search

osu-crypto / libPSI

A repository for private set intersection.
Other
168 stars 47 forks source link

Does KKRT16 and Mea86 support two party psi with different count of id? #29

Closed Keepmoving-ZXY closed 2 years ago

Keepmoving-ZXY commented 2 years ago

I find that the frontend.exe has a limit that count of id in two party must be the same, otherwise an error occurs in each party, below is error of each party in this case:

root@psi:~/libPSI/out/build/linux/frontend# ./frontend.exe -r 1 -ecdh -ip 172.16.0.161  -t 30 -nn 2 

ERROR in ep_read_bin() at /root/libPSI/thirdparty/libOTe/cryptoTools/thirdparty/relic/src/ep/relic_ep_util.c,276: invalid value passed as input.
terminate called after throwing an instance of 'std::runtime_error'
  what():  Relic ep_read error /root/libPSI/thirdparty/libOTe/cryptoTools/cryptoTools/Crypto/RCurve.cpp:687
Aborted (core dumped)
root@psi:~/libPSI/out/build/linux/frontend# ./frontend.exe -r 0 -ecdh -ip 172.16.0.161  -t 30 -nn 1 
protocol     n      threads      total(ms)    online(ms)     comm (MB)        bandwidth (Mbps)
------------------------------------------------------------------------------------------------
error @ /root/libPSI/libPSI/PSI/ECDH/EcdhPsiReceiver.cpp:118
terminate called after throwing an instance of 'std::runtime_error'
  what():  /root/libPSI/libPSI/PSI/ECDH/EcdhPsiReceiver.cpp:119
Aborted (core dumped)

I think it is normal that count of each party is different, so does this limit come from the code of frontend.exe, not the psi implement?

ladnir commented 2 years ago

ECDH assumes same set sizes. Its pretty simple to lift this requirement. I bet you could do it.

KKRT allows different set sizes. https://github.com/osu-crypto/libPSI/blob/master/libPSI/PSI/Kkrt/KkrtPsiReceiver.cpp#L41

Keepmoving-ZXY commented 2 years ago

For ECDH, it's simple to lift this requirment, because the input of ECDH is 128 bit, just the output of md5 and the probability of md5 output 0 is very small, I can fill 0 to left this requirment. And I am happy to hear the KKRT allow different set size, thank you.

ladnir commented 2 years ago

not sure what you mean. The ECDH impl just assumes that the sets are of the same size. You could change this. For example, this loop iterates the right number of times but this loop would need to iterate over the number of items the other party has. The same basic thing would apply to EcdhPsiReceiver.cpp.

Keepmoving-ZXY commented 2 years ago

Maybe I need a better understand of ECDH impl, I will see the impl later, thank you very much.