Authenticated Private Set Intersection: A Merkle Tree-Based Approach for Enhancing Data Integrity

TL;DR

This paper introduces Merkle Tree-based authenticated PSI protocols that enhance data integrity, balancing security with communication efficiency, and provides practical implementations and potential improvements.

Contribution

It defines data integrity in PSI and constructs authenticated protocols integrating Merkle Trees with existing PSI schemes, improving security against malicious participants.

Findings

Two-party authenticated PSI achieves optimal communication complexity.

Multi-party authenticated PSI incurs additional overhead due to Merkle proofs.

Authenticated schemes are more secure but have higher costs than unauthenticated ones.

Abstract

Private Set Intersection (PSI) enables secure computation of set intersections while preserving participant privacy, standard PSI existing protocols remain vulnerable to data integrity attacks allowing malicious participants to extract additional intersection information or mislead other parties. In this paper, we propose the definition of data integrity in PSI and construct two authenticated PSI schemes by integrating Merkle Trees with state-of-the-art two-party volePSI and multi-party mPSI protocols. The resulting two-party authenticated PSI achieves communication complexity $\mathcal{O}(n \lambda+n \log n)$, aligning with the best-known unauthenticated PSI schemes, while the multi-party construction is $\mathcal{O}(n \kappa+n \log n)$ which introduces additional overhead due to Merkle tree inclusion proofs. Due to the incorporation of integrity verification, our authenticated schemes incur higher costs compared to state-of-the-art unauthenticated schemes. We also provide efficient implementations of our protocols and discuss potential improvements, including alternative authentication blocks.