Private Membership Test for Bloom Filters

Meskanen, Tommi; Liu, Jian; Ramezanian, Sara; Niemi, Valtteri

doi:10.1109/trustcom.2015.414

Cited by 13 publications

(11 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…[45,57] provide another construction based on the Goldwasser-Micali homomorphic encryption scheme. However, their protocol reveals several bits of the BF for each query, and clients can learn information from these bits.…”

Section: Related Work On Psimentioning

confidence: 99%

Private Set Intersection for Unequal Set Sizes with Mobile Applications

Kiss

Liu

Schneider

et al. 2017

Proceedings on Privacy Enhancing Technologies

Self Cite

View full text Add to dashboard Cite

Private set intersection (PSI) is a cryptographic technique that is applicable to many privacysensitive scenarios. For decades, researchers have been focusing on improving its efficiency in both communication and computation. However, most of the existing solutions are inefficient for an unequal number of inputs, which is common in conventional client-server settings.In this paper, we analyze and optimize the efficiency of existing PSI protocols to support precomputation so that they can efficiently deal with such input sets. We transform four existing PSI protocols into the precomputation form such that in the setup phase the communication is linear only in the size of the larger input set, while in the online phase the communication is linear in the size of the smaller input set. We implement all four protocols and run experiments between two PCs and between a PC and a smartphone and give a systematic comparison of their performance. Our experiments show that a protocol based on securely evaluating a garbled AES circuit achieves the fastest setup time by several orders of magnitudes, and the fastest online time in the PC setting where AES-NI acceleration is available. In the mobile setting, the fastest online time is achieved by a protocol based on the Diffie-Hellman assumption.

show abstract

Section: Related Work On Psimentioning

confidence: 99%

Private Set Intersection for Unequal Set Sizes with Mobile Applications

Kiss

Liu

Schneider

et al. 2017

Proceedings on Privacy Enhancing Technologies

Self Cite

View full text Add to dashboard Cite

show abstract

“…This general specification can be met with a private setmembership-test protocol. Though several such protocols exist (e.g., [25], [26], [27], [28]), we develop a new one here with an interaction pattern and threat model that is better suited for our framework. In particular, existing protocols require special hardware [27] or more rounds of interaction [25], [26], or leak more information in our threat model [25], [26], [28] than the one we present.…”

Section: Privately Testing Set Membershipmentioning

confidence: 99%

“…Though several such protocols exist (e.g., [25], [26], [27], [28]), we develop a new one here with an interaction pattern and threat model that is better suited for our framework. In particular, existing protocols require special hardware [27] or more rounds of interaction [25], [26], or leak more information in our threat model [25], [26], [28] than the one we present. Our protocol is built on principles similar to a set-intersection cardinality protocol due to Egert et al [29,Section 4.4], though we (i) reduce the information it conveys to only the results of a membership test, versus the cardinality of a set intersection, and (ii) analyze its privacy properties in the face of malicious behavior by a requester or responder (versus only an honest-but-curious participant in their work), accounting for leakage intrinsic in the application for which we use it here.…”

Section: Privately Testing Set Membershipmentioning

confidence: 99%

How to End Password Reuse on the Web

Wang

Reiter

2019

Proceedings 2019 Network and Distributed System Security Symposium

View full text Add to dashboard Cite

We present a framework by which websites can coordinate to make it difficult for users to set similar passwords at these websites, in an effort to break the culture of password reuse on the web today. Though the design of such a framework is fraught with risks to users' security and privacy, we show that these risks can be effectively mitigated through careful scoping of the goals for such a framework and through principled design. At the core of our framework is a private set-membershiptest protocol that enables one website to determine, upon a user setting a password for use at it, whether that user has already set a similar password at another website, but with neither side disclosing to the other the password(s) it employs in the protocol. Our framework then layers over this protocol a collection of techniques to mitigate the leakage necessitated by such a test. These mechanisms are consistent with common user experience today, and so our framework should be unobtrusive to users who do not reuse similar passwords across websites (e.g., due to having adopted a password manager). Through a working implementation of our framework and optimization of its parameters based on insights of how passwords tend to be reused, we show that our design can meet the scalability challenges facing such a service.

show abstract

“…Another approach for implementing PMT is to have the server offload some data to the user (retaining the same order) in the offline phase. This allows constant communication and computation for each query in the online phase [24,23]. However, the drawback is that it prevents the dataset from being updated frequently, which is a critical requirement for a malware checking use case.…”

Section: Related Workmentioning

confidence: 99%

The Circle Game

Tamrakar

Liu

Paverd

et al. 2017

Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security

Self Cite

View full text Add to dashboard Cite

Malware checking is changing from being a local service to a cloudassisted one where users' devices query a cloud server, which hosts a dictionary of malware signatures, to check if particular applications are potentially malware. Whilst such an architecture gains all the benefits of cloud-based services, it opens up a major privacy concern since the cloud service can infer personal traits of the users based on the lists of applications queried by their devices. Private membership test (PMT) schemes can remove this privacy concern. However, known PMT schemes do not scale well to a large number of simultaneous users and high query arrival rates.We propose a simple PMT approach using a carousel: circling the entire dictionary through trusted hardware on the cloud server. Users communicate with the trusted hardware via secure channels. We show how the carousel approach, using different data structures to represent the dictionary, can be realized on two different commercial hardware security architectures (ARM TrustZone and Intel SGX). We highlight subtle aspects of securely implementing seemingly simple PMT schemes on these architectures. Through extensive experimental analysis, we show that for the malware checking scenario our carousel approach surprisingly outperforms Path ORAM on the same hardware by supporting a much higher query arrival rate while guaranteeing acceptable response latency for individual queries.

show abstract

Private Membership Test for Bloom Filters

Cited by 13 publications

References 18 publications

Private Set Intersection for Unequal Set Sizes with Mobile Applications

Private Set Intersection for Unequal Set Sizes with Mobile Applications

How to End Password Reuse on the Web

The Circle Game

Contact Info

Product

Resources

About