Although several wide-spread internet applications (e.g., job-referral services, dating services) can benefit from online matchmaking, protocols defined over the past two decades fail to address important privacy concerns. In this paper, we enhance traditional privacy requirements (e.g., user anonymity, matching-wish authenticity) with new privacy goals (e.g., resistance to off-line dictionary attacks, and forward privacy of users' identities and matching wishes), and argue that

more »

... matchmaking cannot be provided by solutions to seemingly related problems such as secret handshakes, set intersection, and trust negotiation. We define an adversary model, which captures the key security properties of privacy-enhanced matchmaking, and show that a simple, practical protocol derived by a two-step transformation of a password-based authenticated key exchange counters adversary attacks in a provable manner (in the standard model of cryptographic security).