Fuzzy Private Set Union via Oblivious Key Homomorphic Encryption Retrieval

TL;DR

This paper introduces efficient protocols for fuzzy private set union that account for approximate element matching, utilizing a novel Oblivious Key Homomorphic Encryption Retrieval technique to improve privacy and communication efficiency.

Contribution

The paper presents a new fuzzy private set union protocol and a novel OKHER sub-protocol, enhancing efficiency and privacy in approximate set operations.

Findings

Achieves communication bounds from O(dm log(δn)) to O(d^2 m log(δ^2 n))

Introduces OKHER, improving on OKVR techniques

Formalizes security properties for fuzzy set union protocols

Abstract

Private Set Multi-Party Computations are protocols that allow parties to jointly and securely compute functions: apart from what is deducible from the output of the function, the input sets are kept private. Then, a Private Set Union (PSU), resp. Intersection (PSI), is a protocol that allows parties to jointly compute the union, resp. the intersection, between their private sets. Now a structured PSI, is a PSI where some structure of the sets can allow for more efficient protocols. For instance in Fuzzy PSI, elements only need to be close enough, instead of equal, to be part of the intersection. We present in this paper, Fuzzy PSU protocols (FPSU), able to efficiently take into account approximations in the union. For this, we introduce a new efficient sub-protocol, called Oblivious Key Homomorphic Encryption Retrieval (OKHER), improving on Oblivious Key-Value Retrieval (OKVR) techniques in our setting. In the fuzzy context, the receiver set $X=\{x_i\}_{1..n}$ is replaced by ${\mathcal B}_\delta (X)$, the union of $n$ balls of dimension $d$ with radius $\delta$, centered at the $x_i$. The sender set is just its $m$ points of dimension $d$. Then the FPSU functionality corresponds to $X \sqcup \{y \in Y, y \notin {\mathcal B}_\delta (X)\}$. Thus, we formally define the FPSU functionality and security properties, and propose several protocols tuned to the patterns of the balls using the $l_\infty$ distance. Using our OKHER routine and homomorphic encryption, we are for instance able to obtain a FPSU protocols with an asymptotic communication volume bound ranging from $O(dm\log(\delta{n}))$ to $O(d^2m\log(\delta^2n))$, depending on the receiver data set structure.