Privacy-Preserving Data Aggregation without Secure Channel: Multivariate Polynomial Evaluation Taeho Jung 1, XuFei Mao 2, Xiang-Yang Li 1, Shao-Jie Tang.

Slides:

Advertisements

Similar presentations

Polylogarithmic Private Approximations and Efficient Matching

Advertisements

Revisiting the efficiency of malicious two party computation David Woodruff MIT.

Attacking Cryptographic Schemes Based on Perturbation Polynomials Martin Albrecht (Royal Holloway), Craig Gentry (IBM), Shai Halevi (IBM), Jonathan Katz.

Ulams Game and Universal Communications Using Feedback Ofer Shayevitz June 2006.

Lindsey Bleimes Charlie Garrod Adam Meyerson

I have a DREAM! (DiffeRentially privatE smArt Metering) Gergely Acs and Claude Castelluccia {gergely.acs, INRIA 2011.

Yan Huang, David Evans, Jonathan Katz

Henry C. H. Chen and Patrick P. C. Lee

ITIS 6200/ Secure multiparty computation – Alice has x, Bob has y, we want to calculate f(x, y) without disclosing the values – We can only do.

Rational Oblivious Transfer KARTIK NAYAK, XIONG FAN.

Amortizing Garbled Circuits Yan Huang, Jonathan Katz, Alex Malozemoff (UMD) Vlad Kolesnikov (Bell Labs) Ranjit Kumaresan (Technion) Cut-and-Choose Yao-Based.

Li Xiong CS573 Data Privacy and Security Privacy Preserving Data Mining – Secure multiparty computation and random response techniques.

How Much Anonymity does Network Latency Leak? Paper by: Nicholas Hopper, Eugene Vasserman, Eric Chan-Tin Presented by: Dan Czerniewski October 3, 2011.

Efficiency concerns in Privacy Preserving methods Optimization of MASK Shipra Agrawal.

What Crypto Can Do for You: Solutions in Search of Problems Anna Lysyanskaya Brown University.

General Cryptographic Protocols (aka secure multi-party computation) Oded Goldreich Weizmann Institute of Science.

Yan Huang, Jonathan Katz, David Evans University of Maryland, University of Virginia Efficient Secure Two-Party Computation Using Symmetric Cut-and-Choose.

Statistical Full-Chip Leakage Analysis Considering Junction Tunneling Leakage Tao Li Zhiping Yu Institute of Microelectronics Tsinghua University.

Multi-Variate Analysis of Mobility Models for Network Protocol Performance Evaluation Carey Williamson Nayden Markatchev

CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.

An architecture for Privacy Preserving Mining of Client Information Jaideep Vaidya Purdue University This is joint work with Murat.

Privacy-Preserving Cross-Domain Network Reachability Quantification

Secure Localization using Dynamic Verifiers Nashad A. Safa Joint Work With S. Sarkar, R. Safavi-Naini and M.Ghaderi.

Privacy Preserving K-means Clustering on Vertically Partitioned Data Presented by: Jaideep Vaidya Joint work: Prof. Chris Clifton.

Jointly Restraining Big Brother: Using cryptography to reconcile privacy with data aggregation Ran Canetti IBM Research.

1 Introduction to Secure Computation Benny Pinkas HP Labs, Princeton.

Privacy-Preserving Computation and Verification of Aggregate Queries on Outsourced Databases Brian Thompson 1, Stuart Haber 2, William G. Horne 2, Tomas.

Parallel Computation in Biological Sequence Analysis Xue Wu CMSC 838 Presentation.

Privacy Preserving Data Mining Yehuda Lindell & Benny Pinkas.

Privacy Preserving Data Mining: An Overview and Examination of Euclidean Distance Preserving Data Transformation Chris Giannella cgiannel AT acm DOT org.

Privacy Preserving Learning of Decision Trees Benny Pinkas HP Labs Joint work with Yehuda Lindell (done while at the Weizmann Institute)

Privacy-Preserving Data Mining Rakesh Agrawal Ramakrishnan Srikant IBM Almaden Research Center 650 Harry Road, San Jose, CA Published in: ACM SIGMOD.

CS573 Data Privacy and Security

Transfer Learning From Multiple Source Domains via Consensus Regularization Ping Luo, Fuzhen Zhuang, Hui Xiong, Yuhong Xiong, Qing He.

Efficient and Robust Private Set Intersection and multiparty multivariate polynomials Dana Dachman-Soled 1, Tal Malkin 1, Mariana Raykova 1, Moti Yung.

A Secure Protocol for Computing Dot-products in Clustered and Distributed Environments Ioannis Ioannidis, Ananth Grama and Mikhail Atallah Purdue University.

Overview of Privacy Preserving Techniques.  This is a high-level summary of the state-of-the-art privacy preserving techniques and research areas  Focus.

1 Privacy-Preserving Distributed Information Sharing Nan Zhang and Wei Zhao Texas A&M University, USA.

Secure Computation of the k’th Ranked Element Gagan Aggarwal Stanford University Joint work with Nina Mishra and Benny Pinkas, HP Labs.

Secure Cloud Database using Multiparty Computation.

Secure Incremental Maintenance of Distributed Association Rules.

On the Practical Feasibility of Secure Distributed Computing A Case Study Gregory Neven, Frank Piessens, Bart De Decker Dept. of Computer Science, K.U.Leuven.

Cryptographic methods for privacy aware computing: applications.

Hiding in the Mobile Crowd: Location Privacy through Collaboration.

Secure two-party computation: a visual way by Paolo D’Arco and Roberto De Prisco.

Statistical Sampling-Based Parametric Analysis of Power Grids Dr. Peng Li Presented by Xueqian Zhao EE5970 Seminar.

Cryptanalysis and Improvement of an Access Control in User Hierarchy Based on Elliptic Curve Cryptosystem Reporter : Tzer-Long Chen Information Sciences.

Privacy-Preserving Credit Checking Keith Frikken, Mikhail Atallah, and Chen Zhang Purdue University June 7, 2005.

Introduction to Quantum Key Distribution

Randomization in Privacy Preserving Data Mining Agrawal, R., and Srikant, R. Privacy-Preserving Data Mining, ACM SIGMOD’00 the following slides include.

Privacy-preserving rule mining. Outline  A brief introduction to association rule mining  Privacy preserving rule mining Single party  Perturbation.

Privacy Preserving Payments in Credit Networks By: Moreno-Sanchez et al from Saarland University Presented By: Cody Watson Some Slides Borrowed From NDSS’15.

Copyright 2012, Toshiba Corporation. A Survey on the Algebraic Surface Cryptosystems Koichiro Akiyama ( TOSHIBA Corporation ) Joint work with Prof. Yasuhiro.

1 Privacy Preserving Data Mining Introduction August 2 nd, 2013 Shaibal Chakrabarty.

Lecture 17 Page 1 CS 236 Online Onion Routing Meant to handle issue of people knowing who you’re talking to Basic idea is to conceal sources and destinations.

Security Analysis of a Privacy-Preserving Decentralized Key-Policy Attribute-Based Encryption Scheme.

Private Information Retrieval Based on the talk by Yuval Ishai, Eyal Kushilevitz, Tal Malkin.

Security Methods for Statistical Databases. Introduction  Statistical Databases containing medical information are often used for research  Some of.

Privacy Preserving Outlier Detection using Locality Sensitive Hashing

Multi-Party Computation r n parties: P 1,…,P n  P i has input s i  Parties want to compute f(s 1,…,s n ) together  P i doesn’t want any information.

MPC and Verifiable Computation on Committed Data

Handbook of Applied Cryptography - CH8, Public-Key Encryption

Privacy and Fault-Tolerance in Distributed Optimization Nitin Vaidya University of Illinois at Urbana-Champaign.

CS573 Data Privacy and Security

A Privacy-Preserving Index for Range Queries

CAE: A Collusion Attack against Privacy-preserving Data Aggregation Schemes Wei Yang University of Science and Technology of China (USTC) Contact Me.

Provable Security at Implementation-level

Helen: Maliciously Secure Coopetitive Learning for Linear Models

Determining the capacity of any quantum computer to perform a useful computation Joel Wallman Quantum Resource Estimation June 22, 2019.

A Light-weight Oblivious Transfer Protocol Based on Channel Noise

Presentation transcript:

Privacy-Preserving Data Aggregation without Secure Channel: Multivariate Polynomial Evaluation Taeho Jung 1, XuFei Mao 2, Xiang-Yang Li 1, Shao-Jie Tang 1, Wei Gong 2, Lan Zhang 2 Illinois Institute of Technology, Chicago 1 Tsinghua University, Beijing 2 1

Motivation Calculating average salary of a company? 2

Motivation Calculating average salary of a company? Getting a global behavioral feature of a group? 3

Motivation Calculating average salary of a company? Getting a global behavioral feature of a group? Analyze statistics on sensitive individual data? – Personalized ad – Medical statistics 4

Motivation Calculating average salary of a company? Getting a global behavioral feature of a group? Analyze statistics on sensitive individual data? 5 Privacy-preserving data mining is needed!

Problem description 6 x1 x2 without disclosing x i to each other.

Adversaries Semi-honest (or passive) adversary: Correctly follows the protocol specification and do not collude with each other, yet attempts to learn additional information by eavesdropping/analyzing the messages.

Approaches Cryptographic approaches – SMC Change the data precision – Coarse grained values Change the data accuracy by perturbation – Value distortion Data separation 8

Related Work: SMC 9 High Complexity & Frequent Interactions 1987 G,M,W

Garbled Circuit Andrew C. Yao 1986

Oblivious Transfer 11 Shimon Even, Oded Goldreich, and Abraham Lempel 1985

Randomized Approach: add noise Original values x 1, x 2,..., x n – from probability distribution X (unknown) To hide these values, we use y 1, y 2,..., y n – from probability distribution Y (known) Given – x 1 +y 1, x 2 +y 2,..., x n +y n – the probability distribution of Y Estimate the probability distribution of X.

All implemented in secure channel Efficient Alternates: Data separation There are some existing works not using SMC Clifton et al. etc … 13 X_11X_12X_13X_14 X_21X_22X_23X_24 X_31X_32X_33X_34 X_41X_42X_43X_44 x1 y1 x2 x3 x4

Our Contributions Unsecured channel: Our communication channels are open to anyone, and we can still achieve privacy and security. Low computation overhead: Run time (computation only) is times less than SMC. 14

Our solution in a nutshell Polynomial = Multiplications ( * ) & Additions (+) Inspired by the observation : Multi-party Product & Sum calculation protocols Design two novel protocols Fast & light, secure in any insecure channel Aggregator can be untrusted Advantages : 15

Product Protocol 16 Integers, modulo P

Sum Protocol 17 Use product protocol

Put All Together Combine product and sum protocols to achieve general multivariate polynomial operation: Provable privacy preserving – Entropy, hardness 18

Run time comparison 19 Gates Run time (ms) additions in our schemes are equivalent to a 1066-gate circuit. FairplayMP by Ben et al. (SMC implementation) Our run time : 72.2 microseconds.

Conclusion & Future Work Privacy-Preserving Data Aggregation – Product Protocol – Sum Protocol – Can be used for privacy-preserving computation & data mining – Efficient & non-approximate Future Work – Minimizing information leakage – Defend against collusion attack 20

21