, Volume 101, Issue 9, pp 1265–1286 | Cite as

EPiC: efficient privacy-preserving counting for MapReduce

  • Triet Dang Vo-HuuEmail author
  • Erik-Oliver Blass
  • Guevara Noubir


In the face of an untrusted cloud infrastructure, outsourced data needs to be protected. We present EPiC, a practical protocol for the privacy-preserving evaluation of a fundamental operation on data sets: frequency counting. In an encrypted outsourced data set, a cloud user can specify a pattern, and the cloud will count the number of occurrences of this pattern in an oblivious manner. A pattern is expressed as a Boolean formula on the fields of data records and can specify values counting, value comparison, range counting, and conjunctions/disjunctions of field values. We show how a general pattern, defined by a Boolean formula, is arithmetized into a multivariate polynomial and used in EPiC. To increase the performance of the system, we introduce a new privacy-preserving encoding with “somewhat homomorphic” properties. The encoding is highly efficient in our particular counting scenario. Besides a formal analysis where we prove EPiC ’s privacy, we also present implementation and evaluation results. We specifically target Google’s prominent MapReduce paradigm as offered by major cloud providers. Our evaluation performed both locally and in Amazon’s public cloud with up to 1 TByte data sets shows only a modest overhead of \(20\%\) compared to non-private counting, attesting to EPiC ’s efficiency.


Privacy-preserving MapReduce Somewhat homomorphic encryption 

Mathematics Subject Classification




This work was partially supported by NSF Grant 1218197.


  1. 1.
    Amazon Elastic MapReduce.
  2. 2.
    Apache Hadoop (2010)
  3. 3.
    Babai L, Fortnow L (1991) Arithmetization: a new method in structural complexity theory. In: Computational complexity, pp 41–66, ISSN: 1016-3328Google Scholar
  4. 4.
    Boneh D, DiCrescenzo G, Ostrovsky R, Persiano G (2004) Public key encryption with keyword search. In: Proceedings of Eurocrypt, pp 506–522. Barcelona, SpainGoogle Scholar
  5. 5.
    Brakerski Z, Vaikuntanathan V (2011) Fully homomorphic encryption from ring-LWE and security for key dependent messages. In: Rogaway P (eds) Advances in cryptology—CRYPTO 2011, pp 505–524. Springer, Berlin. ISBN: 978-3-642-22792-9Google Scholar
  6. 6.
    Dean J, Ghemawat S (2004) MapReduce: simplified data processing on large clusters. In: Proceedings of symposium on operating system design and implementation, pp 137–150. San Francisco, USAGoogle Scholar
  7. 7.
    Dwork C (2006) Differential privacy. In: Proceedings of colloquium automata, languages and programming, pp 1–12, Venice, Italy, 2006. ISBN: 3-540-35907-9Google Scholar
  8. 8.
    Gentry C (2009) Fully homomorphic encryption using ideal lattices. In: Proceedings of the forty-first annual ACM symposium on theory of computing, STOC ’09, pp 169–178. New York, NY, 2009. ACM. ISBN: 978-1-60558-506-2Google Scholar
  9. 9.
    Gentry C, Halevi S (2011) Implementing Gentry’s fully-homomorphic encryption scheme. In: Advances in cryptology—EUROCRYPT 2011, pp 129–148. Tallinn, Estonia, 2011. Springer, Berlin. ISBN: 78-3-642-20464-7Google Scholar
  10. 10.
  11. 11.
    Hadoop. Powered by Hadoop, list of applications using Hadoop MapReduce (2011).
  12. 12.
    Hoffstein J, Pipher J, Silverman JH (1998) NTRU: a ring-based public key cryptosystem. In: Algorithmic number theory, third international symposium, ANTS-III, Portland, Oregon, USA, June 21–25, 1998, proceedings, pp. 267–288Google Scholar
  13. 13.
    Kamara S, Raykova M (2013) Parallel homomorphic encryption. In: Adams AA, Brenner M, Smith M (eds) Financial cryptography and data security, pp 213–225. Springer, Berlin. ISBN: 978-3-642-41320-9Google Scholar
  14. 14.
    Katz J, Lindell Y (2007) Introduction to modern cryptography (Chapman & Hall/CRC Cryptography and network security series). Chapman & Hall/CRCGoogle Scholar
  15. 15.
    Lauter K, Naehrig N, Vaikuntanathan V (2011) Can homomorphic encryption be practical? In: Proceedings of ACM workshop on cloud computing security. ChicagoGoogle Scholar
  16. 16.
    Lepoint T, Tibouchi M (2015) Cryptanalysis of a (somewhat) additively homomorphic encryption scheme used in PIR. In: Financial cryptography and data security—FC 2015 international workshops, BITCOIN, WAHC, and Wearable, San Juan, Puerto Rico, January 30, 2015, Revised Selected Papers, pp 184–193Google Scholar
  17. 17.
    Rocha F, Correia M (2011) Lucy in the sky without diamonds: stealing confidential data in the cloud. In: Proceedings of international workshop on dependability of clouds, data centers and virtual computing y environments, pp 129–134, Hong Kong, ChinaGoogle Scholar
  18. 18.
    Shamir A (1992) IP = PSPACE. J ACM 39(4):869–877. ISSN: 0004-5411Google Scholar
  19. 19.
    Song D, Wagner D, Perrig A (2000) Practical techniques for searches on encrypted data. In: Proceedings of symposium on security and privacy, pp 44–55, Berkeley, USAGoogle Scholar
  20. 20.
    Techcrunch. Google confirms that it fired engineer for breaking internal privacy policies (2010).
  21. 21.
    The Telegraph (2011) Patient records go online in data cloud.
  22. 22.
    Trostle J, Parrish A (2010) Efficient computationally private information retrieval from anonymity or trapdoor groups. In: Proceedings of conference on information security, pp 114–128, Boca Raton, USA, 2010. ISBN: 978-3-642-18177-1Google Scholar
  23. 23.
    Vaikuntanathan V (2011) Computing blindfolded: new developments in fully homomorphic encryption. In: Proceedings of the 2011 IEEE 52nd annual symposium on foundations of computer science, FOCS’11, pp 5–16, Washington, DC, USA 2011. ISBN: 978-0-7695-4571-4Google Scholar
  24. 24.
    van Dijk M, Gentry C, Halevi S, Vaikuntanathan V (2010) Fully homomorphic encryption over the integers. In: Proceedings of international conference on theory and applications of cryptographic techniques, EUROCRYPT’10, pp 24–43, Monaco, 2010. Springer, Berlin. ISBN: 3-642-13189-1Google Scholar
  25. 25.
    Vo-Huu TD, Blass E-O, Noubir G EPiC Source Code.
  26. 26.
    Whittaker Z (2011) Microsoft admits Patriot Act can access EU-based cloud data. Zdnet

Copyright information

© Springer-Verlag GmbH Austria, part of Springer Nature 2018

Authors and Affiliations

  • Triet Dang Vo-Huu
    • 1
    Email author
  • Erik-Oliver Blass
    • 2
  • Guevara Noubir
    • 1
  1. 1.Northeastern UniversityBostonUSA
  2. 2.Airbus Group InnovationsMunichGermany

Personalised recommendations