PryTag is a cryptographic protocol for privacy preserving aggregation of data by an untrusted aggregator, tailored for dynamic populations. Besides dynamicity, the other key point of the protocol is the non existence of a trusted key dealer who is aware of users' secret keys during the protocol execution.
PryTag in contrast with existing protocols provides dynamicity in the participation of users. Namely, dynamic leaves/joins of users have no impact to existing users thanks to the novel key setup phase, which happens only once.
The protocol guarantees that the untrusted aggregator learns nothing but the aggregate of input data in cleartext and other participants learn nothing.
Due to the independent key generation that achieves dynamicity PryTag also supports trust relaxtion in the sense that no trusted key dealer is needed during the protocol execution. This allows to reduce overwhelming trust assumptions made in current protocols.
With the advent of networking applications collecting user data on a massive scale, the privacy of individual users appears to be a major concern. The main challenge is the design of a solution that allows the data analyzer to compute global statistics over the set of individual inputs that are protected by some confidentiality mechanism. Current approaches suggested a solution that allows a centralized party to compute the sum of encrypted inputs collected through a smart metering network. The main shortcomings of this solution are its reliance on a trusted dealer for key distribution and the need for key updates in the case of user joins or leaves. PryTag is a secure protocol for aggregation of time-series data in which the main shortcomings of existing solutions, namely, the requirement for key updates and for the trusted dealer are eliminated.
A research unoptimized prototype implementation of PryTag is set forth.
|Functionality (sec) \ #Users||250||500||1000||10000|