Verifiable Distributed Aggregation Functions

Hannah Davis; Christopher Patton; Mike Rosulek; Phillipp Schoppmann

Paper 2023/130

Verifiable Distributed Aggregation Functions

Hannah Davis, University of California, San Diego

Christopher Patton, Cloudflare

Mike Rosulek, Oregon State University

Phillipp Schoppmann, Google

Abstract

The modern Internet is built on systems that incentivize collection of information about users. In order to minimize privacy loss, it is desirable to prevent these systems from collecting more information than is required for the application. The promise of multi-party computation is that data can be aggregated without revealing individual measurements to the data collector. This work offers a provable security treatment for "Verifiable Distributed Aggregation Functions (VDAFs)", a class of multi-party computation protocols being considered for standardization by the IETF. We propose a formal framework for the analysis of VDAFs and apply it to two constructions. The first is Prio3, one of the candidates for standardization. This VDAF is based on the Prio system of Corrigan-Gibbs and Boneh (NSDI 2017). We prove that Prio3 achieves our security goals with only minor changes to the draft. The second construction, called Doplar, is introduced by this paper. Doplar is a round-reduced variant of the Poplar system of Boneh et al. (IEEE S&P 2021), itself a candidate for standardization. The cost of this improvement is a modest increase in overall bandwidth and computation.

Note: The latest version fixes a typo in Figure 2 and solves a few minor editorial issues.

Metadata

Available format(s): PDF
Category: Cryptographic protocols
Publication info: Published elsewhere. Minor revision. PETS 2023
Keywords: protocol standards multi-party computation
Contact author(s): h3davis @ eng ucsd edu
cpatton @ cloudflare com
rosulekm @ eecs oregonstate edu
schoppmann @ google com
History: 2023-07-12: last of 4 revisions; 2023-02-04: received; See all versions
Short URL: https://ia.cr/2023/130
License: CC BY

BibTeX

@misc{cryptoeprint:2023/130,
      author = {Hannah Davis and Christopher Patton and Mike Rosulek and Phillipp Schoppmann},
      title = {Verifiable Distributed Aggregation Functions},
      howpublished = {Cryptology ePrint Archive, Paper 2023/130},
      year = {2023},
      note = {\url{https://eprint.iacr.org/2023/130}},
      url = {https://eprint.iacr.org/2023/130}
}