Cryptology ePrint Archive: Report 2017/479

Privacy-Preserving Aggregation of Time-Series Data with Public Verifiability from Simple Assumptions

Keita Emura

Abstract: Aggregator oblivious encryption was proposed by Shi et al. (NDSS 2011), where an aggregator can compute an aggregated sum of data and is unable to learn anything else (aggregator obliviousness). Since the aggregator does not learn individual data that may reveal users' habits and behaviors, several applications, such as privacy-preserving smart metering, have been considered. In this paper, we propose aggregator oblivious encryption schemes with public verifiability where the aggregator is required to generate a proof of an aggregated sum and anyone can verify whether the aggregated sum has been correctly computed by the aggregator. Though Leontiadis et al. (CANS 2015) considered the verifiability, their scheme requires an interactive complexity assumption to provide the unforgeability of the proof. Our schemes are proven to be unforgeable under a static and simple assumption (a variant of the Computational Diffie-Hellman assumption). Moreover, our schemes inherit the tightness of the reduction of the Benhamouda et al. scheme (ACM TISSEC 2016) for proving aggregator obliviousness. This tight reduction allows us to employ elliptic curves of a smaller order and leads to efficient implementation.

Category / Keywords: cryptographic protocols / Aggregator Oblivious Encryption, Public Verifiability

Original Publication (with minor differences): 22nd Australasian Conference on Information Security and Privacy (ACISP 2017)

Date: received 29 May 2017, last revised 21 Jun 2017

Contact author: k-emura at nict go jp

Available format(s): PDF | BibTeX Citation

Version: 20170622:005445 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]