Download presentation
Presentation is loading. Please wait.
Published bySydney Butler Modified over 8 years ago
1
Privacy-Preserving Data Aggregation without Secure Channel: Multivariate Polynomial Evaluation Taeho Jung 1, XuFei Mao 2, Xiang-Yang Li 1, Shao-Jie Tang 1, Wei Gong 2, Lan Zhang 2 Illinois Institute of Technology, Chicago 1 Tsinghua University, Beijing 2 1
2
Motivation Calculating average salary of a company? 2
3
Motivation Calculating average salary of a company? Getting a global behavioral feature of a group? 3
4
Motivation Calculating average salary of a company? Getting a global behavioral feature of a group? Analyze statistics on sensitive individual data? – Personalized ad – Medical statistics 4
5
Motivation Calculating average salary of a company? Getting a global behavioral feature of a group? Analyze statistics on sensitive individual data? 5 Privacy-preserving data mining is needed!
6
Problem description 6 x1 x2 without disclosing x i to each other.
7
Adversaries Semi-honest (or passive) adversary: Correctly follows the protocol specification and do not collude with each other, yet attempts to learn additional information by eavesdropping/analyzing the messages.
8
Approaches Cryptographic approaches – SMC Change the data precision – Coarse grained values Change the data accuracy by perturbation – Value distortion Data separation 8
9
Related Work: SMC 9 High Complexity & Frequent Interactions 1987 G,M,W
10
Garbled Circuit 10 00 01 10 11 Andrew C. Yao 1986
11
Oblivious Transfer 11 Shimon Even, Oded Goldreich, and Abraham Lempel 1985
12
Randomized Approach: add noise Original values x 1, x 2,..., x n – from probability distribution X (unknown) To hide these values, we use y 1, y 2,..., y n – from probability distribution Y (known) Given – x 1 +y 1, x 2 +y 2,..., x n +y n – the probability distribution of Y Estimate the probability distribution of X.
13
All implemented in secure channel Efficient Alternates: Data separation There are some existing works not using SMC Clifton et al. etc … 13 X_11X_12X_13X_14 X_21X_22X_23X_24 X_31X_32X_33X_34 X_41X_42X_43X_44 x1 y1 x2 x3 x4
14
Our Contributions Unsecured channel: Our communication channels are open to anyone, and we can still achieve privacy and security. Low computation overhead: Run time (computation only) is 10-1000 times less than SMC. 14
15
Our solution in a nutshell Polynomial = Multiplications ( * ) & Additions (+) Inspired by the observation : Multi-party Product & Sum calculation protocols Design two novel protocols Fast & light, secure in any insecure channel Aggregator can be untrusted Advantages : 15
16
Product Protocol 16 Integers, modulo P
17
Sum Protocol 17 Use product protocol
18
Put All Together Combine product and sum protocols to achieve general multivariate polynomial operation: Provable privacy preserving – Entropy, hardness 18
19
Run time comparison 19 Gates641282565121024 Run time (ms) 1302344407701394 26 additions in our schemes are equivalent to a 1066-gate circuit. FairplayMP by Ben et al. (SMC implementation) Our run time : 72.2 microseconds.
20
Conclusion & Future Work Privacy-Preserving Data Aggregation – Product Protocol – Sum Protocol – Can be used for privacy-preserving computation & data mining – Efficient & non-approximate Future Work – Minimizing information leakage – Defend against collusion attack 20
21
21 www.iit.edu/~tjung www.cs.iit.edu/~winet/index.html
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.