1. bookVolume 2021 (2021): Issue 4 (October 2021)
Journal Details
License
Format
Journal
First Published
16 Apr 2015
Publication timeframe
4 times per year
Languages
English
access type Open Access

Private Stream Aggregation with Labels in the Standard Model

Published Online: 23 Jul 2021
Page range: 117 - 138
Received: 28 Feb 2021
Accepted: 16 Jun 2021
Journal Details
License
Format
Journal
First Published
16 Apr 2015
Publication timeframe
4 times per year
Languages
English
Abstract

A private stream aggregation (PSA) scheme is a protocol of n clients and one aggregator. At every time step, the clients send an encrypted value to the (untrusted) aggregator, who is able to compute the sum of all client values, but cannot learn the values of individual clients. One possible application of PSA is privacy-preserving smart-metering, where a power supplier can learn the total power consumption, but not the consumption of individual households. We construct a simple PSA scheme that supports labels and which we prove to be secure in the standard model. Labels are useful to restrict the access of the aggregator, because it prevents the aggregator from combining ciphertexts with different labels (or from different time-steps) and thus avoids leaking information about values of individual clients. The scheme is based on key-homomorphic pseudorandom functions (PRFs) as the only primitive, supports a large message space, scales well for a large number of users and has small ciphertexts. We provide an implementation of the scheme with a lattice-based key-homomorphic PRF (secure in the ROM) and measure the performance of the implementation. Furthermore, we discuss practical issues such as how to avoid a trusted party during the setup and how to cope with clients joining or leaving the system.

Keywords

[1] M. Abdalla, F. Benhamouda, and R. Gay. From single-input to multi-client inner-product functional encryption. In S. D. Galbraith and S. Moriai, editors, ASIACRYPT 2019, Proceedings, Part III, volume 11923 of LNCS, pages 552–582. Springer, 2019. 10.1007/978-3-030-34618-8_19. Search in Google Scholar

[2] M. Abdalla, F. Benhamouda, M. Kohlweiss, and H. Waldner. Decentralizing inner-product functional encryption. In D. Lin and K. Sako, editors, Public-Key Cryptography, PKC 2019, Proceedings, Part II, volume 11443 of LNCS, pages 128–157. Springer, 2019. 10.1007/978-3-030-17259-6_5. Search in Google Scholar

[3] G. Ács and C. Castelluccia. I have a DREAM! (DiffeRentially privatE smArt Metering). In T. Filler, T. Pevný, S. Craver, and A. D. Ker, editors, Information Hiding, IH 2011, volume 6958 of LNCS, pages 118–132. Springer, 2011. 10.1007/978-3-642-24178-9_9. Search in Google Scholar

[4] S. Agrawal, M. Clear, O. Frieder, S. Garg, A. O’Neill, and J. Thaler. Ad hoc multi-input functional encryption. In T. Vidick, editor, Innovations in Theoretical Computer Science Conference, ITCS 2020, volume 151 of LIPIcs, pages 40:1–40:41. Schloss Dagstuhl – Leibniz-Zentrum für Informatik, 2020. 10.4230/LIPIcs.ITCS.2020.40. Search in Google Scholar

[5] M. R. Albrecht, R. Player, and S. Scott. On the concrete hardness of Learning with Errors. Journal of Mathematical Cryptology, 9(3):169–203, 2015. 10.1515/jmc-2015-0016. Search in Google Scholar

[6] A. Banerjee and C. Peikert. New and improved key-homomorphic pseudorandom functions. In J. A. Garay and R. Gennaro, editors, CRYPTO 2014, Proceedings, Part I, volume 8616 of LNCS, pages 353–370. Springer, 2014. 10.1007/978-3-662-44371-2_20. Search in Google Scholar

[7] A. Banerjee, C. Peikert, and A. Rosen. Pseudorandom functions and lattices. In D. Pointcheval and T. Johansson, editors, EUROCRYPT 2012, Proceedings, volume 7237 of LNCS, pages 719–737. Springer, 2012. 10.1007/978-3-642-29011-4_42. Search in Google Scholar

[8] D. Becker and J. G. Merchan. Post-quantum secure private stream aggregation, Apr. 21 2020. URL https://patents.google.com/patent/US10630655B2/en. US Patent 10,630,655. Search in Google Scholar

[9] D. Becker, J. Guajardo, and K.-H. Zimmermann. Revisiting private stream aggregation: Lattice-based PSA. In NDSS 2018. The Internet Society, 2018. URL https://www.ndss-symposium.org/wp-content/uploads/2018/02/ndss201802B-3Beckerpaper.pdf. Search in Google Scholar

[10] F. Benhamouda, M. Joye, and B. Libert. A new framework for privacy-preserving aggregation of time-series data. ACM Transactions on Information and System Security (TISSEC), 18(3):10:1–10:21, 2016. 10.1145/2873069. Search in Google Scholar

[11] K. Bonawitz, V. Ivanov, B. Kreuter, A. Marcedone, H. B. McMahan, S. Patel, D. Ramage, A. Segal, and K. Seth. Practical secure aggregation for privacy-preserving machine learning. In B. M. Thuraisingham, D. Evans, T. Malkin, and D. Xu, editors, ACM SIGSAC Conference on Computer and Communications Security, CCS 2017, pages 1175–1191. ACM, 2017. 10.1145/3133956.3133982. Search in Google Scholar

[12] D. Boneh, K. Lewi, H. Montgomery, and A. Raghunathan. Key homomorphic prfs and their applications. In R. Canetti and J. A. Garay, editors, CRYPTO 2013, Proceedings, Part I, volume 8042 of LNCS, pages 410–428. Springer, 2013. 10.1007/978-3-642-40041-4_23. Search in Google Scholar

[13] D. Cash, E. Kiltz, and V. Shoup. The Twin Diffie-Hellman problem and applications. In N. P. Smart, editor, EURO-CRYPT 2008, Proceedings, volume 4965 of LNCS, pages 127–145. Springer, 2008. 10.1007/978-3-540-78967-3_8. Search in Google Scholar

[14] T.-H. H. Chan, E. Shi, and D. Song. Privacy-preserving stream aggregation with fault tolerance. In A. D. Keromytis, editor, Financial Cryptography and Data Security, FC 2012, volume 7397 of LNCS, pages 200–214. Springer, 2012. 10.1007/978-3-642-32946-3_15. Search in Google Scholar

[15] M. Chase and S. S. Chow. Improving privacy and security in multi-authority attribute-based encryption. In E. Al-Shaer, S. Jha, and A. D. Keromytis, editors, ACM Conference on Computer and Communications Security, CCS 2009, pages 121–130. ACM, 2009. 10.1145/1653662.1653678. Search in Google Scholar

[16] J. Chotard, E. D. Sans, R. Gay, D. H. Phan, and D. Pointcheval. Decentralized multi-client functional encryption for inner product. In T. Peyrin and S. D. Galbraith, editors, ASIACRYPT 2018, Proceedings, Part II, volume 11273 of LNCS, pages 703–732. Springer, 2018. 10.1007/978-3-030-03329-3_24. Search in Google Scholar

[17] J. Chotard, E. Dufour-Sans, R. Gay, D. H. Phan, and D. Pointcheval. Dynamic decentralized functional encryption. In D. Micciancio and T. Ristenpart, editors, CRYPTO 2020, Proceedings, Part I, volume 12170 of LNCS, pages 747–775. Springer, 2020. 10.1007/978-3-030-56784-2_25. Search in Google Scholar

[18] K. Emura. Privacy-preserving aggregation of time-series data with public verifiability from simple assumptions. In J. Pieprzyk and S. Suriadi, editors, Australasian Conference on Information Security and Privacy, ACISP 2017, Proceedings, Part II, volume 10343 of LNCS, pages 193–213. Springer, 2017. 10.1007/978-3-319-59870-3_11. Search in Google Scholar

[19] J. Ernst and A. Koch. Efficient private stream aggregation with labels in the standard model. In S.-L. Gazdag, D. Loebenberger, and M. Nüsken, editors, crypto day matters 32, Bonn, 2021. Gesellschaft für Informatik e.V. / FG KRYPTO. 10.18420/cdm-2021-32-16. Search in Google Scholar

[20] E. S. Freire, D. Hofheinz, E. Kiltz, and K. G. Paterson. Noninteractive key exchange. In K. Kurosawa and G. Hanaoka, editors, Public-Key Cryptography, PKC 2013, Proceedings, volume 7778 of LNCS, pages 254–271. Springer, 2013. 10.1007/978-3-642-36362-7_17. Search in Google Scholar

[21] S. Kim. Key-homomorphic pseudorandom functions from LWE with small modulus. In A. Canteaut and Y. Ishai, editors, EUROCRYPT 2020, Proceedings, Part II, volume 12106 of LNCS, pages 576–607. Springer, 2020. 10.1007/978-3-030-45724-2_20. Search in Google Scholar

[22] E. Shi, T. H. Chan, E. G. Rieffel, R. Chow, and D. Song. Privacy-preserving aggregation of time-series data. In NDSS 2011. The Internet Society, 2011. URL https://www.ndss-symposium.org/ndss2011/privacy-preserving-aggregation-of-time-series-data. Search in Google Scholar

[23] J. Takeshita, R. Karl, T. Gong, and T. Jung. SLAP: Simple lattice-based private stream aggregation protocol. Cryptology ePrint Archive, Report 2020/1611, 2020. URL https://eprint.iacr.org/2020/1611/20210513:151621. Search in Google Scholar

[24] F. Valovich. Aggregation of time-series data under differential privacy. In T. Lange and O. Dunkelman, editors, LATIN-CRYPT 2017, Revised Selected Papers, volume 11368 of LNCS, pages 249–270. Springer, 2017. 10.1007/978-3-030-25283-0_14. Search in Google Scholar

[25] H. Waldner, T. Marc, M. Stopar, and M. Abdalla. Private stream aggregation from labeled secret sharing schemes. Cryptology ePrint Archive, Report 2020/81, 2021. URL https://eprint.iacr.org/2020/081. Search in Google Scholar

Recommended articles from Trend MD

Plan your remote conference with Sciendo