Private set intersection (PSI) enables a sender holding a set $Q$ of size $m$ and a receiver holding a set $W$ of size $n$ to securely compute the intersection $Q \cap W$. Fuzzy PSI (FPSI) is a PSI variant where the receiver learns the items $q \in Q$ for which there exists some $w \in W$ satisfying $\mathsf{dist}(q, w) \le δ$ under a given distance metric. Although several FPSI works are proposed for $L_{p}$ distance metrics with $p \in [1, \infty]$, they either heavily rely on expensive homomorphic encryptions, or incur undesirable complexity, e.g., exponential to the element dimension, both of which lead to poor practical efficiency. In this work, we propose efficient FPSI protocols for $L_{p \in [1, \infty]}$ distance metrics, primarily leveraging significantly cheaper symmetric-key operations. Our protocols achieve linear communication and computation complexity in the set sizes $m,n$, the dimension $d$, and the distance threshold $δ$. Our core building block is an oblivious programmable PRF with secret-shared outputs, which may be of independent interest. Furthermore, we incorporate a prefix technique that reduces the dependence on the distance threshold $δ$ to logarithmic, which is particularly suitable for large $δ$. We implement our FPSI protocols and compare them with state-of-the-art constructions. Experimental results demonstrate that our protocols consistently and significantly outperform existing works across all settings. Specifically, our protocols achieve a speedup of $12{\sim}145\times$ in running time and a reduction of $3{\sim}8\times$ in communication cost compared to Gao et al.~(ASIACRYPT'24) and a speedup of $9{\sim}80\times$ in running time and a reduction of $5{\sim}19\times$ in communication cost compared to Dang et al.~(CCS'25).

翻译：隐私集合交集（PSI）使得持有大小为$m$的集合$Q$的发送方与持有大小为$n$的集合$W$的接收方能够安全计算交集$Q \cap W$。模糊PSI（FPSI）是PSI的一种变体，其中接收方学习到存在某个$w \in W$使得在给定距离度量下满足$\mathsf{dist}(q, w) \le δ$的所有元素$q \in Q$。尽管针对$p \in [1, \infty]$的$L_{p}$距离度量已提出若干FPSI工作，但这些方案要么严重依赖昂贵的同态加密，要么引入不良的复杂度（例如与元素维度成指数关系），两者均导致实际效率低下。在本工作中，我们针对$L_{p \in [1, \infty]}$距离度量提出了高效的FPSI协议，主要利用成本显著更低的对称密钥操作。我们的协议在集合大小$m$、$n$、维度$d$以及距离阈值$δ$上实现了线性通信与计算复杂度。我们的核心构建模块是具有秘密共享输出的不经意可编程PRF，该模块可能具有独立的研究价值。此外，我们引入了一种前缀技术，将对距离阈值$δ$的依赖降低至对数级别，特别适用于大$δ$的情况。我们实现了所提出的FPSI协议，并与现有最先进方案进行了对比。实验结果表明，在所有设置下，我们的协议一致且显著优于现有工作。具体而言，与Gao等人（ASIACRYPT'24）相比，我们的协议在运行时间上实现了$12{\sim}145\times$的加速，在通信开销上降低了$3{\sim}8\times$；与Dang等人（CCS'25）相比，在运行时间上实现了$9{\sim}80\times$的加速，在通信开销上降低了$5{\sim}19\times$。