Cryptology ePrint Archive: Report 2021/1370

Masquerade: Verifiable Multi-Party Aggregation with Secure Multiplicative Commitments

Dimitris Mouris and Nektarios Georgios Tsoutsos

Abstract: In crowd-sourced data aggregation, participants share their data points with curators. However, the lack of privacy guarantees may discourage participation, which motivates the need for privacy-preserving aggregation protocols. Unfortunately, existing solutions do not support public auditing without revealing the participants' data. In real-world applications, there is a need for public verifiability (i.e., verifying the protocol correctness) while preserving the privacy of the participants' inputs since the participants do not always trust the data curator. Likewise, public distributed ledgers (e.g., blockchains) provide public auditing but may reveal sensitive information.

We present Masquerade, a novel protocol for computing private statistics, such as sum, average, and histograms without revealing anything about participants' data. We propose a tailored multiplicative commitment scheme to ensure the integrity of data aggregations and publish all the participants' commitments on a ledger to provide public verifiability. We complement our methodology with two zero-knowledge proof protocols that detect potentially untrusted participants who attempt to poison the aggregation results. Thus, Masquerade ensures the validity of shared data points before being aggregated, enabling a broad range of numerical and categorical. In our experiments, we evaluate our protocol's runtime and communication overhead using homomorphic ciphertexts and commitments for a variable number of participants.

Category / Keywords: cryptographic protocols / Homomorphic encryption, private aggregation, multiplicative commitments, privacy-preserving histograms

Date: received 11 Oct 2021

Contact author: tsoutsos at udel edu

Available format(s): PDF | BibTeX Citation

Version: 20211012:062418 (All versions of this report)

Short URL: ia.cr/2021/1370


[ Cryptology ePrint archive ]