Earn While You Reveal: Private Set Intersection that Rewards Participants
Aydin Abadi
TL;DR
This work addresses the privacy-cost asymmetry in Private Set Intersection by introducing PSI that compensates participants for contributing their inputs. It formalizes two notions, PSI with Fair Compensation (PSI^FC) and PSI with Fair Compensation and Reward (PSI^FCR), and provides concrete constructions Justitia (PSI^FC) and Anesidora (PSI^FCR). The core ideas blend symmetric-key primitives, verifiable polynomial techniques, and smart contracts, using VOPR, ZSPA-A, and unforgeable polynomials to achieve security under active adversaries with linear scalability. The proposed framework enables reward-based participation, robust fairness guarantees, and practical applicability via blockchain-enabled enforcement, showing potential for broader adoption of MPC in real-world analytics. Overall, the paper advances incentive mechanisms for MPC and paves the way for reward-based, secure collaborative computation.
Abstract
In Private Set Intersection protocols (PSIs), a non-empty result always reveals something about the private input sets of the parties. Moreover, in various variants of PSI, not all parties necessarily receive or are interested in the result. Nevertheless, to date, the literature has assumed that those parties who do not receive or are not interested in the result still contribute their private input sets to the PSI for free, although doing so would cost them their privacy. In this work, for the first time, we propose a multi-party PSI, called "Anesidora", that rewards parties who contribute their private input sets to the protocol. Anesidora is efficient; it mainly relies on symmetric key primitives and its computation and communication complexities are linear with the number of parties and set cardinality. It remains secure even if the majority of parties are corrupted by active colluding adversaries.