Abstract
Benchmarking is an important process for companies to stay competitive in today’s markets. The basis for benchmarking are statistics of performancemeasures of a group of companies. The companies need to collaborate in order to compute these statistics.
Protocols for privately computingstatistics have been proposed in the literature. This paper designs, implements and evaluates a privacy-preserving benchmarking platform which is a central entity that offers a database of benchmark statistics to its customers. This is the first attempt at building a practical privacy-preserving benchmarking system and the first attempt at addressing all necessary trade-offs.
The paper starts by designing a protocol that efficiently computes the statistics with constant cost per participant. The protocol uses central communication where customers only communicate with the central platform which facilitates a simple practical orchestration of the protocol. The protocols scale to realistic problem sizes due to the constant communication (and computation) cost per participant of the protocol.
Chapter PDF
Similar content being viewed by others
Keywords
- Service Provider
- Message Authentication Code
- Homomorphic Encryption
- Oblivious Transfer
- Cryptographic Hash Function
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
G. Aggarwal, N. Mishra, and B. Pinkas. Secure computation of the kth-ranked element. Proceedings of EUROCRYPT, 2004.
M. Atallah, M. Bykova, J. Li, K. Frikken, and M. Topkara. Private collaborative forecasting and benchmarking. Proceedings of the ACM workshop on Privacy in the electronic society, 2004.
J. Benaloh. Verifiable Secret-Ballot Elections. PhD thesis, Yale University, 1987.
M. Ben-Or, and A. Wigderson. Completeness theorems for non-cryptographic fault-tolerant distributed computation. Proceedings of the 20th ACM symposium on theory of computing, 1988.
P. Bogetoft, I. Damgard, T. Jakobsen, K. Nielsen, J. Pagter, and T. Toft. A Practical Implementation of Secure Auctions Based on Multiparty Integer Computation. Proceedings of Financial Cryptography, 2006.
I. Damgard, R. Cramer, and J. Nielsen. Multiparty Computation from Threshold Homomorphic Encryption. Proceedings of EUROCRYPT, 2001.
I. Damgard, and Y. Ishai Constant-Round Multiparty Computation Using a Black-Box Pseudorandom Generator. Proceedings of CRYPTO, 2005.
I. Damgard, and M. Jurik. A Generalisation, a Simplification and some Applications of Pailliers Probabilistic Public-Key System. Proceedings of International Conference on Theory and Practice of Public-Key Cryptography, 2001.
G. Di Crescenzo. Private Selective Payment Protocols. Proceedings of Financial Cryptography, 2000.
G. Di Crescenzo. Privacy for the Stock Market. Proceedings of Financial Cryptography, 2001.
W. Du, and M. Atallah. Privacy-preserving Cooperative Statistical Analysis. Proceedings of the 17th Annual Computer Security Applications Conference, 2001.
S. Even, O. Goldreich, and A. Lempel. A randomized protocol for signing contracts. Communications of the ACM 28(6), 1985.
J. Feigenbaum, B. Pinkas, R. Ryger, and F. Saint-Jean. Secure Computation of Surveys. Proceedings of the EU Workshop on Secure Multiparty Protocols, 2004.
O. Goldreich. Secure Multi-party Computation. Available at www.wisdom.weizmann.ac.il/˜oded/pp.html, 2002.
O. Goldreich. The Foundations of Cryptography Vol. 2. Cambridge University Press, 2004.
O. Goldreich, S. Micali, and A.Wigderson. How to play any mental game. Proceedings of the 19th ACM conference on theory of computing, 1987.
S. Goldwasser. Multi party computations: past and present. Proceedings of the 16th ACM symposium on principles of distributed computing, 1997.
A. Juels, and M. Szydlo. A two-server, sealed-bid auction protocol. Proceedings of the 6th Conference on Financial Cryptography, 2002.
E. Karnin, J. Green and M. Hellman. On Secret Sharing Systems. IEEE Tranactions on Information Theory 29(1), 1983.
F. Kerschbaum, and O. Terzidis. Filtering for Private Collaborative Benchmarking. Proceedings of the International Conference on Emerging Trends in Information and Communication Security, 2006.
E. Kiltz, G. Leander, and J. Malone-Lee. Secure Computation of the Mean and Related Statistics. Proceedings of Theory of Cryptography Conference, 2005.
H. Lipmaa, N. Asokan, and V. Niemi. Secure Vickrey auctions without threshold trust. Proceedings of the 6th Conference on Financial Cryptography, 2002.
D. Malkhi, N. Nisan, B. Pinkas, and Y. Sella. Fairplay - A Secure Two-party Computation System. Proceedings of the USENIX security symposium, 2004.
D. Naccache, and J. Stern. A New Public-Key Cryptosystem Based on Higher Residues. Proceedings of the ACM Conference on Computer and Communications Security, 1998.
M. Naor, and B. Pinkas. Efficient Oblivious Transfer Protocols. Proceedings of the symposium on data structures and algorithms, 2001.
M. Naor, B. Pinkas and R. Sumner. Privacy Preserving Auctions and Mechanism Design. Proceedings of the 1st ACM Conference on Electronic Commerce, 1999.
T. Okamoto, and S. Uchiyama. A new public-key cryptosystem as secure as factoring. Proceedings of EUROCRYPT, 1998.
P. Paillier. Public-Key Cryptosystems Based on Composite Degree Residuosity Classes. Proceedings of EUROCRYPT, 1999.
B. Preneel. Cryptographic hash functions. European Transactions on Telecommunications 5(4), 1994.
M. Rabin. How to exchange secrets by oblivious transfer. Technical Memo TR–81, Aiken Computation Laboratory, 1981.
R. Rivest, A. Shamir, and L. Adleman. AMethod for Obtaining Digital Signatures and Public- Key Cryptosystems. Communications of the ACM 21(2), 1978.
L. Rizzo. Dummynet: a simple approach to the evaluation of network protocols. ACM Computer Communication Review 27(1), 1997.
H. Subramaniam, R. Wright, and Z. Yang. Experimental Analysis of Privacy-Preserving Statistics Computation. Proceedings of the Workshop on Secure Data Management, 2004.
A. Yao. Protocols for Secure Computations. Proceedings of the IEEE Symposium on foundations of computer science 23, 1982. Enhancing Privacy in Remote Data Classification
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2008 IFIP International Federation for Information Processing
About this paper
Cite this paper
Kerschbaum, F. (2008). Practical Privacy-Preserving Benchmarking. In: Jajodia, S., Samarati, P., Cimato, S. (eds) Proceedings of The Ifip Tc 11 23rd International Information Security Conference. SEC 2008. IFIP – The International Federation for Information Processing, vol 278. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-09699-5_2
Download citation
DOI: https://doi.org/10.1007/978-0-387-09699-5_2
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-09698-8
Online ISBN: 978-0-387-09699-5
eBook Packages: Computer ScienceComputer Science (R0)