Document Open Access Logo

Linear-Time Secure Merge in O(loglog n) Rounds

Authors Mark Blunk , Paul Bunn , Samuel Dittmer , Steve Lu , Rafail Ostrovsky

PDF

File

Thumbnail PDF
PDF
LIPIcs.ITC.2025.7.pdf
  • Filesize: 1.12 MB
  • 23 pages

Document Identifiers

Related Versions

Subject Classification

ACM Subject Classification
  • Security and privacy → Cryptography
  • Security and privacy → Database and storage security
Keywords
  • Secure Merge
  • Secure Sort
  • Secure Databases
  • Private Set Intersection

Metrics

  • Access Statistics
  • Total Accesses (updated on a weekly basis)
    0
    PDF Downloads
    0
    Metadata Views

Abstract

The problem of Secure Merge consists of combining two sorted lists (which are either held separately by two parties, or secret-shared among two or more parties), and outputting a single merged (sorted) list, secret-shared among all parties. Just as insecure algorithms for comparison-based sorting are slower than merging (i.e., for lists of size n, Θ(n log n) versus Θ(n)), we explore whether an analogous separation exists for secure protocols; namely, if there exist techniques for performing secure merge that are more performant than simply invoking secure sort.
We answer this question affirmatively by constructing a secure merge protocol with optimal Θ(n) communication and computation, and Θ(log log n) rounds of communication. Our results are based solely on black-box use of basic secure primitives, such as secure comparison and secure shuffle. Since two-party secure primitives require computational assumptions, while three-party do not, our protocols achieve these bounds against semi-honest adversaries via a computationally secure two-party (resp. an information-theoretically secure three-party) secure merge protocol.
Secure sort is a fundamental building block used in many MPC protocols, e.g., various private set intersection protocols and oblivious RAM protocols. More efficient secure sort can lead to concrete improvements in the overall run-time. Since secure sort can often be replaced by secure merge - as inputs (from different participating players) can be presorted - an efficient secure merge protocol has wide applicability. There are also a range of applications in the field of secure databases, including secure database joins, as well as updatable database storage and search, whereby secure merge can be used to insert new entries into an existing (sorted) database.
In building our secure merge protocol, we develop several subprotocols that may be of independent interest. For example, we develop a protocol for secure asymmetric merge (when one list is much larger than the other).

Cite As Get BibTex

Mark Blunk, Paul Bunn, Samuel Dittmer, Steve Lu, and Rafail Ostrovsky. Linear-Time Secure Merge in O(loglog n) Rounds. In 6th Conference on Information-Theoretic Cryptography (ITC 2025). Leibniz International Proceedings in Informatics (LIPIcs), Volume 343, pp. 7:1-7:23, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2025) https://doi.org/10.4230/LIPIcs.ITC.2025.7

Author Details

Mark Blunk
  • Stealth Software Technologies, Inc., Los Angeles, CA, USA
Paul Bunn
  • Stealth Software Technologies, Inc., Los Angeles, CA, USA
Samuel Dittmer
  • Stealth Software Technologies, Inc., Los Angeles, CA, USA
Steve Lu
  • Stealth Software Technologies, Inc., Los Angeles, CA, USA
Rafail Ostrovsky
  • Departments of Computer Science and Mathematics, UCLA, Los Angeles, CA, USA

Funding

This work was performed under the following financial assistance award number 70NANB21H064 from U.S. Department of Commerce, National Institute of Standards and Technology. The statements, findings, conclusions, and recommendations are those of the author(s) and do not necessarily reflect the views of the National Institute of Standards and Technology or the U.S. Department of Commerce.
  • Ostrovsky, Rafail: This research was supported in part by DARPA under Cooperative Agreement HR0011-20-2-0025, the Algorand Centers of Excellence programme managed by Algorand Foundation, NSF grants CNS-2246355, CCF-2220450, CNS-2001096, US-Israel BSF grant 2022370, Amazon Faculty Award and Sunday Group. Any views, opinions, findings, conclusions, or recommendations contained herein are those of the author(s) and should not be interpreted as necessarily representing the official policies, either expressed or implied, of DARPA, the Department of Defense, the Algorand Foundation, or the U.S. Government. The U.S. Government is authorized to reproduce and distribute reprints for governmental purposes, notwithstanding any copyright annotation therein.

References

  1. M. Ajtai, J. Komlós, and E. Szemerédi. An o(n log n) sorting network. In Proceedings of the Fifteenth Annual ACM Symposium on Theory of Computing, STOC '83, pages 1-9, New York, NY, USA, 1983. Association for Computing Machinery. URL: https://doi.org/10.1145/800061.808726.
  2. Arvind Arasu and Raghav Kaushik. Oblivious query processing. In Proc. 17th International Conference on Database Theory (ICDT), Athens, Greece, March 24-28, 2014, pages 26-37. OpenProceedings.org, 2014. URL: https://doi.org/10.5441/002/icdt.2014.07.
  3. K. E. Batcher. Sorting networks and their applications. In Proceedings of the April 30-May 2, 1968, Spring Joint Computer Conference, AFIPS '68 (Spring), pages 307-314, New York, NY, USA, 1968. Association for Computing Machinery. URL: https://doi.org/10.1145/1468075.1468121.
  4. Allan Borodin and John E. Hopcroft. Routing, merging, and sorting on parallel models of computation. J. Comput. Syst. Sci., 30(1):130-145, 1985. URL: https://doi.org/10.1016/0022-0000(85)90008-X.
  5. Ran Canetti. Security and composition of multiparty cryptographic protocols. J. Cryptol., 13(1):143-202, 2000. URL: https://doi.org/10.1007/s001459910006.
  6. Suvradip Chakraborty, Stanislav Peceny, Srinivasan Raghuraman, and Peter Rindal. Logstar: Efficient linear* time secure merge. IACR Cryptol. ePrint Arch., page 159, 2024. URL: https://eprint.iacr.org/2024/159.
  7. T.-H. Hubert Chan, Jonathan Katz, Kartik Nayak, Antigoni Polychroniadou, and Elaine Shi. More is less: Perfectly secure oblivious algorithms in the multi-server setting. In Advances in Cryptology - ASIACRYPT 2018, volume 11274 of Lecture Notes in Computer Science, pages 158-188. Springer, 2018. URL: https://doi.org/10.1007/978-3-030-03332-3_7.
  8. Koji Chida, Koki Hamada, Dai Ikarashi, Ryo Kikuchi, Naoto Kiribuchi, and Benny Pinkas. An efficient secure three-party sorting protocol with an honest majority. IACR Cryptol. ePrint Arch., page 695, 2019. URL: https://eprint.iacr.org/2019/695.
  9. Saba Eskandarian and Matei Zaharia. Oblidb: Oblivious query processing for secure databases. Proc. VLDB Endow., 13(2):169-183, October 2019. URL: https://doi.org/10.14778/3364324.3364331.
  10. Brett Hemenway Falk, Rohit Nema, and Rafail Ostrovsky. A linear-time 2-party secure merge protocol. In Cyber Security, Cryptology, and Machine Learning - 6th International Symposium, CSCML 2022, Be'er Sheva, Israel, June 30 - July 1, 2022, Proceedings, volume 13301 of Lecture Notes in Computer Science, pages 408-427. Springer, 2022. URL: https://doi.org/10.1007/978-3-031-07689-3_30.
  11. Brett Hemenway Falk and Rafail Ostrovsky. Secure merge with o(n log log n) secure operations. In 2nd Conference on Information-Theoretic Cryptography (ITC 2021), volume 199 of Leibniz International Proceedings in Informatics (LIPIcs), pages 7:1-7:29, Dagstuhl, Germany, 2021. Schloss Dagstuhl - Leibniz-Zentrum für Informatik. URL: https://doi.org/10.4230/LIPIcs.ITC.2021.7.
  12. O. Goldreich, S. Micali, and A. Wigderson. How to play any mental game. In Proceedings of the Nineteenth Annual ACM Symposium on Theory of Computing, STOC '87, pages 218-229, New York, NY, USA, 1987. Association for Computing Machinery. URL: https://doi.org/10.1145/28395.28420.
  13. Oded Goldreich and Rafail Ostrovsky. Software protection and simulation on oblivious rams. J. ACM, 43(3):431-473, 1996. URL: https://doi.org/10.1145/233551.233553.
  14. Koki Hamada, Dai Ikarashi, Koji Chida, and Katsumi Takahashi. Oblivious radix sort: An efficient sorting algorithm for practical secure multi-party computation. IACR Cryptol. ePrint Arch., page 121, 2014. URL: http://eprint.iacr.org/2014/121.
  15. Koki Hamada, Ryo Kikuchi, Dai Ikarashi, Koji Chida, and Katsumi Takahashi. Practically efficient multi-party sorting protocols from comparison sort algorithms. In International Conference on Information Security and Cryptology, pages 202-216. Springer, 2013. URL: https://doi.org/10.1007/978-3-642-37682-5_15.
  16. Zhu Hong and Robert Sedgewick. Notes on merging networks (prelimiary version). In Proceedings of the Fourteenth Annual ACM Symposium on Theory of Computing, STOC '82, pages 296-302, New York, NY, USA, 1982. Association for Computing Machinery. URL: https://doi.org/10.1145/800070.802204.
  17. Yan Huang, David Evans, and Jonathan Katz. Private set intersection: Are garbled circuits better than custom protocols? In 19th Annual Network and Distributed System Security Symposium, NDSS 2012, San Diego, California, USA, February 5-8, 2012. The Internet Society, 2012. URL: https://www.ndss-symposium.org/ndss2012/private-set-intersection-are-garbled-circuits-better-custom-protocols.
  18. Yuval Ishai, Eyal Kushilevitz, Steve Lu, and Rafail Ostrovsky. Private large-scale databases with distributed searchable symmetric encryption. In Topics in Cryptology - CT-RSA 2016, pages 90-107, Cham, 2016. Springer International Publishing. URL: https://doi.org/10.1007/978-3-319-29485-8_6.
  19. Kasper Green Larsen and Jesper Buus Nielsen. Yes, there is an oblivious ram lower bound! In Advances in Cryptology - CRYPTO 2018, pages 523-542, Cham, 2018. Springer International Publishing. URL: https://doi.org/10.1007/978-3-319-96881-0_18.
  20. Steve Lu and Rafail Ostrovsky. Distributed oblivious ram for secure two-party computation. In Theory of Cryptography, pages 377-396, Berlin, Heidelberg, 2013. Springer Berlin Heidelberg. URL: https://doi.org/10.1007/978-3-642-36594-2_22.
  21. Kurt Mehlhorn and Peter Sanders. Algorithms and Data Structures: The Basic Toolbox. Springer Publishing Company, Incorporated, 1 edition, 2008. URL: https://doi.org/10.1007/978-3-540-77978-0.
  22. Takashi Nishide and Kazuo Ohta. Constant-round multiparty computation for interval test, equality test, and comparison. IEICE Trans. Fundam. Electron. Commun. Comput. Sci., 90-A(5):960-968, 2007. URL: https://doi.org/10.1093/ietfec/e90-a.5.960.
  23. Benny Pinkas and Tzachy Reinman. Oblivious ram revisited. In Advances in Cryptology - CRYPTO 2010, pages 502-519, Berlin, Heidelberg, 2010. Springer Berlin Heidelberg. URL: https://doi.org/10.1007/978-3-642-14623-7_27.
  24. Benny Pinkas, Thomas Schneider, and Michael Zohner. Scalable private set intersection based on ot extension. ACM Trans. Priv. Secur., 21(2), January 2018. URL: https://doi.org/10.1145/3154794.
  25. Leslie G. Valiant. Parallelism in comparison problems. SIAM Journal on Computing, 4(3):348-355, 1975. URL: https://doi.org/10.1137/0204030.
  26. Andrew Chi-Chih Yao and Foong Frances Yao. Lower bounds on merging networks. J. ACM, 23(3):566-571, 1976. URL: https://doi.org/10.1145/321958.321976.
  27. Wenting Zheng, Ankur Dave, Jethro G. Beekman, Raluca Ada Popa, Joseph E. Gonzalez, and Ion Stoica. Opaque: An oblivious and encrypted distributed analytics platform. In 14th USENIX Symposium on Networked Systems Design and Implementation, NSDI 2017, Boston, MA, USA, March 27-29, 2017, pages 283-298. USENIX Association, 2017. URL: https://www.usenix.org/conference/nsdi17/technical-sessions/presentation/zheng.
Questions / Remarks / Feedback
X

Feedback for Dagstuhl Publishing


Thanks for your feedback!

Feedback submitted

Could not send message

Please try again later or send an E-mail
© 2023-2025 Schloss Dagstuhl – LZI GmbH About DROPS Imprint Privacy Contact