Privacy-Preserving Publish/Subscribe: Efficient Protocols in a Distributed Model

We consider the problem of modeling and designing efficient and privacy-preserving publish/subscribe protocols in a distributed model where parties can act as publishers or subscribers or both, and there are no brokers or other types of parties. The problem is particularly challenging as privacy demands on such protocols come with efficiency limitations; most notably, the publisher must send messages as long as the publications to all parties, and the cryptographic techniques to perform the publish/subscribe match need to be based on asymmetric cryptographic operation which are known to be less efficient than their symmetric counterpart. Our main result is a distributed publish/subscribe protocol which addresses and essentially nullifies the impact of both efficiency limitations, without sacrificing the required privacy properties. Our construction is based on very efficient design of a novel cryptographic tool, of independent interest, called ‘hybrid conditional oblivious transfer protocol’, as it resembles hybrid encryption, where asymmetric encryption is only used to transfer a short key, which enables (much more efficient) symmetric encryption of a long message.