Cryptology ePrint Archive: Report 2009/180

Collaborative, Privacy-Preserving Data Aggregation at Scale

Haakon Ringberg and Benny Applebaum and Michael J. Freedman and Matthew Caesar and Jennifer Rexford

Abstract: Combining and analyzing data collected at multiple locations is critical for a wide variety of applications, such as detecting and diagnosing malicious attacks or computing an accurate estimate of the popularity of Web sites. However, legitimate concerns about privacy often inhibit participation in collaborative data-analysis systems. In this paper, we design, implement, and evaluate a practical solution for privacy-preserving collaboration among a large number of participants. Scalability is achieved through a ``semi-centralized'' architecture that divides responsibility between a proxy that obliviously blinds the client inputs and a database that identifies the (blinded) keywords that have values satisfying some evaluation function.

Our solution leverages a novel cryptographic protocol that provably protects the privacy of both the participants and the keywords. For example, if web servers collaborate to detect source IP addresses responsible for denial-of-service attacks, our protocol would not reveal the traffic mix of the Web servers or the identity of the ``good'' IP addresses. We implemented a prototype of our design, including an amortized oblivious transfer protocol that substantially improves the efficiency of client-proxy interactions. Our experiments show that the performance of our system scales linearly with computing resources, making it easy to improve performance by adding more cores or machines. For collaborative diagnosis of denial-of-service attacks, our system can handle millions of suspect IP addresses per hour when the proxy and the database each run on two quad-core machines.

Category / Keywords: cryptographic protocols / secure multi-party computation

Date: received 24 Apr 2009

Contact author: mfreed at cs princeton edu

Available format(s): PDF | BibTeX Citation

Version: 20090426:203140 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]