# Private Aggregation with Custom Collusion Tolerance

## Abstract

While multiparty computations are becoming more and more efficient, their performance has not yet reached the required level for wide adoption. Nevertheless, many applications need this functionality, while others need it for simpler computations; operations such as multiplication or addition might be sufficient. In this work we extend the well-known multiparty computation protocol (MPC) for summation of Kurswave *et al.* More precisely, we introduce two extensions of the protocol one which bases its security on the Decisional Diffie-Hellman hypothesis and does not use pairings, and one that significantly reduces the pairings of the original. Both protocols are proven secure in the semi-honest model. Like the original, the protocols are entirely broadcast-based and self-bootstrapping, but provide a significant performance boost, allowing them to be adopted by devices with low processing power and can also be extended naturally to achieve \(t\)-privacy in the malicious model, while remaining practical. Finally, the protocols can further improve their performance if users decide to decrease their collusion tolerance.

## Keywords

Multiparty computation Private aggregation Cryptographic protocols## References

- 1.Asharov, G., Lindell, Y.: A full proof of the BGW protocol for perfectly-secure multiparty computation. Electron. Colloq. Comput. Complex. (ECCC)
**18**, 36 (2011)Google Scholar - 2.Ben-David, A., Nisan, N., Pinkas, B.: Fairplaymp: a system for secure multi-party computation. In: Proceedings of the 15th ACM Conference on Computer and Communications Security, pp. 257–266. ACM (2008)Google Scholar
- 3.Ben-Or, M., Goldwasser, S., Wigderson, A.: Completeness theorems for non-cryptographic fault-tolerant distributed computation. In Proceedings of the Twentieth Annual ACM Symposium on Theory of Computing, pp. 1–10. ACM (1988)Google Scholar
- 4.Blake, I.F., Studholme, C.: Properties of random matrices and applications. Unpublished report (2006). http://www.cs.toronto.edu/~cvs/coding
- 5.Bogetoft, P., Christensen, D.L., Damgård, I., Geisler, M., Jakobsen, T.P., Krøigaard, M., Nielsen, J.D., Nielsen, J.B., Nielsen, K., Pagter, J., et al.: Multiparty computation goes live. IACR Cryptology ePrint Archive 2008, p. 68 (2008)Google Scholar
- 6.Chaum, D., Crépeau, C., Damgard, I.: Multiparty unconditionally secure protocols. In: Proceedings of the Twentieth Annual ACM Symposium on Theory of Computing, pp. 11–19. ACM (1988)Google Scholar
- 7.Clifton, C., Kantarcioglu, M., Vaidya, J., Lin, X., Zhu, M.Y.: Tools for privacy preserving distributed data mining. ACM SIGKDD Explor. Newsl.
**4**(2), 28–34 (2002)CrossRefGoogle Scholar - 8.Cooper, C.: On the rank of random matrices. Random Struct. Algorithms
**16**, 2000 (2000)CrossRefGoogle Scholar - 9.Damgrd, I., Pastro, V., Smart, N.P., Zakarias, S.: Multiparty computation from somewhat homomorphic encryption. IACR Cryptology ePrint Archive 2011, p. 535 (2011)Google Scholar
- 10.Department of Energy and Climate Change. Smart metering equipment technical specifications: second version July 2013. https://www.gov.uk/government/consultations/smart-metering-equipment-technical-specifications-second-version
- 11.Fiat, A., Shamir, A.: How to prove yourself: practical solutions to identification and signature problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1987) CrossRefGoogle Scholar
- 12.Goldreich, O., Micali, S., Wigderson, A.: How to play any mental game. In: Proceedings of the Nineteenth Annual ACM Symposium on Theory of Computing, pp. 218–229. ACM (1987)Google Scholar
- 13.Hao, F., Zieliński, P.: A 2-round anonymous veto protocol. In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds.) Security Protocols. LNCS, vol. 5087, pp. 202–211. Springer, Heidelberg (2009) CrossRefGoogle Scholar
- 14.Hart, G.W.: Nonintrusive appliance load monitoring. Proc. IEEE
**80**(12), 1870–1891 (1992)CrossRefGoogle Scholar - 15.Kursawe, K., Danezis, G., Kohlweiss, M.: Privacy-friendly aggregation for the smart-grid. In: Fischer-Hübner, S., Hopper, N. (eds.) PETS 2011. LNCS, vol. 6794, pp. 175–191. Springer, Heidelberg (2011) CrossRefGoogle Scholar
- 16.Laughman, C., Lee, K., Cox, R., Shaw, S., Leeb, S., Norford, L., Armstrong, P.: Power signature analysis. IEEE Power Energy Mag.
**1**(2), 56–63 (2003)CrossRefGoogle Scholar - 17.Malkhi, D., Nisan, N., Pinkas, B., Sella, Y.: Fairplay-secure two-party computation system. In: USENIX Security Symposium, pp. 287–302 (2004)Google Scholar
- 18.Molina-Markham, A., Shenoy, P., Fu, K., Cecchet, E., Irwin, D.: Private memoirs of a smart meter. In: Proceedings of the 2nd ACM Workshop on Embedded Sensing Systems for Energy-efficiency in Building, pp. 61–66. ACM (2010)Google Scholar
- 19.Pereira, G.C.C.F., Simplício Jr., M.A., Naehrig, M., Barreto, P.S.L.M.: A family of implementation-friendly bn elliptic curves. J. Syst. Softw.
**84**(8), 1319–1326 (2011)CrossRefGoogle Scholar - 20.Schnorr, C.: Efficient identification and signatures for smartcards. pp. 239–252 (1990)Google Scholar
- 21.Shi, E., Chow, R., Chan, T.H.H., Song, D., Rieffel, E.: Privacy-Preserving Aggregation of Time-Series Data. Technical report, UC Berkeley (2011)Google Scholar
- 22.Weiss, M., Helfenstein, A., Mattern, F., Staake, T.: Leveraging smart meter data to recognize home appliances. In: 2012 IEEE International Conference on Pervasive Computing and Communications (PerCom), pp. 190–197. IEEE (2012)Google Scholar
- 23.Yang, Z., Zhong, S., Wright, R.N.: Privacy-preserving classification of customer data without loss of accuracy. In: SIAM International Conference on Data Mining, pp. 1–11 (2005)Google Scholar
- 24.Yao, A.C.-C.: Protocols for secure computations. In: FOCS, vol. 82, pp. 160–164 (1982)Google Scholar
- 25.Yao, A.C.-C.: How to generate and exchange secrets. In: 27th Annual Symposium on Foundations of Computer Science, 1986, pp. 162–167. IEEE (1986)Google Scholar