On practical privacy-preserving fault-tolerant data aggregation

摘要

In this paper, we propose a fault-tolerant privacy-preserving data aggregation protocol which utilizes limited local communication between nodes. As a starting point, we analyze the Binary Protocol presented by Chan et al. Comparing to previous work, their scheme guaranteed provable privacy of individuals and could work even if some number of users refused to participate. In our paper we demonstrate that despite its merits, their method provides unacceptably low accuracy of aggregated data for a wide range of assumed parameters and cannot be used in majority of real-life systems. To show this we use both analytic and experimental methods. On the positive side, we present a precise data aggregation protocol that provides provable level of privacy even when facing massive failures of nodes. Moreover, our protocol requires significantly less computation (limited exploiting of heavy cryptography) than most of currently known fault-tolerant aggregation protocols and offers better security guarantees that make it suitable for systems of limited resources (including sensor networks). Most importantly, our protocol significantly decreases the error (compared to Binary Protocol). However, to obtain our result we relax the model and allow some limited communication between the nodes. Our approach is a general way to enhance privacy of nodes in networks that allow such limited communication, i.e., social networks, VANETs or other IoT appliances. Additionally, we conduct experiments on real data (Facebook social network) to compare our protocol with protocol presented by Chan et al.