://eprint.iacr.org/2024/1146}},
      url = {https://eprint.iacr.org/2024/1146}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.