Paper 2023/130
Verifiable Distributed Aggregation Functions
Abstract
The modern Internet is built on systems that incentivize collection of information about users. In order to minimize privacy loss, it is desirable to prevent these systems from collecting more information than is required for the application. The promise of multi-party computation is that data can be aggregated without revealing individual measurements to the data collector. This work offers a provable security treatment for "Verifiable Distributed Aggregation Functions (VDAFs)", a class of multi-party computation protocols being considered for standardization by the IETF. We propose a formal framework for the analysis of VDAFs and apply it to two candidate protocols. The first is based on the Prio system of Corrigan-Gibbs and Boneh (NSDI 2017). Prio is fairly mature and has been deployed in real-world applications. We prove that, with only minor changes, the current draft of the standardized version achieves our security goals. The second candidate is the recently proposed Poplar system from Boneh et al. (IEEE S&P 2021). The deployability of Poplar is less certain. One difficulty is that the interactive step requires two rounds of broadcast messages, whereas Prio requires just one. This makes Poplar less suitable for many deployment scenarios. We show the round complexity can be improved, at the cost of higher bandwidth.
Note: The latest version includes minor changes to the Doplar specification.
Metadata
- Available format(s)
-
PDF
- Category
- Cryptographic protocols
- Publication info
- Preprint.
- Keywords
- protocol standardsmulti-party computation
- Contact author(s)
-
h3davis @ eng ucsd edu
cpatton @ cloudflare com
rosulekm @ eecs oregonstate edu
schoppmann @ google com - History
- 2023-02-22: last of 2 revisions
- 2023-02-04: received
- See all versions
- Short URL
- https://ia.cr/2023/130
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2023/130, author = {Hannah Davis and Christopher Patton and Mike Rosulek and Phillipp Schoppmann}, title = {Verifiable Distributed Aggregation Functions}, howpublished = {Cryptology ePrint Archive, Paper 2023/130}, year = {2023}, note = {\url{https://eprint.iacr.org/2023/130}}, url = {https://eprint.iacr.org/2023/130} }