encryptogroup / psi Goto Github PK

Implementations of Private Set Intersection Protocols

License: GNU Affero General Public License v3.0

Makefile 1.19% C++ 82.61% C 15.21% Python 0.34% Objective-C 0.64%

psi's Introduction

Private Set Intersection (PSI)

Faster Private Set Intersection Based on OT Extension

By Benny Pinkas, Thomas Schneider and Michael Zohner in USENIX Security Symposium 2014 [1], Benny Pinkas, Thomas Schneider, Gil Segev and Michael Zohner in USENIX Security Symposium 2015 [2], and Benny Pinkas, Thomas Schneider and Michael Zohner in ePrint [3]. Please note that the code is currently being restructured and not all routines might work correctly. The PSI code is licensed under AGPLv3, see the LICENSE file for a copy of the license. The implementations for performing PSI on a sets of a billion elements can be found here.

Features

An implementation of different PSI protocols:
- the naive hashing solutions where elements are hashed and compared
- the server-aided protocol of [4]
- the Diffie-Hellman-based PSI protocol of [5]
- the OT-based PSI protocol of [3]

This code is provided as a experimental implementation for testing purposes and should not be used in a productive environment. We cannot guarantee security and correctness.

Requirements

A Linux distribution of your choice (the code was developed and tested with recent versions of Ubuntu).
Required packages:
Install these packages with your favorite package manager, e.g, sudo apt-get install <package-name>.

Building the Project

Clone a copy of the main git repository and its submodules by running:
```
git clone --recursive git://github.com/encryptogroup/PSI
```
Enter the Framework directory: cd PSI/
Call make in the root directory to compile all dependencies, tests, and examples and create the executables: psi.exe (used for benchmarking) and demo.exe (a small demonstrator for intersecting email addresses).

Please note that downloading this project as ZIP file will yield compilation errors, since the Miracl library is included as external project. To solve this, download the Miracl sources in commit version cff161b (found here and extract the contents of the main folder in src/externals/Miracl. Then, continue with steps 2 and 3.

Executing the Code

An example demo is included and can be run by opening two terminals in the root directory. Execute in the first terminal:

./demo.exe -r 0 -p 0 -f sample_sets/emails_alice.txt

and in the second terminal:

./demo.exe -r 1 -p 0 -f sample_sets/emails_bob.txt

This should print the following output in the second terminal:

	Computation finished. Found 3 intersecting elements:
	[email protected]
	[email protected]
	[email protected]

These commands will run the naive hashing protocol and compute the intersection on the 1024 randomly generated emails in sample_sets/emails_alice.txt and sample_sets/emails_bob.txt (where 3 intersecting elements were altered). To use a different protocol, the ['-p'] option can be varied as follows:

-p 0: the naive hashing protocol
-p 1: the server-aided protocol of [4]
-p 2: the Diffie-Hellman-based PSI protocol of [5]
-p 3: the OT-based PSI protocol of [3]

For further information about the program options, run ./demo.exe -h.

Testing the Protocols

The protocols will automatically be tested on randomly generated data when invoking:

	make test

WARNING: Some tests can still fail since the code is currently being debugged.

Generating Random Email Adresses

Further random email adresses can be generated by navigating to sample_sets/emailgenerator/ and invoking:

	./emailgenerator.py "number_of_emails"

The generator uses the first names, family names, and email providers listed in the corresponding files in sample_sets/emailgenerator/ as base for the generation.

References

[1] B. Pinkas, T. Schneider, M. Zohner. Faster Private Set Intersection Based on OT Extension. USENIX Security 2014: 797-812. Full version available at http://eprint.iacr.org/2014/447.

[2] B. Pinkas, T. Schneider, G. Segev, M. Zohner. Phasing: Private Set Intersection using Permutation-based Hashing. USENIX Security 2015. Full version available at http://eprint.iacr.org/2015/634.

[3] B. Pinkas, T. Schneider, M. Zohner. Scalable Private Set Intersection Based on OT Extension. Available at http://eprint.iacr.org/2016/930.

[4] S. Kamara, P. Mohassel, M. Raykova, and S. Sadeghian. Scaling private set intersection to billion-element sets. In Financial Cryptography and Data Security (FC’14) , LNCS. Springer, 2014.

[5] C. Meadows. A more efficient cryptographic matchmaking protocol for use in the absence of a continuously available third party. In IEEE S&P’86, pages 134–137. IEEE, 1986.

psi's People

Contributors

Stargazers

Watchers

psi's Issues

Can I use PSI library for MySQL source?

I want to use this PSI library for MySQL source, can it support?

REST service wrapper for the client

It would be useful to wrap the client in a REST service so that it can be called from services written in other languages. I would be happy to use https://github.com/microsoft/cpprestsdk
to build this wrapper & raise a PR. Would you guys be interested in it ?

BCH code

The paper https://eprint.iacr.org/2016/930.pdf points me to this repository. I think the OT-based solution described there is implemented here.

I try to find the initialization parameter of the BCH code. It seems that you use m=10 instead 77 as described in Section 2.2.3 "1-out-of-N OT extension': In the remainder of the paper ..., we fix linear BCH code, generated from [50], denoted as a [2^77, 512, 129] code.

The code use m=10 is in ecc.c:

ECC::ECC() {
  bch_ctrl = init_bch(CONFIG_BCH_CONST_M, CONFIG_BCH_CONST_T, 0);
}

And the method init_bch does not allow m greater than 15.

Does I interpret the paper incorrectly? If not, any idea to use m = 77 in your code?

How to run server-aid protocol

Hi, i had some trouble running server-aid protocol
the command i used to run:
sender: ./demo.exe -r 0 -p 1 -f [file path]
receiver: ./demo.exe -r 1 -p 1 -f [file path]
But it seems stuck there forever.
Really appreciate it if you can tell me how to run it properly

make: *** [Makefile:70：src/util/ot/kk-ot-extension.o] Error 1

When I try to make it, there is an error. I don't konw the reason for this error.
System: Ubuntu 18

Details are as follows:

$ make
g++ src/util/ot/kk-ot-extension.cpp -g3 -O2 -g3 -ggdb -c -I.. -I/usr/include/glib-2.0/ -I/usr/lib/x86_64-linux-gnu/glib-2.0/include pkg-config --cflags glib-2.0 -lgmp -lgmpxx -lpthread -L /usr/lib -lssl -lcrypto -lglib-2.0 pkg-config --libs glib-2.0 -o src/util/ot/kk-ot-extension.o
In file included from /usr/include/c++/8/cmath:45,
from /usr/include/c++/8/math.h:36,
from src/util/ot/../cbitvector.h:14,
from src/util/ot/kk-ot-extension.h:11,
from src/util/ot/kk-ot-extension.cpp:1:
/usr/include/x86_64-linux-gnu/bits/mathcalls-narrow.h:24:20: error: conflicting declaration of C function ‘float fadd(double, double)’
__MATHCALL_NARROW (__MATHCALL_NAME (add), __MATHCALL_REDIR_NAME (add), 2);
^~~~~~~~~~~~~~~
In file included from src/util/ot/../crypto/../../externals/miracl_lib/big.h:103,
from src/util/ot/../crypto/../../externals/miracl_lib/ecn.h:56,
from src/util/ot/../crypto/ecc-pk-crypto.h:13,
from src/util/ot/../crypto/crypto.h:20,
from src/util/ot/../cbitvector.h:11,
from src/util/ot/kk-ot-extension.h:11,
from src/util/ot/kk-ot-extension.cpp:1:
src/util/ot/../crypto/../../externals/miracl_lib/miracl.h:1350:14: note: previous declaration ‘void fadd(flash, flash, flash)’
extern void fadd(MIPT flash,flash,flash);
^~~~
In file included from /usr/include/c++/8/cmath:45,
from /usr/include/c++/8/math.h:36,
from src/util/ot/../cbitvector.h:14,
from src/util/ot/kk-ot-extension.h:11,
from src/util/ot/kk-ot-extension.cpp:1:
/usr/include/x86_64-linux-gnu/bits/mathcalls-narrow.h:27:20: error: conflicting declaration of C function ‘float fdiv(double, double)’
__MATHCALL_NARROW (__MATHCALL_NAME (div), __MATHCALL_REDIR_NAME (div), 2);
^~~~~~~~~~~~~~~
In file included from src/util/ot/../crypto/../../externals/miracl_lib/big.h:103,
from src/util/ot/../crypto/../../externals/miracl_lib/ecn.h:56,
from src/util/ot/../crypto/ecc-pk-crypto.h:13,
from src/util/ot/../crypto/crypto.h:20,
from src/util/ot/../cbitvector.h:11,
from src/util/ot/kk-ot-extension.h:11,
from src/util/ot/kk-ot-extension.cpp:1:
src/util/ot/../crypto/../../externals/miracl_lib/miracl.h:1349:14: note: previous declaration ‘void fdiv(flash, flash, flash)’
extern void fdiv(MIPT flash,flash,flash);
^~~~
In file included from /usr/include/c++/8/cmath:45,
from /usr/include/c++/8/math.h:36,
from src/util/ot/../cbitvector.h:14,
from src/util/ot/kk-ot-extension.h:11,
from src/util/ot/kk-ot-extension.cpp:1:
/usr/include/x86_64-linux-gnu/bits/mathcalls-narrow.h:30:20: error: conflicting declaration of C function ‘float fmul(double, double)’
__MATHCALL_NARROW (__MATHCALL_NAME (mul), __MATHCALL_REDIR_NAME (mul), 2);
^~~~~~~~~~~~~~~
In file included from src/util/ot/../crypto/../../externals/miracl_lib/big.h:103,
from src/util/ot/../crypto/../../externals/miracl_lib/ecn.h:56,
from src/util/ot/../crypto/ecc-pk-crypto.h:13,
from src/util/ot/../crypto/crypto.h:20,
from src/util/ot/../cbitvector.h:11,
from src/util/ot/kk-ot-extension.h:11,
from src/util/ot/kk-ot-extension.cpp:1:
src/util/ot/../crypto/../../externals/miracl_lib/miracl.h:1348:14: note: previous declaration ‘void fmul(flash, flash, flash)’
extern void fmul(MIPT flash,flash,flash);
^~~~
In file included from /usr/include/c++/8/cmath:45,
from /usr/include/c++/8/math.h:36,
from src/util/ot/../cbitvector.h:14,
from src/util/ot/kk-ot-extension.h:11,
from src/util/ot/kk-ot-extension.cpp:1:
/usr/include/x86_64-linux-gnu/bits/mathcalls-narrow.h:33:20: error: conflicting declaration of C function ‘float fsub(double, double)’
__MATHCALL_NARROW (__MATHCALL_NAME (sub), __MATHCALL_REDIR_NAME (sub), 2);
^~~~~~~~~~~~~~~
In file included from src/util/ot/../crypto/../../externals/miracl_lib/big.h:103,
from src/util/ot/../crypto/../../externals/miracl_lib/ecn.h:56,
from src/util/ot/../crypto/ecc-pk-crypto.h:13,
from src/util/ot/../crypto/crypto.h:20,
from src/util/ot/../cbitvector.h:11,
from src/util/ot/kk-ot-extension.h:11,
from src/util/ot/kk-ot-extension.cpp:1:
src/util/ot/../crypto/../../externals/miracl_lib/miracl.h:1351:14: note: previous declaration ‘void fsub(flash, flash, flash)’
extern void fsub(MIPT flash,flash,flash);
^~~~
make: *** [Makefile:70：src/util/ot/kk-ot-extension.o] Error 1

The question about cuckoo hash

I have found a question that when the participants Alice and Bob have exactly the same sets information X, the intersection is not equal to X. Especially when the set size is large, the number of intersections calculated by the PSI protocol is far less than that computed by the plaintext. Even though I set the number of hash bins of Alice to be 166*n1 (suppose n1 is set size of Alice) when using cuckoo hash. I am confused why the result is inaccurate.

DH-based PSI and Naive PSI return false positive intersection

After running a few test cases on huge data set (1 million elements), i realized DH-based PSI and Naive PSI will return some false positive intersection elements which only present in one of the data set. In addition, OT-based PSI also missed 1 elements compared to the actual intersection.
Can you please tell me why and how it can be fixed?

make

cant make

simplehash_failure.cpp:82:24: error: invalid conversion from ‘int’ to ‘mpz_srcptr’ {aka ‘const __mpz_struct*’} [-fpermissive]

The result of OT based PSI has something wrong

Problem in the execution in Ubuntu

Hello! Im trying to use the PSI tool at Ubuntu but i face the following problem!

I follow all the instructions. I have installed all the required packages without any problem. I am in the phase that i use make command. It runs but it shows some errors.

As a result, the files demo.exe and psi.exe are not been created and the following commands don't run.

./demo.exe -r 0 -p 0 -f sample_sets/emails_alice.txt

./demo.exe -r 1 -p 0 -f sample_sets/emails_bob.txt

I get some errors like : bash : ./demo.exe : No such file or directory

Can anyone help me to overcome this problem?

I post some screenshots of the issues i face

make error

make: *** No rule to make target 'src/externals/Miracl/*', needed by 'src/externals/miracl_lib/miracl.a'. Stop.

Socket error : Bad file descriptor

Hi,
When I run the second PSI by following the command in two terminals,
./demo.exe -r 0 -p 0 -f sample_sets/emails_alice.txt
I got the errors:
Error: a socket could not be bound Listen failed Connections with all 2 clients established socket recv error: 9 Socket error : Bad file descriptor socket recv error: 9 Socket error : Bad file descriptor Client 0 holds 1915882656 elements of length 880-bit socket recv error: 107 Socket error : Transport endpoint is not connected socket recv error: 107 Socket error : Transport endpoint is not connected Client 1 holds 32691 elements of length 880-bit Receiving the client's elements socket recv error: 9 Socket error : Bad file descriptor socket recv error: 107 Socket error : Transport endpoint is not connected Computing intersection for the clients Inserting the items into the hash table Segmentation fault (core dumped)

Do you know how to solve it?
Thanks.

Make Error.

I do all the steps by README, but the error still occurs.
After I do the make, the following errors occurs.

/bin/sh: pkg-config: command not found
/bin/sh: pkg-config: command not found
clang: error: no such file or directory: 'src/pk-based/*.o'
clang: error: no such file or directory: 'src/ot-based/*.o'
clang: error: no such file or directory: 'src/naive-hashing/*.o'
clang: error: no such file or directory: 'src/server-aided/*.o'
clang: error: no such file or directory: 'src/util/*.o'
clang: error: no such file or directory: 'src/hashing/*.o'
clang: error: no such file or directory: 'src/util/crypto/*.o'
clang: error: no such file or directory: 'src/util/ot/*.o'
clang: error: no such file or directory: 'src/externals/miracl_lib/*.o'

Please help me. My machine is macos.

Build error

make failed with error

src/pk-based/../util/crypto/ecc-pk-crypto.h:139:7: error: ‘unique_ptr’ in namespace ‘std’ does not name a template type
  std::unique_ptr<ecc_brickexp_impl> impl;

Adding -std=c++14 to COMPILER_OPTION and fixed this error.

build scripts

Might it be possible to add scripts to build your dependances for systems without root access.