Collusion-Tolerable Privacy-Preserving Sum and Product Calculation without Secure Channel

Abstract: Abstract-Much research has been conducted to securely outsource multiple parties' data aggregation to an untrusted aggregator without disclosing each individual's privately owned data, or to enable multiple parties to jointly aggregate their data while preserving privacy. However, those works either require secure pair-wise communication channels or suffer from high complexity. In this paper, we consider how an external aggregator or multiple parties can learn some algebraic statistics (e.g., sum, product) ove… Show more

“…The reason of the outwardly inefficient setup in our scheme is that no trusted or semitrusted key dealer is assigned in the system and the communication channels between the participants and the aggregator are not secure. However, our scheme is shown to be much more efficient than Jung and Li's protocol in [6] with the same security assumption because Jung and Li's protocol is not the time-series data and its initialization should be repeated every time when a new sum is desired. In the proposed scheme, the aggregation results can be calculated efficiently after setup and each participant takes the same processing time independent of the number of participants considered in the aggregation.…”

“…The participants are not connected to each other directly, but they can exchange encrypted messages among themselves via the aggregator or intermediate routers. Similar to [6], the communication channels in the system are insecure. Anyone can easily eavesdrop them and/or intercept the data being transferred.…”

“…As is pointed out, EPPP4SMS is much faster in encryption than many protocols that use Paillier's scheme [7]. Therefore, in this simulation, we only compare the performance of our protocol with other two existing aggregation protocols in [6] (specifically, Jung's advanced protocol) and [7] (EPPP4SMS).…”

“…(1) We propose a privacy-preserving time-series data aggregation [7] √ × √ × × Li et al [8] × √ √ √ √ Jung et al [6] √ √ √ √ × EPPP4SMS [9] √ √ × × √ Our scheme √ √ √ √ √ protocol without trusted central key issuer and it only needs one initialization for the participants to acquire their encryption keys. (2) Security and complexity analyses of the proposed protocol are given and the proposed protocol is shown to be efficient and scalable and also it is proved to tolerate up to colluding passive adversaries.…”

Collusion-Tolerable and Efficient Privacy-Preserving Time-Series Data Aggregation Protocol

“…The reason of the outwardly inefficient setup in our scheme is that no trusted or semitrusted key dealer is assigned in the system and the communication channels between the participants and the aggregator are not secure. However, our scheme is shown to be much more efficient than Jung and Li's protocol in [6] with the same security assumption because Jung and Li's protocol is not the time-series data and its initialization should be repeated every time when a new sum is desired. In the proposed scheme, the aggregation results can be calculated efficiently after setup and each participant takes the same processing time independent of the number of participants considered in the aggregation.…”

“…The participants are not connected to each other directly, but they can exchange encrypted messages among themselves via the aggregator or intermediate routers. Similar to [6], the communication channels in the system are insecure. Anyone can easily eavesdrop them and/or intercept the data being transferred.…”

“…As is pointed out, EPPP4SMS is much faster in encryption than many protocols that use Paillier's scheme [7]. Therefore, in this simulation, we only compare the performance of our protocol with other two existing aggregation protocols in [6] (specifically, Jung's advanced protocol) and [7] (EPPP4SMS).…”

“…(1) We propose a privacy-preserving time-series data aggregation [7] √ × √ × × Li et al [8] × √ √ √ √ Jung et al [6] √ √ √ √ × EPPP4SMS [9] √ √ × × √ Our scheme √ √ √ √ √ protocol without trusted central key issuer and it only needs one initialization for the participants to acquire their encryption keys. (2) Security and complexity analyses of the proposed protocol are given and the proposed protocol is shown to be efficient and scalable and also it is proved to tolerate up to colluding passive adversaries.…”

Collusion-Tolerable and Efficient Privacy-Preserving Time-Series Data Aggregation Protocol

“…We use the semi-honest security model to analyze the protocol [40]. This model assumes that the involved parties, in our case MG 1 to MG N and the AU, perform the protocol steps properly, but are also allowed to store the messages from previous steps in an attempt to deduce more information than they are entitled to.…”

A Privacy-Preserving Distributed Optimal Scheduling for Interconnected Microgrids

DAML: Practical Secure Protocol for Data Aggregation Based on Machine Learning