Privacy Computing Cross‑Platform Interoperability Open Protocol v2.0 (ECDH‑PSI): Overview and Key Enhancements

Privacy computing is a crucial technology for balancing data circulation and security, enabling data fusion across different platforms. Interoperability reduces deployment costs of privacy‑computing products and supports large‑scale applications, helping to build foundational infrastructure for data element circulation.

An open protocol is a collection of transparent algorithm specifications. By clearly defining each algorithm’s computation flow and interaction information, platforms can independently implement the algorithms and achieve cross‑platform interoperability. The open protocol offers advantages such as transparency, controllable algorithm security, easy extensibility for integrators, and reduced audit costs.

When selecting an algorithm protocol, several factors should be considered: high usage frequency and universality across industries, proven maturity in existing privacy‑computing products, and strong security because privacy computing safeguards data in transit. It is essential to choose widely accepted and validated secure algorithms, and also evaluate efficiency, scalability, reliability, and stability to handle large data sets, support high concurrency, and operate stably under diverse conditions.

On July 26, the China Academy of Information and Communications Technology and the China Communications Society co‑hosted the 2023 Privacy Computing Conference in Chengyang District, Qingdao, jointly organized with local government and industry bodies. Eight entities, including Ant Group, China Mobile, China Unicom, China Telecom, Industrial and Commercial Bank of China, and others, jointly released “Privacy Computing Cross‑Platform Interoperability Open Protocol Part 1: ECDH‑PSI” v2.0 and its practice, marking the largest‑scale industry‑wide privacy‑computing interoperability effort to date.

Compared with the previous version, the v2.0 protocol introduces a HashToCurveStrategy option in the handshake stage, reorganizes ECC core parameters into a triple <Curve, Hash, HashToCurveStrategy> where each component is independently configurable, enhancing algorithm flexibility and extensibility. The protocol recommends that platforms implement at least two suites: <SM2, SM3, Try‑and‑Increment> and <Curve25519, SHA256, Direct‑Hash> , both offering 128‑bit security, with the former based on national standards and the latter on internationally popular cryptographic algorithms.

In the runtime phase, the 2.0 protocol adds point‑compression and secondary ciphertext truncation options, which can significantly reduce network traffic and noticeably improve performance for users with limited bandwidth.

Peng Jin, Deputy General Manager of Ant Group’s Technology Strategy Development Department, delivered a keynote titled “Exploring the Privacy Computing Interoperability Open Protocol” , introducing Ant’s work on PSI, SS‑LR, and TEE interoperability, and outlining future efforts on self‑describing component standards and an expanded open‑protocol suite.

During the conference, Ant’s three “privacy‑computing interoperability” cases were selected for the second batch of practice pilots by the Academy’s Privacy Computing Alliance: “Interoperability Practice Based on SS‑LR Open Algorithm Protocol”, “ECDH‑PSI Open Algorithm Protocol Improvement and Interoperability Practice”, and the black‑box “Morse and CMB Privacy Computing Interoperability Platform Collaboration Project”.