Computationally Secure Pattern Matching in the Presence of Malicious Adversaries

• Published in: Journal of cryptology Vol. 27; no. 2; pp. 358 - 395
• Main Authors: Hazay, Carmit, Toft, Tomas
• Format: Journal Article
• Language: English
• Published: Boston Springer US 2014; Springer; Springer Nature B.V
• Subjects: Applied sciences; Coding and Information Theory; Combinatorics; Communication; Communications Engineering; Computation; Computational Mathematics and Numerical Analysis; Computer Science; Computer simulation; Cryptography; Exact sciences and technology; Information, signal and communications theory; Networks; Operation, maintenance, reliability of teleprocessing networks; Pattern matching; Pattern recognition; Polynomials; Probability Theory and Stochastic Processes; Protocol; Signal and communications theory; Signal processing; Telecommunications; Telecommunications and information theory; Teleprocessing networks. Isdn; Upper bounds; Malicious adversary; Simulation-based security; Secure two-party computation; Pattern matching; Hamming distance; Exponentiation; Pattern recognition; Polynomial time; Upper bound; Simulation; Security of data; Public key cryptography; Bioinformatics; Private sector; Computer security
• ISSN: 0933-2790; 1432-1378
• DOI: 10.1007/s00145-013-9147-8

We propose a protocol for the problem of secure two-party pattern matching, where Alice holds a text t ∈{0,1} ∗ of length  n , while Bob has a pattern p ∈{0,1} ∗ of length  m . The goal is for Bob to (only) learn where his pattern occurs in Alice’s text, while Alice learns nothing. Private pattern matching is an important problem that has many applications in the area of DNA search, computational biology and more. Our construction guarantees full simulation in the presence of malicious, polynomial-time adversaries (assuming the hardness of DDH assumption) and exhibits computation and communication costs of O ( n + m ) group elements in a constant round complexity. This improves over previous work by Gennaro et al. (Public Key Cryptography, pp. 145–160, 2010 ) whose solution requires overhead of O ( nm ) group elements and exponentiations in O ( m ) rounds. In addition to the above, we propose a collection of protocols for important variations of the secure pattern matching problem that are significantly more efficient than the current state of art solutions: First, we deal with secure pattern matching with wildcards. In this variant the pattern may contain wildcards that match both 0 and 1. Our protocol requires O ( n + m ) communication and O (1) rounds using O ( nm ) computation. Then we treat secure approximate pattern matching. In this variant the matches may be approximated, i.e., have Hamming distance less than some threshold, τ . Our protocol requires O ( nτ ) communication in O (1) rounds using O ( nm ) computation. Third, we have secure pattern matching with hidden pattern length. Here, the length,  m , of Bob’s pattern remains a secret. Our protocol requires O ( n + M ) communication in O (1) rounds using O ( n + M ) computation, where M is an upper bound on  m . Finally, we have secure pattern matching with hidden text length. Finally, in this variant the length,  n , of Alice’s text remains a secret. Our protocol requires O ( N + m ) communication in O (1) rounds using O ( N + m ) computation, where N is an upper bound on  n .