Inferensys

Glossary

Private Set Intersection Cardinality (PSI-CA)

A cryptographic protocol that allows two parties to learn only the size of the intersection of their private sets, often used as a building block for private blocking in PPRL.
Strategy consultant facilitating AI use case discovery workshop, sticky notes on glass wall, casual corporate meeting.
CRYPTOGRAPHIC PROTOCOL

What is Private Set Intersection Cardinality (PSI-CA)?

A cryptographic protocol that allows two parties to learn only the size of the intersection of their private sets, often used as a building block for private blocking in PPRL.

Private Set Intersection Cardinality (PSI-CA) is a cryptographic protocol that enables two parties, each holding a private set of elements, to jointly compute the size of their set intersection without revealing any information about the elements that are not shared. Unlike full Private Set Intersection (PSI), which discloses the common elements themselves, PSI-CA reveals only the integer count of overlapping items, providing a strictly weaker but often sufficient leakage profile for privacy-preserving applications.

In Privacy-Preserving Record Linkage (PPRL), PSI-CA serves as a critical building block for private blocking by allowing data custodians to estimate the overlap of encoded record blocks without exposing the underlying identifiers. This enables efficient, privacy-compliant pre-filtering of candidate record pairs, drastically reducing the computational overhead of subsequent secure comparison protocols while maintaining formal cryptographic guarantees against data exposure.

Protocol Fundamentals

Key Properties of PSI-CA

Private Set Intersection Cardinality (PSI-CA) is a cryptographic protocol that reveals only the intersection size of two private sets. It is a fundamental building block for private blocking in PPRL, enabling parties to gauge overlap without exposing specific elements.

01

Output: Cardinality Only

The defining property of PSI-CA is its minimal information leakage. The protocol output is strictly the integer |X ∩ Y|.

  • Neither party learns which specific elements are in the intersection.
  • Neither party learns any elements unique to the other's set.
  • This contrasts with standard PSI, which reveals the intersection's contents.
02

Cryptographic Guarantee

PSI-CA protocols are built on standard cryptographic hardness assumptions to ensure security against semi-honest or malicious adversaries.

  • Common foundations include Diffie-Hellman key exchange, Oblivious Transfer (OT) , and Homomorphic Encryption (HE) .
  • The protocol simulates an ideal functionality where a trusted third party computes and reveals only the count.
03

Computational Efficiency

PSI-CA is significantly more efficient than full PSI, as it avoids the overhead of securely revealing the intersection's contents.

  • Linear complexity: Many modern protocols scale linearly, O(n), with the size of the sets.
  • Communication cost: The output is a single integer, resulting in a constant or very small communication overhead compared to protocols that output a full set.
04

Role in Private Blocking

In Privacy-Preserving Record Linkage (PPRL), PSI-CA is used to privately evaluate the quality of blocking keys.

  • Data custodians can compute the overlap size of records sharing a specific blocking key without revealing the records themselves.
  • This allows for utility-aware blocking: parties can iteratively refine blocking strategies based on the cardinality of the resulting blocks, ensuring neither under-partitioning nor over-partitioning, all while maintaining cryptographic privacy.
05

Adversarial Model Resistance

Robust PSI-CA protocols are designed to resist various adversarial behaviors beyond the semi-honest model.

  • Malicious security: Ensures a cheating party cannot learn anything beyond the intersection size, even by deviating from the protocol.
  • Input validation: Prevents a party from using a malformed or inflated set to probe the size of the other party's set, a critical consideration for production deployment.
06

Differential Privacy Integration

To further bound information leakage, PSI-CA can be combined with Differential Privacy (DP) .

  • Instead of the exact cardinality, the protocol releases a noisy count by adding calibrated Laplace or Gaussian noise.
  • This prevents an attacker from inferring the presence or absence of a single specific element by observing changes in the intersection size across multiple queries, providing a formal privacy budget.
PROTOCOL COMPARISON

PSI-CA vs. Standard PSI

A technical comparison of Private Set Intersection Cardinality (PSI-CA) against standard Private Set Intersection (PSI), highlighting the fundamental differences in output, security guarantees, and computational trade-offs.

FeatureStandard PSIPSI-CA

Primary Output

The actual intersection set (X ∩ Y)

Only the cardinality |X ∩ Y|

Reveals Matching Elements

Reveals Intersection Size

Reveals Non-Matching Elements

Typical Use Case

Contact discovery, private messaging

Private blocking for PPRL, audience overlap measurement

Information Leakage

Higher (reveals shared items)

Lower (reveals only aggregate count)

Computational Overhead

Higher (O(n log n) with data transfer)

Lower (O(n) with minimal output)

Post-Protocol Utility

Shared elements usable for downstream tasks

Count used for threshold-based decisions or blocking key selection

PSI-CA EXPLAINED

Frequently Asked Questions

Clear, technical answers to the most common questions about Private Set Intersection Cardinality protocols and their role in privacy-preserving record linkage.

Private Set Intersection Cardinality (PSI-CA) is a cryptographic protocol that allows two parties to compute only the size of the intersection of their private sets without revealing any information about the elements themselves, including which specific items are shared or unique to either party. The protocol operates by having each party encode their set elements into a cryptographically protected representation—commonly using homomorphic encryption, oblivious transfer, or committed oblivious pseudo-random function (OPRF) techniques. The parties then engage in an interactive computation where the final output is a single integer representing the cardinality of the intersection. Crucially, a well-designed PSI-CA protocol reveals nothing beyond this cardinality: Party A learns nothing about Party B's unique elements, and vice versa. This distinguishes PSI-CA from full Private Set Intersection (PSI), where the parties learn the actual intersecting elements. Implementations vary in their underlying primitives, with modern constructions leveraging Cuckoo hashing and polynomial interpolation to achieve linear communication complexity, making them practical for sets containing millions of records.

Prasad Kumkar

About the author

Prasad Kumkar

CEO & MD, Inference Systems

Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.

His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.