Show simple item record

dc.contributor.advisorChatterjee, Sanjit
dc.contributor.authorKumar, Vikas
dc.date.accessioned2018-03-17T17:10:50Z
dc.date.accessioned2018-07-31T04:38:59Z
dc.date.available2018-03-17T17:10:50Z
dc.date.available2018-07-31T04:38:59Z
dc.date.issued2018-03-17
dc.date.submitted2013
dc.identifier.urihttps://etd.iisc.ac.in/handle/2005/3277
dc.identifier.abstracthttp://etd.iisc.ac.in/static/etd/abstracts/4139/G25576-Abs.pdfen_US
dc.description.abstractPrivate set intersection(PSI) is a two party protocol where both parties possess a private set and at the end of the protocol, one party (client) learns the intersection while other party (server) learns nothing. Motivated by some interesting practical applications, several provably secure and efficient PSI protocols have appeared in the literature in recent past. Some of the proposed solutions are secure in the honest-but-curious (HbC) model while the others are secure in the (stronger) malicious model. Security in the latter is traditionally achieved by following the classical approach of attaching a zero knowledge proof of knowledge (ZKPoK) (and/or using the so-called cut-and-choose technique). These approaches prevent the parties from deviating from normal protocol execution, albeit with significant computational overhead and increased complexity in the security argument, which includes incase of ZKPoK, knowledge extraction through rewinding. We critically investigate a subset of the existing protocols. Our study reveals some interesting points about the so-called provable security guarantee of some of the proposed solutions. Surprisingly, we point out some gaps in the security argument of several protocols. We also discuss an attack on a protocol when executed multiple times between the same client and server. The attack, in fact, indicates some limitation in the existing security definition of PSI. On the positive side, we show how to correct the security argument for the above mentioned protocols and show that in the HbC model the security can be based on some standard computational assumption like RSA and Gap Diffie-Hellman problem. For a protocol, we give improved version of that protocol and prove security in the HbC model under standard computational assumption. For the malicious model, we construct two PSI protocols using deterministic blind signatures i.e., Boldyreva’s blind signature and Chaum’s blind signature, which do not involve ZKPoK or cut-and-choose technique. Chaum’s blind signature gives a new protocol in the RSA setting and Boldyreva’s blind signature gives protocol in gap Diffie-Hellman setting which is quite similar to an existing protocol but it is efficient and does not involve ZKPoK.en_US
dc.language.isoen_USen_US
dc.relation.ispartofseriesG25576en_US
dc.subjectData Protectionen_US
dc.subjectPrivate Set Intersection (PSI)en_US
dc.subjectProvable Secure Private Set Intersection Protocolsen_US
dc.subjectSimulation-based Proofsen_US
dc.subjectMalicious Modelen_US
dc.subjectSecure Two-Party Computationen_US
dc.subjectCryptographic Protocolsen_US
dc.subjectHonest-But-Curious Modelen_US
dc.subjectData Security Modelsen_US
dc.subjectData Processing - Privacy Preserving Protocolsen_US
dc.subjectHbC Modelen_US
dc.subjectGap Diffie-Hellman Settingen_US
dc.subject.classificationComputer Scienceen_US
dc.titleConstruction of Secure and Efficient Private Set Intersection Protocolen_US
dc.typeThesisen_US
dc.degree.nameMSc Enggen_US
dc.degree.levelMastersen_US
dc.degree.disciplineFaculty of Engineeringen_US


Files in this item

This item appears in the following Collection(s)

Show simple item record