Abstract
Collaborative filtering is a famous technique in recommendation systems. Yet, it requires the users to reveal their preferences, which has undesirable privacy implications. Over the years, researchers have proposed many privacy-preserving collaborative filtering (PPCF) systems using very different techniques for different settings, ranging from adding noise to the data with centralized filtering, to performing secure multi-party computation. However, either privacy protection is unsatisfactory or the computation is prohibitively expensive.
In this work, we propose a decentralized PPCF system, which enables a group of users holding (cryptographically low-entropy) profile to identify other similar users in a privacy-preserving yet very efficient way, without the help of any central server. Its core component is a novel primitive which we named as asymmetric randomized encoding (ARE). Similar to the spirt of other cryptographic primitives, it is asymmetric in the sense that, honest party could enjoy performance boost (via precomputation) with the knowledge of a profile, whilst adversary aiming to recover the hidden profile can only launch dictionary attack against each encoded profile. Thanks to the simple design of ARE, our solution is very efficient, which is demonstrated by our performance evaluation. Besides PPCF, we believe that ARE will find further applications which require a balance between privacy and efficiency.
Sherman Chow— is supported by the Early Career Scheme and the Early Career Award of the Research Grants Council, Hong Kong SAR (CUHK 439713), and Direct Grant (4055018) of the Chinese University of Hong Kong.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
We prepend dummy strings \(S_1\) and \(S_2\) to the input to instantiate two hash functions. The first \(\lambda \)-bit output of SHA3 is picked as output, i.e., \(H_i(m) = \text {SHA3}(S_i||m)[0, \ldots , \lambda -1]\) for \(i \in [1, 2]\). For \(H_1(m)\), there exists a small probability that the output is larger than \(p-1\). If that occurs, we re-hash the result until it fits.
References
Ahmad, W., Khokhar, A.A.: An architecture for privacy preserving collaborative filtering on web portals. In: IAS, pp. 273–278. IEEE Computer Society (2007)
Andoni, A., Indyk, P.: Near-optimal hashing algorithms for approximate nearest neighbor in high dimensions. Commun. ACM 51(1), 117–122 (2008)
Androutsellis-Theotokis, S., Spinellis, D.: A survey of peer-to-peer content distribution technologies. ACM Comput. Surv. 36(4), 335–371 (2004)
Basu, A., Vaidya, J., Kikuchi, H., Dimitrakos, T.: Privacy-preserving collaborative filtering for the cloud. In: Lambrinoudakis, C., Rizomiliotis, P., Wlodarczyk, T.W. (eds.) CloudCom, pp. 223–230. IEEE (2011)
Bellare, M., Boldyreva, A., O’Neill, A.: Deterministic and efficiently searchable encryption. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol. 4622, pp. 535–552. Springer, Heidelberg (2007)
Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000)
Bellare, M., Rogaway, P.: Random oracles are practical: a paradigm for designing efficient protocols. In: Denning, D.E., Pyle, R., Ganesan, R., Sandhu, R.S., Ashby, V. (eds.) ACM Conference on Computer and Communications Security, pp. 62–73. ACM (1993)
Berkovsky, S., Eytani, Y., Kuflik, T., Ricci, F.: Enhancing privacy and preserving accuracy of a distributed collaborative filtering. In: Konstan, J.A., Riedl, J., Smyth, B. (eds.) RecSys, pp. 9–16. ACM (2007)
Bertier, M., Frey, D., Guerraoui, R., Kermarrec, A.-M., Leroy, V.: The Gossple anonymous social network. In: Gupta, I., Mascolo, C. (eds.) Middleware 2010. LNCS, vol. 6452, pp. 191–211. Springer, Heidelberg (2010)
Canard, S., Fuchsbauer, G., Gouget, A., Laguillaumie, F.: Plaintext-Checkable Encryption. In: Dunkelman, O. (ed.) CT-RSA 2012. LNCS, vol. 7178, pp. 332–348. Springer, Heidelberg (2012)
Canny, J.F.: Collaborative filtering with privacy. In: IEEE Symposium on Security and Privacy, pp. 45–57. IEEE Computer Society (2002)
Charikar, M.: Similarity estimation techniques from rounding algorithms. In: Reif, J.H. (ed.) STOC, pp. 380–388. ACM (2002)
Chow, R., Pathak, M.A., Wang, C.: A practical system for privacy-preserving collaborative filtering. In: Vreeken, J., Ling, C., Zaki, M.J., Siebes, A., Yu, J.X., Goethals, B., Webb, G.I., Wu, X. (eds.) ICDM Workshops, pp. 547–554. IEEE Computer Society (2012)
Damgård, I., Hofheinz, D., Kiltz, E., Thorbek, R.: Public-key encryption with non-interactive opening. In: Malkin, T. (ed.) CT-RSA 2008. LNCS, vol. 4964, pp. 239–255. Springer, Heidelberg (2008)
Dwork, C.: Differential privacy: a survey of results. In: Agrawal, M., Du, D.-Z., Duan, Z., Li, A. (eds.) TAMC 2008. LNCS, vol. 4978, pp. 1–19. Springer, Heidelberg (2008)
Galindo, D., Libert, B., Fischlin, M., Fuchsbauer, G., Lehmann, A., Manulis, M., Schröder, D.: Public-key encryption with non-interactive opening: new constructions and stronger definitions. In: Bernstein, D.J., Lange, T. (eds.) AFRICACRYPT 2010. LNCS, vol. 6055, pp. 333–350. Springer, Heidelberg (2010)
Gentry, C.: Fully homomorphic encryption using ideal lattices. In: Mitzenmacher, M. (ed.) STOC, pp. 169–178. ACM (2009)
Gentry, C., Halevi, S., Smart, N.P.: Fully homomorphic encryption with polylog overhead. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 465–482. Springer, Heidelberg (2012)
Goldreich, O., Micali, S., Wigderson, A.: How to play any mental game or a completeness theorem for protocols with honest majority. In: Aho, A.V. (ed.) STOC, pp. 218–229. ACM (1987)
Goldwasser, S., Micali, S.: Probabilistic encryption. J. Comput. Syst. Sci. 28(2), 270–299 (1984)
Grigorik, I.: Dissecting the Netflix Dataset - igvita.com. Last accessed on 2014–09-12
Hu, P., Chow, S.S.M, Lau, W.C.: Secure friend discovery via privacy-preserving and decentralized community detection. In: ICML 2014 Workshop on Learning, Security and Privacy (2014). Full version appears at http://arxiv.org/abs/1405.4951
Huang, Z., Du, W., Chen, B.: Deriving private information from randomized data. In: Özcan, F. (ed.) SIGMOD Conference, pp. 37–48. ACM (2005)
Kargupta, H., Datta, S., Wang, Q., Sivakumar, K.: On the privacy preserving properties of random data perturbation techniques. In: [45], pp. 99–106
Katz, J., Ostrovsky, R., Yung, M.: Efficient password-authenticated key exchange using human-memorable passwords. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 475–494. Springer, Heidelberg (2001)
Katz, J., Ostrovsky, R., Yung, M.: Efficient and secure authenticated key exchange using weak passwords. J. ACM, 57(1) (2009)
Liu, J.K., Baek, J., Zhou, J., Yang, Y., Wong, J.W.: Efficient online/offline identity-based signature for wireless sensor network. Int. J. Inf. Sec. 9(4), 287–296 (2010)
McSherry, F., Mironov, I.: Differentially private recommender systems: building privacy into the netflix prize contenders. In: IV, J.F.E., Fogelman-Soulié, F., Flach, P.A., Zaki, M.J. (eds.) KDD, pp. 627–636. ACM (2009)
Nandi, A., Aghasaryan, A., Bouzid, M.: P3: a privacy preserving personalization middleware for recommendation-based services. In: Hot Topics in Privacy Enhancing Technologies Symposium (2011)
Nandi, A., Aghasaryan, A., Chhabra, I.: On the use of decentralization to enable privacy in web-scale recommendation services. In: [35], pp. 25–36
Narayanan, A., Shmatikov, V.: Robust de-anonymization of large sparse datasets. In: IEEE Symposium on Security and Privacy, pp. 111–125. IEEE Computer Society (2008)
Parra-Arnau, J., Rebollo-Monedero, D., Forné, J.: A privacy-protecting architecture for collaborative filtering via forgery and suppression of ratings. In: Garcia-Alfaro, J., Navarro-Arribas, G., Cuppens-Boulahia, N., de Capitani di Vimercati, S. (eds.) DPM 2011 and SETOP 2011. LNCS, vol. 7122, pp. 42–57. Springer, Heidelberg (2012)
Polat, H., Du, W.: Privacy-preserving collaborative filtering using randomized perturbation techniques. In: [45], pp. 625–628
Polat, H., Du, W.: Achieving private recommendations using randomized response techniques. In: Ng, W.-K., Kitsuregawa, M., Li, J., Chang, K. (eds.) PAKDD 2006. LNCS (LNAI), vol. 3918, pp. 637–646. Springer, Heidelberg (2006)
Sadeghi, A., Foresti, S. (eds.) Proceedings of the 12th annual ACM Workshop on Privacy in the Electronic Society, WPES 2013, Berlin, Germany, November 4, 2013. ACM (2013)
Shin, J.S., Gligor, V.D.: A New Privacy-Enhanced Matchmaking Protocol. IEICE Trans. 96–B(8), 2049–2059 (2013). Preliminary version appeared at NDSS 2008
Shokri, R., Pedarsani, P., Theodorakopoulos, G., Hubaux, J.-P.: Preserving privacy in collaborative filtering through distributed aggregation of offline profiles. In: Bergman, L.D., Tuzhilin, A., Burke, R.D., Felfernig, A., Schmidt-Thieme, L. (eds) RecSys, pp. 157–164. ACM (2009)
Tang, Q.: Public key encryption schemes supporting equality test with authorisation of different granularity. IJACT 2(4), 304–321 (2012)
Tang, Q.: Public key encryption supporting plaintext equality test and user-specified authorization. Secur. Commun. Netw. 5(12), 1351–1362 (2012)
Tran, D.N., Li, J., Subramanian, L., Chow, S.S.M.: Optimal sybil-resilient node admission control. In: INFOCOM, pp. 3218–3226. IEEE (2011)
van Dijk, M., Gentry, C., Halevi, S., Vaikuntanathan, V.: Fully homomorphic encryption over the integers. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 24–43. Springer, Heidelberg (2010)
Wikipedia. Collaborative Filtering (2014). http://en.wikipedia.org/wiki/Collaborative_filtering. Last accessed on 2014–09-12
Wikipedia. Netflix Prize (2014). http://en.wikipedia.org/wiki/Netflix_Prize. Last accessed on 2014–09-12
Wu, T.-S., Lin, H.-Y.: Non-interactive authenticated key agreement over the mobile communication network. MONET 18(5), 594–599 (2013)
Wu, X., Tuzhilin, A., Shavlik, J. (eds.) Proceedings of the 3rd IEEE International Conference on Data Mining (ICDM 2003), 19–22 December 2003, Melbourne, Florida, USA. IEEE Computer Society (2003)
Yang, G., Tan, C.H., Huang, Q., Wong, D.S.: Probabilistic public key encryption with equality test. In: Pieprzyk, J. (ed.) CT-RSA 2010. LNCS, vol. 5985, pp. 119–131. Springer, Heidelberg (2010)
Yao, A.C.-C.: How to generate and exchange secrets (Extended Abstract). In: FOCS, pp. 162–167. IEEE Computer Society (1986)
Zhang, S., Ford, J., Makedon, F.: Deriving private information from randomly perturbed ratings. In: Ghosh, J., Lambert, D., Skillicorn, D.B., Srivastava, J. (eds) SDM, pp. 59–69. SIAM (2006)
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Zhao, Y., Chow, S.S.M. (2015). Privacy Preserving Collaborative Filtering from Asymmetric Randomized Encoding. In: Böhme, R., Okamoto, T. (eds) Financial Cryptography and Data Security. FC 2015. Lecture Notes in Computer Science(), vol 8975. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-47854-7_28
Download citation
DOI: https://doi.org/10.1007/978-3-662-47854-7_28
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-47853-0
Online ISBN: 978-3-662-47854-7
eBook Packages: Computer ScienceComputer Science (R0)