Paper 2017/643

Private Data Aggregation on a Budget

Morten Dahl, Valerio Pastro, and Mathieu Poumeyrol


We provide a practical solution to performing cross-user machine learning through aggregation on a sensitive dataset distributed among privacy-concerned users. We focus on a scenario in which a single company wishes to obtain the distribution of aggregate features, while ensuring a high level of privacy for the users. We are interested in the case where users own devices that are not necessarily powerful or online at all times, like smartphones or web browsers. This premise makes general solutions, such as general multiparty computation (MPC), less applicable. We design an efficient special-purpose MPC protocol that outputs aggregate features to the company, while keeping online presence and computational complexity on the users’ side at a minimum. This basic protocol is secure against a majority of corrupt users, as long as they do not collude with the company. If they do, we still guarantee security, as long as the fraction of corrupt users is lower than a certain, tweakable, parameter. We propose different enhancements of this solution: one guaranteeing some degree of active security, and one that additionally ensures differential privacy. Finally, we report on the performance of our implementation on several realistic real-world use-cases across different devices.

Available format(s)
Publication info
Preprint. MINOR revision.
multi-party computationprivacymobile
Contact author(s)
mortendahlcs @ gmail com
2017-07-05: received
Short URL
Creative Commons Attribution


      author = {Morten Dahl and Valerio Pastro and Mathieu Poumeyrol},
      title = {Private Data Aggregation on a Budget},
      howpublished = {Cryptology ePrint Archive, Paper 2017/643},
      year = {2017},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.