A Secure and Lightweight Multi-Party Private Intersection-Sum Scheme over a Symmetric Cryptosystem
Abstract
:1. Introduction
- We propose a secure and lightweight multi-party private intersection-sum scheme, called SLMP-PIS, which avoids the data privacy leakage problem of only repeatedly conducting existing two-party PIS schemes.
- SLMP-PIS is client-agnostic. The requester can ask the cloud server to obtain the computation result without the help of data owners, and data owners can maintain their offline status as long as their data have been outsourced securely to the cloud.
- SLMP-PIS is based on symmetric cryptosystem only. Therefore, the larger the number of participants, the more efficient SLMP-PIS is. Specifically, when the number of participants is five, the efficiency can be increased by 22.98%.
2. Related Work
3. Preliminaries
3.1. Oblivious Transfer
- (1)
- Receiver’s indistinguishability security. For any and for any probabilistic polynomial time (PPT) adversary executing the sender’s part, the views that sees in case the receiver tries to obtain and in case the receiver tries to obtain are computationally indistinguishable given and .
- (2)
- Sender’s indistinguishability security.For any adversary substituting the receiver and a simulator playing the receiver’s role in the ideal model, the outputs of and are statistically indistinguishable given and .
3.2. Oblivious Pseudorandom Function
3.3. Arithmetic Sharing
- Shared Values: on input secret , output sharing values satisfying .
- Sharing: chooses and sets . Then, sends r to , that is, .
- Reconstruction: sends to , which computes .
4. Problem Formulations
4.1. System Model
- (1)
- Requester. The Re is responsible for submitting the processed data set to CS. In addition, the Re obtains the sharing value of the intersection-sum from the CS and computes the private intersection-sum result.
- (2)
- Cloud Server. The CS acts as a connection between the Re and DOs. After receiving the processed data set from the Re, the CS assists the DOs in performing data processing and obtaining the processed data sets from the DOs. In addition, the CS computes the sharing value of the intersection-sum and sends it to the Re.
- (3)
- Data Owners. Each DO holds a private set of data, and additionally holds a private integer value associated with each element. Each DO is responsible for submitting the processed data set to the CS.
4.2. Adversary Model
- (1)
- ,, and may eavesdrop on all communication links to obtain data owned by participants.
- (2)
- may compromise the CS to learn the data of the Re.
- (3)
- may compromise the CS to learn the DOs’ data and associated values, or compromise one DO to learn the data and associated values of the other DOs.
- (4)
- may compromise the CS and DOs to obtain the intersection-sum result.
5. The Protocol Framework
5.1. Initialization
5.2. Outsourcing Request
- (1)
- Generate the pseudorandom function value. The Re computes the pseudorandom function value of the data based on the group key K; namely, .
- (2)
- Generate the intersection sharing value. For each datum , the Re first computes the pseudorandom function value based on the symmetric key ; namely, . Then, the Re XORs multiple according to the formula (1) to generate the intersection sharing value :
- (3)
- Generate ciphertext and verification information for pseudorandom function values and intersection sharing values. The Re calculates the ciphertext and the root of the Merkle tree according to the formula (2) based on pseudorandom function values and intersection sharing values :
Algorithm 1 Re’s data processing |
|
5.3. Data Submission
Algorithm 2 DO’s Data Processing |
|
- (1)
- Generate calculation value. For each datum , the DO first computes the pseudorandom function value based on the group key K; namely, . Then, the DO chooses a random number for associated datum and encrypts the difference between and based on to generate the calculation value ; namely, .
- (2)
- Generate intersection sharing value. For each datum , the DO first computes the pseudorandom function value based on the symmetric key negotiated with the Re and other DOs ; namely, . Then, the DO XORs multiple according to the formula (5) to generate the intersection sharing value :
- (3)
- Generate calculation sharing value. For each datum , the DO chooses a random number and generates calculation sharing value based on the symmetric key negotiated with the Re; namely, .
Algorithm 3 Obtaining Shared Values |
|
- (1)
- The CS and DO perform an oblivious pseudorandom function algorithm . First, the CS takes the pseudorandom function value .Then, as the output of , the DO receives the key , and the CS receives the value corresponding to ; namely, . In particular, the CS can only obtain corresponding to , and cannot obtain the key .
- (2)
- The DO generates an oblivious pseudorandom function value. Based on the output by and the pseudorandom function value , the DO generates the corresponding oblivious pseudorandom function value ; namely, .
- (3)
- The DO generates the hash table T. Firstly, the DO generates hash value based on the oblivious pseudorandom function value ; namely, . Then, is generated based on and intersection sharing value ; namely, . In addition, for the binary bit string , but not in , the DO selects the random number r as corresponding to . Finally, the DO encrypts H and generates based on the session key , where . The DO takes as two columns to generate a hash table T and sends it to the CS.
- (4)
- The CS obtains the intersection sharing value. Firstly, the CS obtains the hash table T based on and . Then, based on the oblivious pseudorandom function value and T, the CS obtains the intersection sharing value ; namely, . According to the steps of the DO generation hash table T, it can be proven that satisfies the formula (6):
5.4. Outsourcing Response
- (1)
- Compute private set intersection. The CS, according to formula (7), executes XOR based on the intersection sharing value generated by the Re and , which is obtained by the interaction with each , and then generates . If , then the datum belong to the set intersection; namely, :
- (2)
- Compute private intersection-sum. The CS decrypts the calculation value based on pseudorandom function value ; namely, . Then, the CS sums multiple calculation values to obtain .
- (3)
- Generate the ciphertext of the private sum result. Based on the private intersection-sum result and the session key negotiated with the Re, the CS generates the ciphertext of the private sum result; namely, . Then, the CS generates based on calculated sharing values corresponding to the intersection data and sends to the Re.
Algorithm 4 Private Sum Computation |
|
6. Security Analysis
6.1. Security of Re’s Data
6.2. Security of DOs’ Data
6.3. Security of Intersection-Sum Result
7. Performance Analysis
7.1. Experimental Settings
7.2. Experimental Results
7.2.1. Computational Costs in Different Phases
7.2.2. The Effect of and
7.2.3. Online and Offline
7.2.4. Comparison with Related Work
8. Conclusions
Author Contributions
Funding
Institutional Review Board Statement
Informed Consent Statement
Data Availability Statement
Conflicts of Interest
References
- Sun, L.; Gupta, R.K.; Sharma, A. Review and potential for artificial intelligence in healthcare. Int. J. Syst. Assur. Eng. Manag. 2022, 13, 54–62. [Google Scholar]
- Boute, R.N.; Gijsbrechts, J.; Van Mieghem, J.A. Digital lean operations: Smart automation and artificial intelligence in financial services. In Innovative Technology at the Interface of Finance and Operations; Springer: Cham, Switzerland, 2022; pp. 175–188. [Google Scholar]
- Ye, H.; Liu, J.; Wang, W.; Li, P.; Li, T.; Li, J. Secure and efficient outsourcing differential privacy data release scheme in cyber–physical system. Future Gener. Comput. Syst. 2020, 108, 1314–1323. [Google Scholar] [CrossRef]
- Li, T.; Li, J.; Liu, Z.; Li, P.; Jia, C. Differentially private Naive Bayes learning over multiple data sources. Inf. Sci. 2018, 444, 89–104. [Google Scholar] [CrossRef]
- Heidari, A.; Jabraeil Jamali, M.A. Internet of Things intrusion detection systems: A comprehensive review and future directions. Clust. Comput. 2022. [Google Scholar] [CrossRef]
- Heidari, A.; Navimipour, N.J.; Unal, M.; Zhang, G. Machine Learning Applications in Internet-of-Drones: Systematic Review, Recent Deployments, and Open Issues. ACM Comput. Surv. 2022. [Google Scholar] [CrossRef]
- Li, Y.; Jiang, Z.L.; Wang, X.; Fang, J.; Zhang, E.; Wang, X. Securely outsourcing ID3 decision tree in cloud computing. Wirel. Commun. Mob. Comput. 2018, 2018, 2385150. [Google Scholar] [CrossRef]
- Xie, R.; He, C.; Xie, D.; Gao, C.; Zhang, X. A secure ciphertext retrieval scheme against insider kgas for mobile devices in cloud storage. Secur. Commun. Netw. 2018, 2018, 7254305. [Google Scholar]
- Cai, Z.; Yan, H.; Li, P.; Huang, Z.A.; Gao, C. Towards secure and flexible EHR sharing in mobile health cloud under static assumptions. Clust. Comput. 2017, 20, 2415–2422. [Google Scholar] [CrossRef]
- Zhu, Y.; Zhang, Y.; Li, X.; Yan, H.; Li, J. Improved collusion-resisting secure nearest neighbor query over encrypted data in cloud. Concurr. Comput. Pract. Exp. 2019, 31, e4681. [Google Scholar] [CrossRef]
- Althobaiti, O.S.; Mahmoodi, T.; Dohler, M. Intelligent Bio-Latticed Cryptography: A Quantum-Proof Efficient Proposal. Symmetry 2022, 14, 2351. [Google Scholar] [CrossRef]
- Khan, N.U.; Shah, M.A.; Maple, C.; Ahmed, E.; Asghar, N. Traffic Flow Prediction: An Intelligent Scheme for Forecasting Traffic Flow Using Air Pollution Data in Smart Cities with Bagging Ensemble. Sustainability 2022, 14, 4164. [Google Scholar]
- Makin, S.; Brack, C.; Kynn, M.; Murchie, P. 1013 DIAGNOSTIC TEST ACCURACY OF FRAILTY SCREENING TOOLS USING DATA IN ELECTRONIC PRIMARY CARE RECORDS. Age Ageing 2022, 51, 005. [Google Scholar]
- Huang, H. Cryptosystems Based on Tropical Congruent Transformation of Symmetric Matrices. Symmetry 2022, 14, 2378. [Google Scholar] [CrossRef]
- Almaiah, M.A.; Al-Zahrani, A.; Almomani, O.; Alhwaitat, A.K. Classification of cyber security threats on mobile devices and applications. In Artificial Intelligence and Blockchain for Future Cybersecurity Applications; Springer: Cham, Switzerland, 2021; pp. 107–123. [Google Scholar]
- Gabr, M.; Younis, H.; Ibrahim, M.; Alajmy, S.; Khalid, I.; Azab, E.; Elias, R.; Alexan, W. Application of DNA Coding, the Lorenz Differential Equations and a Variation of the Logistic Map in a Multi-Stage Cryptosystem. Symmetry 2022, 14, 2559. [Google Scholar] [CrossRef]
- Bahig, H.M.; Hazber, M.A.G.; Al-Utaibi, K.; Nassr, D.I.; Bahig, H.M. Efficient Sequential and Parallel Prime Sieve Algorithms. Symmetry 2022, 14, 2527. [Google Scholar] [CrossRef]
- Chen, W.; Li, J.; Huang, Z.; Gao, C.; Yiu, S.; Jiang, Z.L. Lattice-based unidirectional infinite-use proxy re-signatures with private re-signature key. J. Comput. Syst. Sci. 2021, 120, 137–148. [Google Scholar] [CrossRef]
- Wang, X.; Li, J.; Yan, H. An improved anti-quantum MST3 public key encryption scheme for remote sensing images. Enterp. Inf. Syst. 2021, 15, 530–544. [Google Scholar]
- Yan, H.; Chen, M.; Hu, L.; Jia, C. Secure video retrieval using image query on an untrusted cloud. Appl. Soft Comput. 2020, 97, 106782. [Google Scholar]
- Almaiah, M.A.; Dawahdeh, Z.; Almomani, O.; Alsaaidah, A.; Al-Khasawneh, A.; Khawatreh, S. A new hybrid text encryption approach over mobile ad hoc network. Int. J. Electr. Comput. Eng. 2020, 10, 6461–6471. [Google Scholar] [CrossRef]
- Yuan, H.; Chen, X.; Wang, J.; Yuan, J.; Yan, H.; Susilo, W. Blockchain-based public auditing and secure deduplication with fair arbitration. Inf. Sci. 2020, 541, 409–425. [Google Scholar]
- Yu, J.; Xue, H.; Liu, B.; Wang, Y.; Zhu, S.; Ding, M. Gan-based differential private image privacy protection framework for the internet of multimedia things. Sensors 2020, 21, 58. [Google Scholar] [PubMed]
- Xu, L.; Sun, Z.; Li, W.; Yan, H. Delegatable searchable encryption with specified keywords for EHR systems. In Wireless Networks; Spinger: New York, NY, USA, 2020; pp. 1–13. [Google Scholar]
- Ali, A.; Almaiah, M.A.; Hajjej, F.; Pasha, M.F.; Fang, O.H.; Khan, R.; Teo, J.; Zakarya, M. An Industrial IoT-Based Blockchain-Enabled Secure Searchable Encryption Approach for Healthcare Systems Using Neural Network. Sensors 2022, 22, 572. [Google Scholar] [CrossRef] [PubMed]
- Jing, Z.; Gu, C.; Yu, Z.; Shi, P.; Gao, C. Cryptanalysis of lattice-based key exchange on small integer solution problem and its improvement. Clust. Comput. 2019, 22, 1717–1727. [Google Scholar]
- Li, J.; Tang, X.; Wei, Z.; Wang, Y.; Chen, W.; Tan, Y.A. Identity-based multi-recipient public key encryption scheme and its application in IoT. Mob. Netw. Appl. 2021, 26, 1543–1550. [Google Scholar]
- Bahig, H.M.; Nassr, D.I.; Mahdi, M.A.; Bahig, H.M. Small Private Exponent Attacks on RSA Using Continued Fractions and Multicore Systems. Symmetry 2022, 14, 1897. [Google Scholar] [CrossRef]
- Mahad, Z.; Ariffin, M.R.K.; Ghafar, A.H.A.; Salim, N.R. Cryptanalysis of RSA-Variant Cryptosystem Generated by Potential Rogue CA Methodology. Symmetry 2022, 14, 1498. [Google Scholar] [CrossRef]
- Ion, M.; Kreuter, B.; Nergiz, E.; Patel, S.; Saxena, S.; Seth, K.; Shanahan, D.; Yung, M. Private intersection-sum protocol with applications to attributing aggregate ad conversions. Cryptology ePrint Archive. 2017. Available online: https://eprint.iacr.org/2017/738 (accessed on 1 August 2017).
- Lu, S.; Li, Z.; Miao, X.; Han, Q.; Zheng, J. PIWS: Private Intersection Weighted Sum Protocol for Privacy-Preserving Score-Based Voting With Perfect Ballot Secrecy. IEEE Trans. Comput. Soc. Syst. 2022, 31, 1–18. [Google Scholar] [CrossRef]
- Ion, M.; Kreuter, B.; Nergiz, A.E.; Patel, S.; Saxena, S.; Seth, K.; Raykova, M.; Shanahan, D.; Yung, M. On deploying secure computing: Private intersection-sum-with-cardinality. In Proceedings of the 2020 IEEE European Symposium on Security and Privacy (EuroS&P), Genoa, Italy, 7–11 September 2020; pp. 370–389. [Google Scholar]
- Miao, P.; Patel, S.; Raykova, M.; Seth, K.; Yung, M. Two-Sided Malicious Security for Private Intersection-Sum with Cardinality. In Proceedings of the Advances in Cryptology—CRYPTO 2020; Micciancio, D., Ristenpart, T., Eds.; Springer International Publishing: Cham, Switzerland, 2020; pp. 3–33. [Google Scholar]
- Niu, Z.; Wang, H.; Li, Z.; Song, X. Privacy-preserving statistical computing protocols for private set intersection. Int. J. Intell. Syst. 2022, 37, 10118–10139. [Google Scholar] [CrossRef]
- Kulshrestha, A.; Mayer, J. Estimating Incidental Collection in Foreign Intelligence Surveillance: Large-Scale Multiparty Private Set Intersection with Union and Sum. In Proceedings of the 31st USENIX Security Symposium (USENIX Security 22); USENIX Association: Boston, MA, USA, 2022; pp. 1705–1722. [Google Scholar]
- Döttling, N.; Garg, S.; Hajiabadi, M.; Masny, D.; Wichs, D. Two-round oblivious transfer from CDH or LPN. In Proceedings of the Annual International Conference on the Theory and Applications of Cryptographic Techniques; Springer: Cham, Switzerland, 2020; pp. 768–797. [Google Scholar]
- Wang, X.; Kuang, X.; Li, J.; Li, J.; Chen, X.; Liu, Z. Oblivious transfer for privacy-preserving in VANET’s feature matching. IEEE Trans. Intell. Transp. Syst. 2020, 22, 4359–4366. [Google Scholar] [CrossRef]
- Freedman, M.J.; Ishai, Y.; Pinkas, B.; Reingold, O. Keyword Search and Oblivious Pseudorandom Functions. In Proceedings of the Theory of Cryptography; Kilian, J., Ed.; Springer: Berlin/Heidelberg, Germany, 2005; pp. 303–324. [Google Scholar]
Notation | Description |
---|---|
The size of the data set X | |
The i-th data of X | |
The set | |
The u-th DO of the DOs | |
The data set of the | |
The i-th data of | |
The asymmetric encryption algorithm | |
The asymmetric decryption algorithm | |
Merkle tree generation algorithm | |
Pseudorandom function |
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content. |
© 2023 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Zhang, J.; Kang, X.; Liu, Y.; Ma, H.; Li, T.; Ma, Z.; Gataullin, S. A Secure and Lightweight Multi-Party Private Intersection-Sum Scheme over a Symmetric Cryptosystem. Symmetry 2023, 15, 319. https://doi.org/10.3390/sym15020319
Zhang J, Kang X, Liu Y, Ma H, Li T, Ma Z, Gataullin S. A Secure and Lightweight Multi-Party Private Intersection-Sum Scheme over a Symmetric Cryptosystem. Symmetry. 2023; 15(2):319. https://doi.org/10.3390/sym15020319
Chicago/Turabian StyleZhang, Junwei, Xin Kang, Yang Liu, Huawei Ma, Teng Li, Zhuo Ma, and Sergey Gataullin. 2023. "A Secure and Lightweight Multi-Party Private Intersection-Sum Scheme over a Symmetric Cryptosystem" Symmetry 15, no. 2: 319. https://doi.org/10.3390/sym15020319
APA StyleZhang, J., Kang, X., Liu, Y., Ma, H., Li, T., Ma, Z., & Gataullin, S. (2023). A Secure and Lightweight Multi-Party Private Intersection-Sum Scheme over a Symmetric Cryptosystem. Symmetry, 15(2), 319. https://doi.org/10.3390/sym15020319