Inferensys

Glossary

PSI Cardinality

A private set intersection variant that reveals only the size of the intersection to one or both parties, without disclosing the actual intersecting elements themselves.
Legal team reviewing EU AI Act compliance documents on laptop in modern office, coffee cups and papers on table, casual meeting.
PRIVACY-PRESERVING ANALYTICS

What is PSI Cardinality?

PSI Cardinality is a privacy-preserving protocol that reveals only the size of the intersection between two private datasets, without disclosing the actual intersecting elements themselves.

PSI Cardinality is a variant of Private Set Intersection where the protocol's output is strictly limited to the integer count of common elements shared by two parties. Unlike standard PSI, which reveals the specific matching identifiers, cardinality-only protocols mathematically guarantee that no information about the individual elements—whether in the intersection or unique to either set—is leaked to the counterparty. This is achieved through cryptographic techniques such as homomorphic encryption or oblivious transfer that compute the sum of matches without decrypting the underlying payloads.

This primitive is critical for privacy-compliant business analytics, such as measuring audience overlap between two advertising platforms without exposing user-level data, or determining the number of shared patients across medical institutions for epidemiological studies. By combining PSI-Sum protocols with secret-shared counting mechanisms, PSI Cardinality provides a provable privacy guarantee where the final output is a single aggregate integer, making it a foundational tool for differential privacy budgeting and secure multi-party collaborative reporting.

PRIVACY-PRESERVING ANALYTICS

Key Features of PSI Cardinality

PSI Cardinality protocols reveal only the size of the intersection between two private datasets, enabling privacy-safe audience measurement and overlap analytics without exposing any individual data points.

02

Key Use Cases

The ability to measure overlap size without revealing identities unlocks critical business applications:

  • Advertising Conversion Tracking: Measuring audience overlap between an advertiser's customer list and a publisher's audience without exposing user-level data.
  • Contact Discovery Sizing: A messaging app can tell a user how many of their contacts are on the platform before revealing specific identities.
  • Federated Analytics: Healthcare networks can measure patient cohort overlap across institutions for epidemiological studies without sharing patient records.
03

Cryptographic Foundations

Modern PSI Cardinality protocols are built on efficient primitives:

  • Oblivious Transfer (OT): Forms the basis for secure comparison operations.
  • Cuckoo Hashing: Maps set elements into bins to reduce the number of required comparisons.
  • Homomorphic Encryption (HE): Allows one party to compute the intersection size directly on encrypted data, often used in unbalanced settings where one set is much smaller.
  • Diffie-Hellman (DH): Classical DH-based PSI can be adapted to reveal only cardinality by shuffling and masking the intersection.
04

Security Guarantees

PSI Cardinality protocols can be proven secure under different adversarial models:

  • Semi-Honest Security: Assumes parties follow the protocol correctly but may try to infer additional information from the transcript. This is the most common and efficient model.
  • Malicious Security: Protects against adversaries that arbitrarily deviate from the protocol. Achieved through zero-knowledge proofs or cut-and-choose techniques, at a higher computational cost.
  • Leakage Profile: The protocol intentionally leaks the intersection size. A secure protocol ensures nothing beyond this cardinality is revealed.
05

Performance Characteristics

PSI Cardinality is generally more efficient than full PSI because the final intersection elements do not need to be communicated or verified. Key performance metrics include:

  • Communication Complexity: Often linear in the size of the smaller set, O(n), but with very small constants.
  • Computational Overhead: Dominated by the number of OT or HE operations. Protocols using VOLE (Vector Oblivious Linear Evaluation) can process millions of items per second.
  • Unbalanced Optimization: Highly efficient when one set is significantly smaller (e.g., a client's 1,000 contacts vs. a server's 100 million users).
06

PSI Cardinality vs. PSI-Sum

While both reveal aggregate information, they serve distinct purposes:

  • PSI Cardinality: Outputs the count of intersecting elements. |X ∩ Y|.
  • PSI-Sum: Outputs the sum of associated values for the intersecting elements. For example, the total transaction value of shared customers.
  • Labeled PSI Cardinality: A hybrid where one party learns the cardinality of the intersection for each label in a predefined set of categories, enabling segmented overlap analysis.
PSI CARDINALITY

Frequently Asked Questions

Clear, technically precise answers to the most common questions about private set intersection cardinality protocols, their security models, and real-world deployment considerations.

PSI Cardinality is a variant of private set intersection that reveals only the size of the intersection (i.e., the integer count of common elements) to one or both parties, without disclosing the actual intersecting elements themselves. In standard PSI, the receiving party learns the full set of overlapping items, which can leak sensitive information when the intersection is small or contains uniquely identifiable records. PSI Cardinality provides a strictly weaker leakage profile—the output is a single integer rather than a set—making it suitable for scenarios where the mere count of common records is sufficient, such as measuring audience overlap in advertising, computing epidemiological statistics, or performing privacy-preserving database deduplication. The cryptographic constructions for cardinality often build on the same primitives as standard PSI (e.g., oblivious pseudorandom functions or garbled circuits) but add a final secure aggregation step that sums the matching indicators without revealing which specific elements matched. This distinction is critical for compliance with data minimization principles in regulations like GDPR, where revealing the intersection set itself might constitute a disclosure of personal data, while the aggregate count may not.

Prasad Kumkar

About the author

Prasad Kumkar

CEO & MD, Inference Systems

Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.

His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.