Secure computation of the median (and other elements of specified ranks)

Gagan Aggarwal, Nina Mishra, Benny Pinkas

Research output: Contribution to journalArticlepeer-review

11 Scopus citations


We consider the problem of securely computing the kth-ranked element of the union of two or more large, confidential data sets. This is a fundamental question motivated by many practical contexts. For example, two competitive companies may wish to compute the median salary of their combined employee populations without revealing to each other the exact salaries of their employees. While protocols do exist for computing the kth-ranked element, they require time that is at least linear in the sum of the sizes of their combined inputs. This paper investigates two-party and multi-party protocols for both the semi-honest and malicious cases. In the two-party setting, we prove that the problem can be solved in a number of rounds that is logarithmic in k, where each round requires communication and computation cost that is linear in b, the number of bits needed to describe each element of the input data. In the multi-party setting, we prove that the number of rounds is linear in b, where each round has overhead proportional to b multiplied by the number of parties. The multi-party protocol can be used in the two-party case. The overhead introduced by our protocols closely match the communication complexity lower bound. Our protocols can handle a malicious adversary via simple consistency checks.

Original languageEnglish
Pages (from-to)373-401
Number of pages29
JournalJournal of Cryptology
Issue number3
StatePublished - Jul 2010
Externally publishedYes

Bibliographical note

Funding Information:
N. Mishra’s work partially done at HP Labs and the University of Virginia. Research supported in part by NSF grant EIA-013776.

Funding Information:
G. Aggarwal’s work done at HP Labs and Stanford University, and supported in part by a Stanford Graduate Fellowship, NSF Grant ITR-0331640 and NSF Grant EIA-0137761.

Funding Information:
Most of this work was done while B. Pinkas was at HP Labs. Research supported in part by the Israel Science Foundation (grant number 860/06).


  • Kth-ranked element
  • Malicious adversary
  • Median
  • Secure function evaluation
  • Secure multi-party computation
  • Semi-honest adversary


Dive into the research topics of 'Secure computation of the median (and other elements of specified ranks)'. Together they form a unique fingerprint.

Cite this