Wei Yang,Liusheng Huang,Lu Li,Mingjun Xiao,Xiaorong Lu,Yao Shen,Youwen Zhu

DOI: https://doi.org/10.1109/iwqos.2015.7404726

2015-01-01

Abstract:Performing efficient data aggregation while keeping the property of privacy preservation of user-related data is of high concern. Extensive research has been conducted to address this problem in multiple areas. As a fact, the security of a number of privacy-preserving protocols are threatened by collusion between participants. Therefore, security analysis plays a fundamental role in privacy-preserving data aggregation protocols. In this paper, we present a new kind of collusion attack strategy called Hamburger Attack. It is of logical simplicity, but has the advantage of being effective and efficient. We employ it to check the security of several existing privacy-preserving data aggregation schemes. We show that under hamburger attack, some prior privacy-preserving data aggregation protocols will disclose part, even all, of the private data that they intended to protect. On the other hand, the hamburger attack is beneficial to designing new privacy-preserving data aggregation schemes. It can assist them in avoiding this kind of collusion attack.

Youwen Zhu,Liusheng Huang,Wei Yang,Miaomiao Tian

2010-01-01

Abstract:A measurement model was defined to analysis each privacy-preserving data aggregation protocol's ability to resist potential collusion. Then, a new efficient collusion-resisting privacy-preserving data aggregation protocol was proposed. Theoretical analysis and experiment result confirmed the protocol's ability to resist potential collusion and the communication overhead of our scheme is much less than existing protocol's.

Liyuan Cao,Yingwen Chen,Kaiyu Cai,Dongsheng Wang,Yuchuan Luo,Guangtao Xue

DOI: https://doi.org/10.1007/978-3-031-19208-1_26

2022-01-01

Abstract:In smart grid, smart meters record real-time customers' electricity consumption and transmit it to the control center. Leakage of customers' real-time power usage data will impose severe risk on consumers' privacy. To Protect users' privacy, researchers observe that what the control center really needs for providing services is not raw data but aggregate values of customers' real-time usage data. On this basis, many privacy-preserving data aggregation schemes are proposed for smart grid. However, these schemes pay little attention to the problem of collusion. In these schemes, edge nodes store the ciphertexts of customers' raw usage data, and the control center has the decryption key. If edge nodes collude with the control center, customers' usage data will still be leaked. To tackle this problem, a collusion-tolerant and privacy-preserving data aggregation scheme for smart grid is proposed in this paper. By leveraging homomorphic encryption and threshold scheme, the proposed scheme supports typical aggregate operations in smart grid, while keeping the privacy of customers and defending the collusions from edge nodes and the control center in practice. Security analysis and performance evaluation demonstrates that the proposed scheme protects the privacy of customers' usage data effectively even under collusions in practice.

Mengdi Huai,Liusheng Huang,Yu-e Sun,Wei Yang

DOI: https://doi.org/10.1109/bdcloud.2015.54

2015-01-01

Abstract:Mobile crowdsensing applications can learn the aggregate statistics over personal data to produce useful knowledge about the world. Since personal data may be privacy-sensitive, the aggregator should only gain desired statistics without learning anything about the personal data. Differential privacy, the state-of-the-art privacy mechanism, can provide strong protection to ensure parties' privacy in such scenarios. Correspondingly, based on the differential privacy, many collusion-tolerant aggregation schemes have been proposed. However, those collusion-tolerant schemes usually incur high accumulated error and also require the priori knowledge of the fraction of those colluded parties. In this paper, we propose a differential-private collusion-tolerant aggregation protocol, while incurring no additionally error except the noise required for providing the differential privacy guarantee. Another salient characteristic of the proposed protocol is that it need not to have an priori estimation of those colluded parties. In addition, we also design an efficient aggregation encryption scheme to support those mobile crowdsensing applications where large plaintext is required. We also make some extensions to make the proposed protocol more applicable in realities, such as the fault tolerant. The analysis shows that the proposed protocol can achieve desired goals, and the performance evaluation demonstrates the protocol's efficiency in reality.

Chang Xu,Lvhan Zhang,Liehuang Zhu,Chuan Zhang,Xiaojiang Du,Mohsen Guizani,Kashif Sharif

DOI: https://doi.org/10.1016/j.future.2020.04.021

IF: 7.307

2020-01-01

Future Generation Computer Systems

Abstract:Information-Centric Networking (ICN) is a novel future network architecture which in contrast to IP-based networks relies on content and its name. It separates the physical location of data from the discovery and forwarding process and solely relies on the content itself. For the Internet of Thing (IoT) networks, stripping the location information may provide privacy, but this does not translate to operational privacy. Attackers can infer user behavior patterns through operational privacy, by eavesdropping on meaningful information. The content name and designed signature in ICN can associate content with the identity of the provider, even if the IP address is hidden. Although several research efforts focus on the privacy protection of ICN, they do not consider the privacy implications of data aggregation. Most existing privacy-preserving data aggregation protocols are designed for special operations, such as sum, average, variance, max or min, and they cannot support arbitrary aggregation operations in the ciphertexts domain. Besides, the need for trusted authority (TA) restricts the use of existing protocols in the real world. In this paper, we propose a practical and privacy-preserving data aggregation scheme that can compute arbitrary aggregation functions without a TA. On one hand, our scheme can ensure users’ anonymity and privacy protection, while on the other, the scheme is efficient in enabling participants to join or leave the system dynamically. Security analysis shows that the proposed scheme can achieve the desired security properties, while experimental results demonstrate its effectiveness and efficiency.

Taeho Jung,Xiang-Yang Li,Meng Wan

DOI: https://doi.org/10.1109/TDSC.2014.2309134

2015-01-01

Abstract:Much research has been conducted to securely outsource multiple parties' data aggregation to an untrusted aggregator without disclosing each individual's privately owned data, or to enable multiple parties to jointly aggregate their data while preserving privacy. However, those works either require secure pair-wise communication channels or suffer from high complexity. In this paper, we consider how an external aggregator or multiple parties can learn some algebraic statistics (e.g., sum, product) over participants' privately owned data while preserving the data privacy. We assume all channels are subject to eavesdropping attacks, and all the communications throughout the aggregation are open to others. We first propose several protocols that successfully guarantee data privacy under semi-honest model, and then present advanced protocols which tolerate up to k passive adversaries who do not try to tamper the computation. Under this weak assumption, we limit both the communication and computation complexity of each participant to a small constant. At the end, we present applications which solve several interesting problems via our protocols.

Yiwei Zhang,Rouzbeh Behnia,Attila A. Yavuz,Reza Ebrahimi,Elisa Bertino

2024-10-18

Abstract:Federated learning enables the collaborative learning of a global model on diverse data, preserving data locality and eliminating the need to transfer user data to a central server. However, data privacy remains vulnerable, as attacks can target user training data by exploiting the updates sent by users during each learning iteration. Secure aggregation protocols are designed to mask/encrypt user updates and enable a central server to aggregate the masked information. MicroSecAgg (PoPETS 2024) proposes a single server secure aggregation protocol that aims to mitigate the high communication complexity of the existing approaches by enabling a one-time setup of the secret to be re-used in multiple training iterations. In this paper, we identify a security flaw in the MicroSecAgg that undermines its privacy guarantees. We detail the security flaw and our attack, demonstrating how an adversary can exploit predictable masking values to compromise user privacy. Our findings highlight the critical need for enhanced security measures in secure aggregation protocols, particularly the implementation of dynamic and unpredictable masking strategies. We propose potential countermeasures to mitigate these vulnerabilities and ensure robust privacy protection in the secure aggregation frameworks.

Cryptography and Security,Machine Learning

Hui Dou,Yuling Chen,Yixian Yang,Yangyang Long

DOI: https://doi.org/10.1007/s12652-020-02801-6

IF: 3.662

2021-02-10

Journal of Ambient Intelligence and Humanized Computing

Abstract:Abstract As a significant part of the Internet of things, wireless sensor networks (WSNs) is frequently implemented in our daily life. Data aggregation in WSNs can realize limited transmission and save energy. In the process of data aggregation, node data information is vulnerable to be eavesdropped and attacked. Therefore, it is of great significance to the research of data aggregation privacy protection in WSNs. We propose a secure and efficient privacy-preserving data aggregation algorithm (SECPDA) based on the original clustering privacy data aggregation algorithm. In this algorithm, we utilize SEP protocol to dynamically select cluster head nodes, introduce slicing idea for the private data slicing, and generate false information for interference. A comprehensive experimental evaluation is conducted to assess the data traffic and privacy protection performance. The results demonstrate that the proposed SECPDA algorithm can effectively reduce data traffic and further improve data privacy of nodes.

computer science, information systems,telecommunications, artificial intelligence

Jianping He,Lin Cai,Peng Cheng,Min Xing,Jianping Pan,Ling Shi

2016-01-01

Abstract:Privacy-preserving data aggregation in ad hoc networks is a challenging problem, considering the distributed communication and control requirement, dynamic network topology, unreliable communication links, etc. The difficulty is exaggerated when there exist dishonest nodes, and how to ensure privacy, accuracy, and robustness against dishonest nodes remains an open issue. Different from the widely used cryptographic approaches, in this paper, we address this challenging problem by exploiting the distributed consensus technique. We first propose a secure consensus-based data aggregation (SCDA) algorithm that guarantees an accurate sum aggregation while preserving the privacy of sensitive data. Then, to mitigate the pollution from dishonest nodes, we propose an Enhanced SCDA (E-SCDA) algorithm that allows neighbors to detect dishonest nodes, and derive the error bound when there are undetectable dishonest nodes. {We prove the convergence of both SCDA and E-SCDA. We also prove that the proposed algorithms are $(epsilon, sigma)$-data-privacy, and obtain the mathematical relationship between $epsilon$ and $sigma$.} Extensive simulations have shown that the proposed algorithms have high accuracy and low complexity, and they are robust against network dynamics and dishonest nodes.

Hongyang Yan,Li Hu,Xiaoyu Xiang,Zheli Liu,Xu Yuan

DOI: https://doi.org/10.1016/j.ins.2020.09.064

IF: 8.1

2021-02-01

Information Sciences

Abstract:<p>Collaborative learning and related techniques such as federated learning, allow multiple clients to train a model jointly while keeping their datasets at local. <em>Secure Aggregation</em> in most existing works focus on protecting model gradients from the server. However, an dishonest user could still easily get the privacy information from the other users. It remains a challenge to propose an effective solution to prevent information leakage against dishonest users.</p><p>To tackle this challenge, we propose a novel and effective privacy-preserving collaborative machine learning scheme, targeting at preventing information leakage agains adversaries. Specifically, we first propose a privacy-preserving network transformation method by utilizing Random-Permutation in Software Guard Extensions(SGX), which protects the model parameters from being inferred by a curious server and dishonest clients. Then, we apply Partial-Random Uploading mechanism to mitigate the information inference through visualizations. To further enhance the efficiency, we introduce network pruning operation and employ it to accelerate the convergence of training. We present the formal security analysis to demonstrate that our proposed scheme can preserve privacy while ensuring the convergence and accuracy of secure aggregation. We conduct experiments to show the performance of our solution in terms of accuracy and efficiency. The experimental results show that the proposed scheme is practical.</p>

computer science, information systems

Aldar C-F. Chan,Claude Castelluccia

DOI: https://doi.org/10.1145/1921621.1921623

2011-02-01

ACM Transactions on Sensor Networks

Abstract:A formal treatment to the security of Concealed Data Aggregation (CDA) and the more general Private Data Aggregation (PDA) is given. While there exist a handful of constructions, rigorous security models and analyses for CDA or PDA are still lacking. Standard security notions for public key encryption, including semantic security and indistinguishability against chosen ciphertext attacks, are refined to cover the multisender nature and aggregation functionality of CDA and PDA in the security model. The proposed security model is sufficiently general to cover most application scenarios and constructions of privacy-preserving data aggregation. An impossibility result on achieving security against adaptive chosen ciphertext attacks in CDA/PDA is shown. A generic CDA construction based on public key homomorphic encryption is given, along with a proof of its security in the proposed model. The security of a number of existing schemes is analyzed in the proposed model.

computer science, information systems,telecommunications

Ze Yang,Youliang Tian

DOI: https://doi.org/10.1016/j.jksuci.2024.102073

IF: 9.006

2024-06-01

Journal of King Saud University - Computer and Information Sciences

Abstract:Highlights • We propose a lightweight computational scheme for private data aggregation. By adopting the CRT and encoding theory, private data is encoded into polynomial coefficients for computation and the random data are introduced to ensure that private data is not leaked to non-collusive servers. • We propose a non-interactive verifiable security aggregation protocol that satisfies the requirements of clients dropping out and partial server corruption. Furthermore, by introducing redundant shares and utilizing results returned by delayed servers, the proposed scheme achieves verifiable computation. • We provide a thorough analysis of the robustness, verification and security of our proposed. The experimental results show that the proposed scheme is effective in both computation and verification. Data aggregation involves the integration of relevant data generated across platforms and devices, leveraging the potential value of sensory data. However, in addition to security and efficiency, which are the basic requirements for data aggregation involving private data, how to achieve fault tolerance and interference of aggregation in real computing networks is imminent and is the main contribution of this paper. In this paper, we propose a secure aggregation framework involving multiple servers based on coding theory, which is not only robust to clients dropping out and tolerant to partial server withdrawal but also resistant to malicious computation by servers and forgery attacks by adversaries. In particular, the proposed protocol employs the Chinese Residual Theorem (CRT) to encode private data and constructs Lagrange interpolation polynomials to perform aggregation, which achieves lightweight privacy preservation while achieving robust, verifiable and secure aggregation goals.

computer science, information systems

Ehsan Meamari,Hao Guo,Chien-Chung Shen,Junbeom Hur

DOI: https://doi.org/10.48550/arXiv.2002.07811

2020-02-18

Abstract:Attribute-based Encryption (ABE) is an information centric security solution that moves beyond traditional restrictions of point-to-point encryption by allowing for flexible, fine-grain policy-based and content-based access control that is cryptographically enforced. As the original ABE systems are managed by a single authority, several efforts have decentralized different ABE schemes to address the key escrow problem, where the authority can issue secret keys to itself to decrypt all the ciphertext. However, decentralized ABE (DABE) schemes raise the issue of collusion attacks. In this paper, we review two existing types of collusion attacks on DABE systems, and introduce a new type of collusion among authorities and data users. We show that six existing DABE systems are vulnerable to the newly introduced collusion and propose a model to secure one of the DABE schemes.

Cryptography and Security

Zuyan Wang,Jun Tao,Dika Zou

2024-05-31

Abstract:The growing popular awareness of personal privacy raises the following quandary: what is the new paradigm for collecting and protecting the data produced by ever-increasing sensor devices. Most previous studies on co-design of data aggregation and privacy preservation assume that a trusted fusion center adheres to privacy regimes. Very recent work has taken steps towards relaxing the assumption by allowing data contributors to locally perturb their own data. Although these solutions withhold some data content to mitigate privacy risks, they have been shown to offer insufficient protection against disclosure attacks. Aiming at providing a more rigorous data safeguard for the Internet of Things (IoTs), this paper initiates the study of privacy-preserving data aggregation. We propose a novel paradigm (called RASE), which can be generalized into a 3-step sequential procedure, noise addition, followed by random permutation, and then parameter estimation. Specially, we design a differentially private randomizer, which carefully guides data contributors to obfuscate the truth. Then, a shuffler is employed to receive the noisy data from all data contributors. After that, it breaks the correct linkage between senders and receivers by applying a random permutation. The estimation phase involves using inaccurate data to calculate an approximate aggregate value. Extensive simulations are provided to explore the privacy-utility landscape of our RASE.

Cryptography and Security

Siqing Zhang,Yong Liao,Pengyuan Zhou

DOI: https://doi.org/10.48550/arXiv.2312.04937

2023-12-11

Abstract:Leveraging federated learning (FL) to enable cross-domain privacy-sensitive data mining represents a vital breakthrough to accomplish privacy-preserving learning. However, attackers can infer the original user data by analyzing the uploaded intermediate parameters during the aggregation process. Therefore, secure aggregation has become a critical issue in the field of FL. Many secure aggregation protocols face the problem of high computation costs, which severely limits their applicability. To this end, we propose AHSecAgg, a lightweight secure aggregation protocol using additive homomorphic masks. AHSecAgg significantly reduces computation overhead without compromising the dropout handling capability or model accuracy. We prove the security of AHSecAgg in semi-honest and active adversary settings. In addition, in cross-silo scenarios where the group of participants is relatively fixed during each round, we propose TSKG, a lightweight Threshold Signature based masking key generation method. TSKG can generate different temporary secrets and shares for different aggregation rounds using the initial key and thus effectively eliminates the cost of secret sharing and key agreement. We prove TSKG does not sacrifice security. Extensive experiments show that AHSecAgg significantly outperforms state-of-the-art mask-based secure aggregation protocols in terms of computational efficiency, and TSKG effectively reduces the computation and communication costs for existing secure aggregation protocols.

Cryptography and Security

Yue-Hsun Lin,Shih-Ying Chang,Hung-Min Sun

DOI: https://doi.org/10.1109/tkde.2012.94

IF: 9.235

2013-01-01

IEEE Transactions on Knowledge and Data Engineering

Abstract:For wireless sensor networks, data aggregation scheme that reduces a large amount of transmission is the most practical technique. In previous studies, homomorphic encryptions have been applied to conceal communication during aggregation such that enciphered data can be aggregated algebraically without decryption. Since aggregators collect data without decryption, adversaries are not able to forge aggregated results by compromising them. However, these schemes are not satisfy multi-application environments. Second, these schemes become insecure in case some sensor nodes are compromised. Third, these schemes do not provide secure counting; thus, they may suffer unauthorized aggregation attacks. Therefore, we propose a new concealed data aggregation scheme extended from Boneh et al.'s homomorphic public encryption system. The proposed scheme has three contributions. First, it is designed for a multi-application environment. The base station extracts application-specific data from aggregated ciphertexts. Next, it mitigates the impact of compromising attacks in single application environments. Finally, it degrades the damage from unauthorized aggregations. To prove the proposed scheme's robustness and efficiency, we also conducted the comprehensive analyses and comparisons in the end.

Yuan Su,Yanping Li,Jiliang Li,Kai Zhang

DOI: https://doi.org/10.1109/jiot.2021.3074503

IF: 10.6

2021-10-15

IEEE Internet of Things Journal

Abstract:Secure data aggregation for smart grid aims to protect the privacy of individual data and guarantee the utility of big data. To protect user's privacy in data aggregation, public-key-based homomorphic encryption and masking-value-based methods are adopted in existing works. However, public-key-based homomorphic encryption causes unaffordable computation costs for smart meters (SMs), while the masking-value-based works suffer from inefficient communication. Therefore, we propose a lightweight and communication efficient data aggregation (LCEDA) scheme for smart grid. First, LCEDA allows SMs to freely form the aggregation zone at lower communication and computation costs. Second, in order to ensure forward security of individual data, LCEDA achieves efficient update of masking value share, which greatly saves the complexity and computation costs compared with the existing schemes. Third, LCEDA supports dynamic enrollment and revocation of SMs to solve the malfunction and migration of SMs and improve the scalability of the LCEDA scheme. Finally, the security of LCEDA is analyzed, and extensive performance evaluations and experiments demonstrate that LCEDA is more efficient and practical.

computer science, information systems,telecommunications,engineering, electrical & electronic

Hung-Min Sun,Yue-Hsun Lin,Ying-Chu Hsiao,Chien-Ming Chen

DOI: https://doi.org/10.1109/icess.2008.9

2008-01-01

Abstract:Data aggregation is one of the most important techniques in wireless sensor networks to save energy through reducing lots of transmission. However, plaintext aggregation is insecure since eavesdropping or modifying messages is possible. Due to this, concealed data aggregation schemes based. on homomorphic encryption have been proposed. Ciphertexts can be operated algebraic computations without decryption in those schemes. Unfortunately, they only provide data confidentiality. While compromising secret in captured sensor nodes, an adversary can still create forged ciphertexts. In this paper, we combines Boneh et al.'s aggregate signature scheme and Mykletun et al.'s concealed data aggregation scheme to overcome the above problems. The proposed scheme aggregates not only ciphertexts but also signatures. Through verifying aggregated signature, data integrity of each plaintext can be guaranteed. Furthermore, the communication overhead for each cluster head is still constant. Each cluster head sends an aggregated signature and an aggregated ciphertext to the base station. For resource constrained environment, the proposed scheme is secure and efficient practically.

Liangliang Wang,Kefei Chen,Yu Long,Huige Wang

DOI: https://doi.org/10.1002/sec.1421

IF: 1.968

2016-01-01

Security and Communication Networks

Abstract:An aggregate signature refers to a signature, by which n signatures sigma(1),...,sigma(n) corresponding to n messages m(1),...,m(n) and n users u(1),...,u(n) can be transformed into a single short signature (sigma) over bar. Besides, anyone can be convinced by the single short signature that the n messages m(1),...,m(n) were definitely signed by the n users u(1),...,u(n) correspondingly. The concept of certificateless cryptography is proposed, so as to settle the key escrow problem in ID-based cryptography and eliminate the demand for certificates in certified cryptography. A certificateless signature scheme was proposed by Chen et al. in 2014, which was extended into a certificateless aggregate signature scheme. In this paper, two attacks are firstly provided, so as to indicate that the certificateless signature scheme is insecure against a Type I adversary and a Type II adversary. And then, it is demonstrated that the certificateless aggregate signature scheme is not able to achieve the security levels they claimed due to the weaknesses of the certificateless signature scheme. Copyright (c) 2016 John Wiley & Sons, Ltd.

Chien-Ming Chen,Yue-Hsun Lin,Ya-Ching Lin,Hung-Min Sun

DOI: https://doi.org/10.1109/tpds.2011.219

IF: 5.3

2012-01-01

IEEE Transactions on Parallel and Distributed Systems

Abstract:Recently, several data aggregation schemes based on privacy homomorphism encryption have been proposed and investigated on wireless sensor networks. These data aggregation schemes provide better security compared with traditional aggregation since cluster heads (aggregator) can directly aggregate the ciphertexts without decryption; consequently, transmission overhead is reduced. However, the base station only retrieves the aggregated result, not individual data, which causes two problems. First, the usage of aggregation functions is constrained. For example, the base station cannot retrieve the maximum value of all sensing data if the aggregated result is the summation of sensing data. Second, the base station cannot confirm data integrity and authenticity via attaching message digests or signatures to each sensing sample. In this paper, we attempt to overcome the above two drawbacks. In our design, the base station can recover all sensing data even these data has been aggregated. This property is called “recoverable.” Experiment results demonstrate that the transmission overhead is still reduced even if our approach is recoverable on sensing data. Furthermore, the design has been generalized and adopted on both homogeneous and heterogeneous wireless sensor networks.