PSI Cardinality is a variant of Private Set Intersection where the protocol's output is strictly limited to the integer count of common elements shared by two parties. Unlike standard PSI, which reveals the specific matching identifiers, cardinality-only protocols mathematically guarantee that no information about the individual elements—whether in the intersection or unique to either set—is leaked to the counterparty. This is achieved through cryptographic techniques such as homomorphic encryption or oblivious transfer that compute the sum of matches without decrypting the underlying payloads.
Glossary
PSI Cardinality

What is PSI Cardinality?
PSI Cardinality is a privacy-preserving protocol that reveals only the size of the intersection between two private datasets, without disclosing the actual intersecting elements themselves.
This primitive is critical for privacy-compliant business analytics, such as measuring audience overlap between two advertising platforms without exposing user-level data, or determining the number of shared patients across medical institutions for epidemiological studies. By combining PSI-Sum protocols with secret-shared counting mechanisms, PSI Cardinality provides a provable privacy guarantee where the final output is a single aggregate integer, making it a foundational tool for differential privacy budgeting and secure multi-party collaborative reporting.
Key Features of PSI Cardinality
PSI Cardinality protocols reveal only the size of the intersection between two private datasets, enabling privacy-safe audience measurement and overlap analytics without exposing any individual data points.
Key Use Cases
The ability to measure overlap size without revealing identities unlocks critical business applications:
- Advertising Conversion Tracking: Measuring audience overlap between an advertiser's customer list and a publisher's audience without exposing user-level data.
- Contact Discovery Sizing: A messaging app can tell a user how many of their contacts are on the platform before revealing specific identities.
- Federated Analytics: Healthcare networks can measure patient cohort overlap across institutions for epidemiological studies without sharing patient records.
Cryptographic Foundations
Modern PSI Cardinality protocols are built on efficient primitives:
- Oblivious Transfer (OT): Forms the basis for secure comparison operations.
- Cuckoo Hashing: Maps set elements into bins to reduce the number of required comparisons.
- Homomorphic Encryption (HE): Allows one party to compute the intersection size directly on encrypted data, often used in unbalanced settings where one set is much smaller.
- Diffie-Hellman (DH): Classical DH-based PSI can be adapted to reveal only cardinality by shuffling and masking the intersection.
Security Guarantees
PSI Cardinality protocols can be proven secure under different adversarial models:
- Semi-Honest Security: Assumes parties follow the protocol correctly but may try to infer additional information from the transcript. This is the most common and efficient model.
- Malicious Security: Protects against adversaries that arbitrarily deviate from the protocol. Achieved through zero-knowledge proofs or cut-and-choose techniques, at a higher computational cost.
- Leakage Profile: The protocol intentionally leaks the intersection size. A secure protocol ensures nothing beyond this cardinality is revealed.
Performance Characteristics
PSI Cardinality is generally more efficient than full PSI because the final intersection elements do not need to be communicated or verified. Key performance metrics include:
- Communication Complexity: Often linear in the size of the smaller set, O(n), but with very small constants.
- Computational Overhead: Dominated by the number of OT or HE operations. Protocols using VOLE (Vector Oblivious Linear Evaluation) can process millions of items per second.
- Unbalanced Optimization: Highly efficient when one set is significantly smaller (e.g., a client's 1,000 contacts vs. a server's 100 million users).
PSI Cardinality vs. PSI-Sum
While both reveal aggregate information, they serve distinct purposes:
- PSI Cardinality: Outputs the count of intersecting elements. |X ∩ Y|.
- PSI-Sum: Outputs the sum of associated values for the intersecting elements. For example, the total transaction value of shared customers.
- Labeled PSI Cardinality: A hybrid where one party learns the cardinality of the intersection for each label in a predefined set of categories, enabling segmented overlap analysis.
Enabling Efficiency, Speed & Accuracy
Intelligent Analysis, Decision & Execution
We build AI systems for teams that need search across company data, workflow automation across tools, or AI features inside products and internal software.
Talk to Us
Search across company data
Give teams answers from docs, tickets, runbooks, and product data with sources and permissions.
Useful when people spend too long searching or get different answers from different systems.

Automate internal workflows
Use AI to route work, draft outputs, trigger actions, and keep approvals and logs in place.
Useful when repetitive work moves across multiple tools and teams.

Add AI to products and internal tools
Build assistants, guided actions, or decision support into the software your team or customers already use.
Useful when AI needs to be part of the product, not a separate tool.
Frequently Asked Questions
Clear, technically precise answers to the most common questions about private set intersection cardinality protocols, their security models, and real-world deployment considerations.
PSI Cardinality is a variant of private set intersection that reveals only the size of the intersection (i.e., the integer count of common elements) to one or both parties, without disclosing the actual intersecting elements themselves. In standard PSI, the receiving party learns the full set of overlapping items, which can leak sensitive information when the intersection is small or contains uniquely identifiable records. PSI Cardinality provides a strictly weaker leakage profile—the output is a single integer rather than a set—making it suitable for scenarios where the mere count of common records is sufficient, such as measuring audience overlap in advertising, computing epidemiological statistics, or performing privacy-preserving database deduplication. The cryptographic constructions for cardinality often build on the same primitives as standard PSI (e.g., oblivious pseudorandom functions or garbled circuits) but add a final secure aggregation step that sums the matching indicators without revealing which specific elements matched. This distinction is critical for compliance with data minimization principles in regulations like GDPR, where revealing the intersection set itself might constitute a disclosure of personal data, while the aggregate count may not.
Related Terms
Explore the foundational protocols, security models, and related variants that define how PSI Cardinality operates within the broader landscape of private set intersection.
PSI-Sum
A direct extension of PSI Cardinality that reveals the sum of associated values for intersecting elements rather than just the count. While cardinality answers 'how many users overlap?', PSI-Sum answers 'what is the total transaction volume of overlapping users?'. This is critical for privacy-preserving aggregate analytics in finance and advertising where the intersection itself is sensitive but aggregate metrics are actionable.
Semi-Honest Security
The baseline threat model for most efficient PSI Cardinality protocols. Assumes parties follow the protocol correctly but may try to learn additional information from the transcript. In cardinality-only protocols, this is often sufficient because the output is a single integer, limiting what a passive adversary can infer. Contrasts with malicious security, which adds overhead to prevent active cheating.
Oblivious Pseudorandom Function (OPRF)
A core building block for modern PSI Cardinality protocols. An OPRF allows a client to evaluate a pseudorandom function keyed by the server on its private input without the server learning the input. In cardinality protocols, OPRFs are used to hash both parties' sets into a common domain where the size of the intersection can be computed without revealing the elements themselves.
Asymmetric PSI
A PSI variant where only one party learns the output. In the context of cardinality, this often means the client learns the intersection size while the server learns nothing. This is the standard model for contact discovery applications: a user discovers how many of their contacts are on a platform without the platform learning the user's address book. Asymmetric cardinality is typically more efficient than symmetric variants.
Communication Complexity
A critical performance metric for PSI Cardinality protocols, measuring the total data exchanged between parties. Cardinality-only protocols can achieve significantly lower communication than full PSI because they transmit only a count rather than the entire intersection set. State-of-the-art protocols achieve communication that is linear only in the smaller set size, making them practical for highly unbalanced scenarios like mobile devices querying large server databases.
Malicious Security
The stronger adversarial model where parties may arbitrarily deviate from the protocol to learn unauthorized information or corrupt the output. In PSI Cardinality, a malicious client might try to inflate the count, or a malicious server might attempt to learn which specific elements the client holds. Achieving malicious security in cardinality protocols typically requires zero-knowledge proofs or cut-and-choose techniques, adding computational overhead but providing the strongest practical guarantees.

About the author
Prasad Kumkar
CEO & MD, Inference Systems
Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.
His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.
Partnered with leading AI, data, and software stack.
How We Work
Custom AI workflows for your Business
One-fit-all AI don't work for modern businesses. At Inferensys, we aim to understand your business & custom requirements; which we use to define most efficient agentic workflows, the data, and the tools for your business.
01
Review the use case
We understand the task, the users, and where AI can actually help.
Read more02
Pick the right approach
We define what needs search, automation, or product integration.
Read more03
Build the first useful version
We implement the part that proves the value first.
Read more04
Improve from there
We add the checks and visibility needed to keep it useful.
Read moreThe first call is a practical review of your use case and the right next step.
Talk to Us