Paper 2023/214

DIPSAUCE: Efficient Private Stream Aggregation Without Trusted Parties

Joakim Brorsson, Lund University
Martin Gunnarsson, Research Institutes of Sweden

Private Stream Aggregation (PSA) schemes are efficient protocols for distributed data analytics. In a PSA scheme, a set of data producers can encrypt data for a central party so that it learns the sum of all encrypted values, but nothing about each individual value. Thus, a trusted aggregator is avoided. However, all known PSA schemes still require a trusted party for key generation. In this paper we propose the first PSA scheme that does not rely on a trusted party. We argue its security against static and mobile malicious adversaries, and show its efficiency by implementing both our scheme and the previous state-of-the-art on realistic IoT devices, and compare their performance. Our security and efficiency evaluations show that it is indeed possible to construct an efficient PSA scheme without a trusted central party. Surprisingly, our results also show that, as side effect, our method for distributing the setup procedure also makes the encryption procedure more efficient than the state of the art PSA schemes which rely on trusted parties.

Note: Extended Version

Available format(s)
Cryptographic protocols
Publication info
Published elsewhere. Major revision. NordSec23
Private Stream AggregationPSAData AnalyticsIoTSmart Meteringsum-of-PRFs
Contact author(s)
joakim brorsson @ eit lth se
martin gunnarsson @ ri se
2023-09-14: last of 2 revisions
2023-02-17: received
See all versions
Short URL
Creative Commons Attribution


      author = {Joakim Brorsson and Martin Gunnarsson},
      title = {{DIPSAUCE}: Efficient Private Stream Aggregation Without Trusted Parties},
      howpublished = {Cryptology ePrint Archive, Paper 2023/214},
      year = {2023},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.