Computationally secure pattern matching in the presence of malicious adversaries

Carmit Hazay, Tomas Toft

Research output: Contribution to journalArticlepeer-review

30 Scopus citations

Abstract

We propose a protocol for the problem of secure two-party pattern matching, where Alice holds a text t∈{0,1}* of length n, while Bob has a pattern p∈{0,1}* of length m. The goal is for Bob to (only) learn where his pattern occurs in Alice's text, while Alice learns nothing. Private pattern matching is an important problem that has many applications in the area of DNA search, computational biology and more. Our construction guarantees full simulation in the presence of malicious, polynomial-time adversaries (assuming the hardness of DDH assumption) and exhibits computation and communication costs of O(n+m) group elements in a constant round complexity. This improves over previous work by Gennaro et al. (Public Key Cryptography, pp. 145-160, 2010) whose solution requires overhead of O(nm) group elements and exponentiations in O(m) rounds. In addition to the above, we propose a collection of protocols for important variations of the secure pattern matching problem that are significantly more efficient than the current state of art solutions: First, we deal with secure pattern matching with wildcards. In this variant the pattern may contain wildcards that match both 0 and 1. Our protocol requires O(n+m) communication and O(1) rounds using O(nm) computation. Then we treat secure approximate pattern matching. In this variant the matches may be approximated, i.e., have Hamming distance less than some threshold, τ. Our protocol requires O(nτ) communication in O(1) rounds using O(nm) computation. Third, we have secure pattern matching with hidden pattern length. Here, the length, m, of Bob's pattern remains a secret. Our protocol requires O(n+M) communication in O(1) rounds using O(n+M) computation, where M is an upper bound on m. Finally, we have secure pattern matching with hidden text length. Finally, in this variant the length, n, of Alice's text remains a secret. Our protocol requires O(N+m) communication in O(1) rounds using O(N+m) computation, where N is an upper bound on n.

Original languageEnglish
Pages (from-to)358-395
Number of pages38
JournalJournal of Cryptology
Volume27
Issue number2
DOIs
StatePublished - Apr 2014

Keywords

  • Malicious adversary
  • Pattern matching
  • Secure two-party computation
  • Simulation-based security

Fingerprint

Dive into the research topics of 'Computationally secure pattern matching in the presence of malicious adversaries'. Together they form a unique fingerprint.

Cite this