Benchmarking is an important process for companies to stay competitive in today’s markets. The basis for benchmarking are statistics of performancemeasures of a group of companies. The companies need to collaborate in order to compute these statistics.

Protocols for privately computingstatistics have been proposed in the literature. This paper designs, implements and evaluates a privacy-preserving benchmarking platform which is a central entity that offers a database of benchmark statistics to its customers. This is the first attempt at building a practical privacy-preserving benchmarking system and the first attempt at addressing all necessary trade-offs.

The paper starts by designing a protocol that efficiently computes the statistics with constant cost per participant. The protocol uses central communication where customers only communicate with the central platform which facilitates a simple practical orchestration of the protocol. The protocols scale to realistic problem sizes due to the constant communication (and computation) cost per participant of the protocol.


Service Provider Message Authentication Code Homomorphic Encryption Oblivious Transfer Cryptographic Hash Function 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    G. Aggarwal, N. Mishra, and B. Pinkas. Secure computation of the kth-ranked element. Proceedings of EUROCRYPT, 2004.Google Scholar
  2. 2.
    M. Atallah, M. Bykova, J. Li, K. Frikken, and M. Topkara. Private collaborative forecasting and benchmarking. Proceedings of the ACM workshop on Privacy in the electronic society, 2004.Google Scholar
  3. 3.
    J. Benaloh. Verifiable Secret-Ballot Elections. PhD thesis, Yale University, 1987.Google Scholar
  4. 4.
    M. Ben-Or, and A. Wigderson. Completeness theorems for non-cryptographic fault-tolerant distributed computation. Proceedings of the 20th ACM symposium on theory of computing, 1988.Google Scholar
  5. 5.
    P. Bogetoft, I. Damgard, T. Jakobsen, K. Nielsen, J. Pagter, and T. Toft. A Practical Implementation of Secure Auctions Based on Multiparty Integer Computation. Proceedings of Financial Cryptography, 2006.Google Scholar
  6. 6.
    I. Damgard, R. Cramer, and J. Nielsen. Multiparty Computation from Threshold Homomorphic Encryption. Proceedings of EUROCRYPT, 2001.Google Scholar
  7. 7.
    I. Damgard, and Y. Ishai Constant-Round Multiparty Computation Using a Black-Box Pseudorandom Generator. Proceedings of CRYPTO, 2005.Google Scholar
  8. 8.
    I. Damgard, and M. Jurik. A Generalisation, a Simplification and some Applications of Pailliers Probabilistic Public-Key System. Proceedings of International Conference on Theory and Practice of Public-Key Cryptography, 2001.Google Scholar
  9. 9.
    G. Di Crescenzo. Private Selective Payment Protocols. Proceedings of Financial Cryptography, 2000.Google Scholar
  10. 10.
    G. Di Crescenzo. Privacy for the Stock Market. Proceedings of Financial Cryptography, 2001.Google Scholar
  11. 11.
    W. Du, and M. Atallah. Privacy-preserving Cooperative Statistical Analysis. Proceedings of the 17th Annual Computer Security Applications Conference, 2001.Google Scholar
  12. 12.
    S. Even, O. Goldreich, and A. Lempel. A randomized protocol for signing contracts. Communications of the ACM 28(6), 1985.Google Scholar
  13. 13.
    J. Feigenbaum, B. Pinkas, R. Ryger, and F. Saint-Jean. Secure Computation of Surveys. Proceedings of the EU Workshop on Secure Multiparty Protocols, 2004.Google Scholar
  14. 14.
    O. Goldreich. Secure Multi-party Computation. Available at˜oded/pp.html, 2002.Google Scholar
  15. 15.
    O. Goldreich. The Foundations of Cryptography Vol. 2. Cambridge University Press, 2004.Google Scholar
  16. 16.
    O. Goldreich, S. Micali, and A.Wigderson. How to play any mental game. Proceedings of the 19th ACM conference on theory of computing, 1987.Google Scholar
  17. 17.
    S. Goldwasser. Multi party computations: past and present. Proceedings of the 16th ACM symposium on principles of distributed computing, 1997.Google Scholar
  18. 18.
    A. Juels, and M. Szydlo. A two-server, sealed-bid auction protocol. Proceedings of the 6th Conference on Financial Cryptography, 2002.Google Scholar
  19. 19.
    E. Karnin, J. Green and M. Hellman. On Secret Sharing Systems. IEEE Tranactions on Information Theory 29(1), 1983.Google Scholar
  20. 20.
    F. Kerschbaum, and O. Terzidis. Filtering for Private Collaborative Benchmarking. Proceedings of the International Conference on Emerging Trends in Information and Communication Security, 2006.Google Scholar
  21. 21.
    E. Kiltz, G. Leander, and J. Malone-Lee. Secure Computation of the Mean and Related Statistics. Proceedings of Theory of Cryptography Conference, 2005.Google Scholar
  22. 22.
    H. Lipmaa, N. Asokan, and V. Niemi. Secure Vickrey auctions without threshold trust. Proceedings of the 6th Conference on Financial Cryptography, 2002.Google Scholar
  23. 23.
    D. Malkhi, N. Nisan, B. Pinkas, and Y. Sella. Fairplay - A Secure Two-party Computation System. Proceedings of the USENIX security symposium, 2004.Google Scholar
  24. 24.
    D. Naccache, and J. Stern. A New Public-Key Cryptosystem Based on Higher Residues. Proceedings of the ACM Conference on Computer and Communications Security, 1998.Google Scholar
  25. 25.
    M. Naor, and B. Pinkas. Efficient Oblivious Transfer Protocols. Proceedings of the symposium on data structures and algorithms, 2001.Google Scholar
  26. 26.
    M. Naor, B. Pinkas and R. Sumner. Privacy Preserving Auctions and Mechanism Design. Proceedings of the 1st ACM Conference on Electronic Commerce, 1999.Google Scholar
  27. 27.
    T. Okamoto, and S. Uchiyama. A new public-key cryptosystem as secure as factoring. Proceedings of EUROCRYPT, 1998.Google Scholar
  28. 28.
    P. Paillier. Public-Key Cryptosystems Based on Composite Degree Residuosity Classes. Proceedings of EUROCRYPT, 1999.Google Scholar
  29. 29.
    B. Preneel. Cryptographic hash functions. European Transactions on Telecommunications 5(4), 1994.Google Scholar
  30. 30.
    M. Rabin. How to exchange secrets by oblivious transfer. Technical Memo TR–81, Aiken Computation Laboratory, 1981.Google Scholar
  31. 31.
    R. Rivest, A. Shamir, and L. Adleman. AMethod for Obtaining Digital Signatures and Public- Key Cryptosystems. Communications of the ACM 21(2), 1978.Google Scholar
  32. 32.
    L. Rizzo. Dummynet: a simple approach to the evaluation of network protocols. ACM Computer Communication Review 27(1), 1997.Google Scholar
  33. 33.
    H. Subramaniam, R. Wright, and Z. Yang. Experimental Analysis of Privacy-Preserving Statistics Computation. Proceedings of the Workshop on Secure Data Management, 2004.Google Scholar
  34. 34.
    A. Yao. Protocols for Secure Computations. Proceedings of the IEEE Symposium on foundations of computer science 23, 1982. Enhancing Privacy in Remote Data ClassificationGoogle Scholar

Copyright information

© IFIP International Federation for Information Processing 2008

Authors and Affiliations

  • Florian Kerschbaum
    • 1
  1. 1.SAP ResearchKarlsruheGermany

Personalised recommendations