SpringerLink
Log in

SLAP: Simpler, Improved Private Stream Aggregation from Ring Learning with Errors

  • Research Article
  • Published:
Journal of Cryptology Aims and scope Submit manuscript

Abstract

Private Stream Aggregation (PSA) protocols perform secure aggregation of time-series data without leaking information about users’ inputs to the aggregator. Previous work in post-quantum PSA used the Ring Learning with Errors (RLWE) problem indirectly via homomorphic encryption (HE), leading to a needlessly complex and intensive construction. In this work, we present SLAP, the first PSA protocol that is directly constructed from the RLWE problem to gain post-quantum security. By nature of our white-box approach, SLAP is simpler and more efficient than previous PSA that uses RLWE indirectly through the black box of HE. We also show how to apply state-of-the-art optimizations for lattice-based cryptography to greatly improve the practical performance of SLAP. The communication overhead of SLAP is much less than in previous work, with decreases of up to 99.96% in ciphertext sizes as compared to previous work in RLWE-based PSA. We demonstrate a speedup of 20.76x over the previous state-of-the-art RLWE-based PSA work’s aggregation and show that SLAP achieves a throughput of 390,691 aggregations per second for 1000 users. We also compare SLAP to other state-of-the-art post-quantum PSA and show that SLAP is comparable in latency and shows improvement in throughput when compared to these works, and we compare the qualitative features of these schemes with regards to practical usability.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
EUR 32.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or Ebook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4

Similar content being viewed by others

Data Availability

The datasets generated and analyzed in this work are available from the first author upon reasonable request.

Notes

  1. While an element \({\textbf{a}}_i\) could be zero, this happens with only negligible probability.

References

  1. D. Archer, et al., Applications of homomorphic encryption. HomomorphicEncryption.org, Redmond WA, Tech. Rep. (2017)

  2. F. Inc., Role of Applied Cryptography in a Privacy-Focused Advertising Ecosystem request for proposals. Facebook (2020). https://research.fb.com/programs/research-awards/proposals/cryptography-rfp-2019/

  3. S. Group, Sony Research Award Program. https://www.sony.com/electronics/research-award-program#FacultyInnovationAward

  4. B. McMahan, D. Ramage, Federated Learning: Collaborative Machine Learning without Centralized Training Data (2017). https://ai.googleblog.com/2017/04/federated-learning-collaborative.html

  5. Z. Erkin, G. Tsudik, Private computation of spatial and temporal power consumption with smart meters, in International Conference on Applied Cryptography and Network Security (Springer, 2012), pp. 561–577

  6. J. Ernst, A. Koch, Private stream aggregation with labels in the standard model. Proc. Privacy Enhanc. Technol. 4, 117–138 (2021)

    Article  Google Scholar 

  7. V. Mothukuri, R.M. Parizi, S. Pouriyeh, Y. Huang, A. Dehghantanha, G. Srivastava, A survey on security and privacy of federated learning. Future Gener. Comput. Syst. 115, 619–640 (2021)

    Article  Google Scholar 

  8. Y. Dong, X. Chen, L. Shen, D. Wang, Eastfly: Efficient and secure ternary federated learning. Comput. Secur. 94, 101824 (2020)

    Article  Google Scholar 

  9. Y. Liu, X. Zhu, J. Wang, J. **ao, A quantitative metric for privacy leakage in federated learning, in ICASSP 2021-2021 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP) (IEEE, 2021), pp. 3065–3069

  10. C. Zhang, S. Li, J. **a, W. Wang, F. Yan, Y. Liu, \(\{\)BatchCrypt\(\}\): Efficient homomorphic encryption for \(\{\)Cross-Silo\(\}\) federated learning, in 2020 USENIX Annual Technical Conference (USENIX ATC 20) (2020), pp. 493–506

  11. Q. Yang, Y. Liu, T. Chen, Y. Tong, Federated machine learning: Concept and applications. ACM Trans. Intell. Syst. Technol. (TIST) 10(2), 1–19 (2019)

    Article  Google Scholar 

  12. G. Danezis, C. Fournet, M. Kohlweiss, S. Zanella-Béguelin, Smart meter aggregation via secret-sharing, in Proceedings of the First ACM Workshop on Smart Energy Grid Security (2013), pp. 75–80

  13. E. Shi, T.H. Chan, E. Rieffel, R. Chow, D. Song, Privacy-preserving aggregation of time-series data, in Proc. NDSS, vol. 2 (2011), pp. 1–17

  14. D. Becker, J. Guajardo, K.-H. Zimmermann, Revisiting Private Stream Aggregation: Lattice-Based PSA, in NDSS (2018)

  15. M. Joye, B. Libert, A scalable scheme for privacy-preserving aggregation of time-series data, in International Conference on Financial Cryptography and Data Security (Springer, 2013), pp. 111–125

  16. T. Jung, X. Mao, X.-Y. Li, S.-J. Tang, W. Gong, L. Zhang, Privacy-preserving data aggregation without secure channel: Multivariate polynomial evaluation, in 2013 Proceedings IEEE INFOCOM (IEEE, 2013), pp. 2634–2642

  17. T. Jung, J. Han, X.-Y. Li, PDA: semantically secure time-series data analytics with dynamic user groups. IEEE Trans. Depend. Secure Comput. 15(2), 260–274 (2016)

    Article  Google Scholar 

  18. Waldner, H., Marc, T., Stopar, M., Abdalla, M.: Private stream aggregation from labeled secret sharing schemes. IACR Cryptol. ePrint Arch. 2021, 81 (2021)

  19. R. Karl, J. Takeshita, T. Jung, Cryptonite: A Framework for Flexible Time-Series Secure Aggregation with Online Fault Tolerance. Cryptology ePrint Archive, Report 2020/1561. https://eprint.iacr.org/2020/1561 (2020)

  20. R. Karl, J. Takeshita, A. Mohammed, A. Striegel, T. Jung, Cryptonomial: a framework for private time-series polynomial calculations, in International Conference on Security and Privacy in Communication Systems (Springer, 2021), pp. 332–351

  21. P. Martins, L. Sousa, A. Mariano, A survey on fully homomorphic encryption: An engineering perspective. ACM Comput. Surv. (CSUR) 50(6), 1–33 (2017)

    Article  Google Scholar 

  22. Z. Brakerski, C. Gentry, V. Vaikuntanathan, (leveled) fully homomorphic encryption without bootstrap**. ACM Trans. Comput. Theory (TOCT) 6(3), 1–36 (2014)

    Article  MathSciNet  MATH  Google Scholar 

  23. J. Fan, F. Vercauteren, Somewhat practical fully homomorphic encryption. IACR Cryptol. ePrint Arch. 2012, 144 (2012)

    Google Scholar 

  24. J. Takeshita, D. Reis, T. Gong, M. Niemier, X.S. Hu, T. Jung, Algorithmic acceleration of b/fv-like somewhat homomorphic encryption for compute-enabled ram, in Selected Areas in Cryptography: 27th International Conference, Halifax, NS, Canada (Virtual Event), October 21–23, 2020, Revised Selected Papers 27 (Springer, 2021), pp. 66–89

  25. S. Mofrad, F. Zhang, S. Lu, W. Shi, A comparison study of intel sgx and amd memory encryption technology, in Proceedings of the 7th International Workshop on Hardware and Architectural Support for Security and Privacy (2018), pp. 1–8

  26. J. Takeshita, R. Karl, T. Jung, Secure single-server nearly-identical image deduplication, in IoTSPT-ML at ICCCN 2020. IEEE (2020)

  27. J. Takeshita, C. McKechney, J. Pajak, A. Papadimitriou, R. Karl, T. Jung, Gps: Integration of graphene, palisade, and sgx for large-scale aggregations of distributed data. Cryptology ePrint Archive (2021)

  28. Y. Yang, X. Huang, X. Liu, H. Cheng, J. Weng, X. Luo, V. Chang, A comprehensive survey on secure outsourced computation and its applications. IEEE Access 7, 159426–159465 (2019)

    Article  Google Scholar 

  29. R. Karl, T. Burchfield, J. Takeshita, T. Jung, Non-interactive MPC with trusted hardware secure against residual function attacks, in International Conference on Security and Privacy in Communication Systems (Springer, 2019), pp. 425–439

  30. C. Dwork, Differential privacy: A survey of results, in International Conference on Theory and Applications of Models of Computation (Springer, 2008), pp. 1–19

  31. A. Abdallah, X.S. Shen, A lightweight lattice-based homomorphic privacy-preserving data aggregation scheme for smart grid. IEEE Trans. Smart Grid 9(1), 396–405 (2016)

    Article  Google Scholar 

  32. A.A. Agarkar, et al., Post quantum security solution for data aggregation in wireless sensor networks, in 2020 IEEE Wireless Communications and Networking Conference (WCNC) (IEEE, 2020), pp. 1–8

  33. R.B. Romdhane, H. Hammami, M. Hamdi, T.-H. Kim, At the cross roads of lattice-based and homomorphic encryption to secure data aggregation in smart grid, in 2019 15th International Wireless Communications & Mobile Computing Conference (IWCMC) (IEEE, 2019), pp. 1067–1072

  34. S. Myers, M. Sergi, et al., Threshold fully homomorphic encryption and secure computation. Cryptology ePrint Archive (2011)

  35. D. Boneh, R. Gennaro, S. Goldfeder, A. Jain, S. Kim, P.M. Rasmussen, A. Sahai, Threshold cryptosystems from threshold fully homomorphic encryption, in Annual International Cryptology Conference (Springer, 2018), pp. 565–596

  36. P.W. Shor, Algorithms for quantum computation: discrete logarithms and factoring, in Proceedings 35th Annual Symposium on Foundations of Computer Science (IEEE, 1994), pp. 124–134

  37. D.J. Bernstein, T. Lange, Post-quantum cryptography. Nature 549(7671), 188–194 (2017)

    Article  Google Scholar 

  38. V. Lyubashevsky, C. Peikert, O. Regev, On ideal lattices and learning with errors over rings. J. ACM (JACM) 60(6), 1–35 (2013)

    Article  MathSciNet  MATH  Google Scholar 

  39. J. Ding, X. Gao, T. Takagi, Y. Wang, One sample ring-lwe with rounding and its application to key exchange, in International Conference on Applied Cryptography and Network Security (Springer, 2019), pp. 323–343

  40. J. Hoffstein, J. Pipher, J.H. Silverman, NTRU: A ring-based public key cryptosystem, in International Algorithmic Number Theory Symposium (Springer, 1998), pp. 267–288

  41. T.-H.H. Chan, E. Shi, D. Song, Privacy-preserving stream aggregation with fault tolerance, in International Conference on Financial Cryptography and Data Security (Springer, 2012), pp. 200–214

  42. P. Longa, M. Naehrig, Speeding up the number theoretic transform for faster ideal lattice-based cryptography, in International Conference on Cryptology and Network Security (Springer, 2016), pp. 124–139

  43. S. Halevi, Y. Polyakov, V. Shoup, An improved RNS variant of the BFV homomorphic encryption scheme, in Cryptographers’ Track at the RSA Conference (Springer, 2019), pp. 83–105

  44. V. Rastogi, S. Nath, Differentially private aggregation of distributed time-series with transformation and encryption, in Proceedings of the 2010 ACM SIGMOD International Conference on Management of Data (2010), pp. 735–746

  45. A.B. Alexandru, G.J. Pappas, Private weighted sum aggregation. IEEE Trans. Control Netw. Syst. (2021)

  46. T. Jung, X.-Y. Li, M. Wan, Collusion-tolerable privacy-preserving sum and product calculation without secure channel. IEEE Trans. Depend. Secure Comput. 12(1), 45–57 (2014)

    Article  Google Scholar 

  47. M.N. Kurt, Y. Yılmaz, X. Wang, P.J. Mosterman, Online privacy-preserving data-driven network anomaly detection. IEEE J. Sel. Areas Commun. (2022)

  48. F. Valovich, F. Aldà, Computational differential privacy from lattice-based cryptography, in International Conference on Number-Theoretic Methods in Cryptology (Springer, 2017), pp. 121–141

  49. Z. Brakerski, V. Vaikuntanathan, Fully homomorphic encryption from ring-LWE and security for key dependent messages, in Annual Cryptology Conference (Springer, 2011), pp. 505–524

  50. J. Bell, K. Bonawitz, A. Gascón, T. Lepoint, M. Raykova, Secure single-server aggregation with (poly) logarithmic overhead. IACR Cryptol. ePrint Arch (2020)

  51. P Ananth, A. Jain, Z. **, G. Malavolta, Multi-key fully-homomorphic encryption in the plain model, in Theory of Cryptography Conference (2020), pp. 28–57 Springer

  52. P. Mukherjee, D. Wichs, Two round multiparty computation via multi-key fhe, in Annual International Conference on the Theory and Applications of Cryptographic Techniques (Springer, 2016), pp. 735–763

  53. J. Won, C.Y. Ma, D.K. Yau, N.S. Rao, Proactive fault-tolerant aggregation protocol for privacy-assured smart metering, in IEEE INFOCOM 2014-IEEE Conference on Computer Communications (IEEE, 2014), pp. 2804–2812

  54. K. Xue, Q. Yang, S. Li, D.S. Wei, M. Peng, I. Memon, P. Hong, PPSO: A privacy-preserving service outsourcing scheme for real-time pricing demand response in smart grid. IEEE Internet Things J. 6(2), 2486–2496 (2018)

    Article  Google Scholar 

  55. B. Przydatek, D. Song, A. Perrig, SIA: Secure information aggregation in sensor networks, in Proceedings of the 1st International Conference on Embedded Networked Sensor Systems (2003), pp. 255–265

  56. Q. Li, G. Cao, Efficient privacy-preserving stream aggregation in mobile sensing with low aggregation error, in International Symposium on Privacy Enhancing Technologies Symposium (Springer, 2013), pp. 60–81

  57. J.C. Duchi, M.I. Jordan, M.J. Wainwright, Local privacy and statistical minimax rates, in 2013 IEEE 54th Annual Symposium on Foundations of Computer Science (IEEE, 2013), pp. 429–438

  58. G. Ács, C. Castelluccia, I have a dream!(differentially private smart metering), in International Workshop on Information Hiding (Springer, 2011), pp. 118–132

  59. I. Blanco-Chacón, On the RLWE/PLWE equivalence for cyclotomic number fields. Applicable Algebra in Engineering, Communication and Computing 1–19 (2020)

  60. M. Rosca, D. Stehlé, A. Wallet, On the ring-LWE and polynomial-LWE problems, in Annual International Conference on the Theory and Applications of Cryptographic Techniques (Springer, 2018), pp. 146–173.

  61. D. Evans, V. Kolesnikov, M. Rosulek, A pragmatic introduction to secure multi-party computation. Foundations and Trends® in Privacy and Security 2(2-3) (2017)

  62. W. Dai, B. Sunar, J. Schanck, W. Whyte, Z. Zhang, Ntru modular lattice signature scheme on cuda gpus, in 2016 International Conference on High Performance Computing & Simulation (HPCS) (IEEE, 2016), pp. 501–508

  63. M. Albrecht, M. Chase, H. Chen, J. Ding, S. Goldwasser, S. Gorbunov, S. Halevi, J. Hoffstein, K. Laine, K. Lauter, S. Lokam, D. Micciancio, D. Moody, T. Morrison, A. Sahai, V. Vaikuntanathan, Homomorphic encryption security standard. Technical report, HomomorphicEncryption.org, Toronto, Canada (November 2018)

  64. M.R. Albrecht, et al., Estimate all the \(\{\)LWE, NTRU\(\}\) schemes! In: International Conference on Security and Cryptography for Networks (Springer, 2018), pp. 351–367

  65. J.H. Cheon, A. Kim, M. Kim, Y. Song, Homomorphic encryption for arithmetic of approximate numbers, in International Conference on the Theory and Application of Cryptology and Information Security (Springer, 2017), pp. 409–437

  66. J.-C. Bajard, J. Eynard, , M.A. Hasan, V. Zucca, A full RNS variant of FV like somewhat homomorphic encryption schemes, in International Conference on Selected Areas in Cryptography (Springer, 2016), pp. 423–442

  67. J.H. Cheon, K. Han, A. Kim, M. Kim, Y. Song, A full RNS variant of approximate homomorphic encryption, in International Conference on Selected Areas in Cryptography (Springer, 2018), pp. 347–368

  68. S. Halevi, V. Shoup, Helib. Retrieved from HELib: https://github.com/shaih/HElib (2014)

  69. C. Gentry, S. Halevi, N.P. Smart, Homomorphic evaluation of the AES circuit, in Annual Cryptology Conference (Springer, 2012), pp. 850–867

  70. C. Dwork, S. Yekhanin, New efficient attacks on statistical disclosure control mechanisms, in Annual International Cryptology Conference (Springer, 2008), pp. 469–480

  71. V. Shoup, et al., NTL: A library for doing number theory (2001)

  72. M. Crane, A. Trotman, R. O’Keefe, Maintaining discriminatory power in quantized indexes, in Proceedings of the 22nd ACM International Conference on Information & Knowledge Management (2013), pp. 1221–1224

  73. C. Dobraunig, L. Grassi, L. Helminger, C. Rechberger, M. Schofnegger, R. Walch, Pasta: A case for hybrid homomorphic encryption. Cryptology ePrint Archive (2021)

  74. Y. Li, J. Zhou, Y. Li, O.C. Au, Reducing the ciphertext expansion in image homomorphic encryption via linear interpolation technique, in 2015 IEEE Global Conference on Signal and Information Processing (GlobalSIP) (IEEE, 2015), pp. 800–804

Download references

Funding

This work was supported by Facebook as a winner of the Role of Applied Cryptography in a Privacy-Focused Advertising Ecosystem Facebook RFP. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect those of the sponsor.

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, University of Notre Dame, Notre Dame, IN, USA

    Jonathan Takeshita & Taeho Jung

  2. Software Engineering Institute, Carnegie Mellon University, Pittsburgh, PA, USA

    Ryan Karl

  3. Department of Mathematics, University of Washington, Seattle, WA, USA

    Ting Gong

Authors
  1. Jonathan Takeshita
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ryan Karl
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ting Gong
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Taeho Jung
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Taeho Jung.

Ethics declarations

Conflict of interest

The authors declare that they have no conflict of interest.

Ethical Approval

This article does not contain any studies with human participants or animals performed by any of the authors.

Additional information

Communicated by Jung Hee Cheon.

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Takeshita, J., Karl, R., Gong, T. et al. SLAP: Simpler, Improved Private Stream Aggregation from Ring Learning with Errors. J Cryptol 36, 8 (2023). https://doi.org/10.1007/s00145-023-09450-w

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s00145-023-09450-w

Keywords

Search

Navigation