Secure and Efficient Multi-Party Directory Publication for Privacy-Preserving Data Sharing

  • Katchaguy AreekijsereeEmail author
  • Yuzhe Tang
  • Ju Chen
  • Shuang Wang
  • Arun Iyengar
  • Balaji Palanisamy
Conference paper
Part of the Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering book series (LNICST, volume 254)


In the era of big-data, personal data is produced, collected and consumed at different sites. A public directory connects data producers and consumers over the Internet and should be constructed securely given the privacy-sensitive nature of personal data.

This work tackles the research problem of distributed, privacy-preserving directory publication, with strong security and practical efficiency. For proven security, we follow the protocols of secure multi-party computations (MPC). For efficiency, we propose a pre-computation framework that minimizes the private computation and conducts aggressive pre-computation on public data. Several pre-computation policies are proposed with varying degrees of aggressiveness. For systems-level efficiency, the pre-computation is implemented with data parallelism on general-purpose graphics processing units (GPGPU).We apply the proposed scheme to real health-care scenarios for constructing patient-locator services in emerging Health Information Exchange (or HIE) networks.

We conduct extensive performance studies on real datasets and with an implementation based on open-source MPC software. With experiments on local and geo-distributed settings, our performance results show that the proposed pre-computation achieves a speedup of more than an order of magnitude without security loss.



The authors would thank anonymous reviewers for their constructive suggestions. The first three authors were supported by the Cyber Research Institute in Rome, NY, under Grant Number #28254. Shuang Wang was supported by NIH R00HG008175.


  1. 1.
  2. 2.
  3. 3.
    Directive 95/46/EC of the European parliament and of the councilGoogle Scholar
  4. 4.
  5. 5.
  6. 6.
  7. 7.
  8. 8.
  9. 9.
  10. 10.
  11. 11.
  12. 12.
    Percy++/PIR in C++.
  13. 13.
  14. 14.
  15. 15.
    2015 IEEE Symposium on Security and Privacy, SP 2015, San Jose, CA, USA, 17–21 May 2015. IEEE Computer Society (2015)Google Scholar
  16. 16.
    Asharov, G., Lindell, Y., Schneider, T., Zohner, M.: More efficient oblivious transfer and extensions for faster secure computation. In: 2013 ACM SIGSAC Conference on Computer and Communications Security, CCS 2013, 4–8 November 2013, Berlin, Germany, pp. 535–548 (2013)Google Scholar
  17. 17.
    Bater, J., Elliott, G., Eggen, C., Goel, S., Kho, A.N., Duggan, J.: SMCQL: secure query processing for private data networks. CoRR, abs/1606.06808 (2016)Google Scholar
  18. 18.
    Bawa, M., Bayardo Jr., R.J., Agrawal, R., Vaidya, J.: Privacy-preserving indexing of documents on the network. VLDB J. 18(4), 837–856 (2009)CrossRefGoogle Scholar
  19. 19.
    Bawa, M., Bayardo Jr, R.J., Agrawal, R.: Privacy-preserving indexing of documents on the network. In: VLDB, pp. 922–933 (2003)CrossRefGoogle Scholar
  20. 20.
    Bellare, M., Hoang, V.T., Keelveedhi, S., Rogaway, P.: Efficient garbling from a fixed-key blockcipher. In: 2013 IEEE Symposium on Security and Privacy, SP 2013, 19–22 May 2013, Berkeley, CA, USA, pp. 478–492. IEEE Computer Society (2013)Google Scholar
  21. 21.
    Ben-David, A., Nisan, N., Pinkas, B.: Fairplaymp: a system for secure multi-party computation. In: Ning, P., Syverson, P.F., Jha, S. (eds.) ACM Conference on Computer and Communications Security, pp. 257–266. ACM (2008)Google Scholar
  22. 22.
    Bogdanov, D., Laur, S., Willemson, J.: Sharemind: a framework for fast privacy-preserving computations. In: Jajodia, S., Lopez, J. (eds.) ESORICS 2008. LNCS, vol. 5283, pp. 192–206. Springer, Heidelberg (2008). Scholar
  23. 23.
    Burkhart, M., Strasser, M., Many, D., Dimitropoulos, X.: SEPIA: privacy-preserving aggregation of multi-domain network events and statistics. In: Proceedings of 19th USENIX Security Symposium, 11–13 August 2010, Washington, DC, USA, pp. 223–240. USENIX Association (2010)Google Scholar
  24. 24.
    Cao, J., Rao, F., Bertino, E., Kantarcioglu, M.: A hybrid private record linkage scheme: Separating differentially private synopses from matching records. In: 31st IEEE International Conference on Data Engineering, ICDE 2015, 13–17 April 2015, Seoul, South Korea, pp. 1011–1022 (2015)Google Scholar
  25. 25.
    Choi, S.G., Hwang, K.W., Katz, J., Malkin, T., Rubenstein, D.: Secure multi-party computation of boolean circuits with applications to privacy in on-line marketplaces. In: Dunkelman, O. (ed.) CT-RSA 2012. LNCS, vol. 7178, pp. 416–432. Springer, Heidelberg (2012). Scholar
  26. 26.
    Choi, S.G., Katz, J., Kumaresan, R., Zhou, H.-S.: On the security of the “Free-XOR” technique. In: Cramer, R. (ed.) TCC 2012. LNCS, vol. 7194, pp. 39–53. Springer, Heidelberg (2012). Scholar
  27. 27.
    Cramer, R., Damgård, I., Nielsen, J.B.: Secure Multiparty Computation and Secret Sharing. Cambridge University Press, Cambridge (2015)CrossRefGoogle Scholar
  28. 28.
    Damgård, I., Keller, M., Larraia, E., Pastro, V., Scholl, P., Smart, N.P.: Practical covertly secure MPC for dishonest majority – or: breaking the SPDZ limits. In: Crampton, J., Jajodia, S., Mayes, K. (eds.) ESORICS 2013. LNCS, vol. 8134, pp. 1–18. Springer, Heidelberg (2013). Scholar
  29. 29.
    Demmler, D., Dessouky, G., Koushanfar, F., Sadeghi, A.R., Schneider, T., Zeitouni, S.: Automated synthesis of optimized circuits for secure computation. In: Ray, I. Li, N., Kruegel, C. (eds.) Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, 12–6 October 2015, Denver, CO, USA, pp. 1504–1517. ACM (2015)Google Scholar
  30. 30.
    Demmler, D., Schneider, T., Zohner, M.: Aby - a framework for efficient mixed-protocol secure two-party computation. In: Network and Distributed System Security Symposium, NDSS 2015, February 2015Google Scholar
  31. 31.
    Du, W., Atallah, M.J.: Protocols for secure remote database access with approximate matching. In: Ghosh, A.K. (ed.) E-Commerce Security and Privacy. ADIS, vol. 2, pp. 87–111. Springer, Boston (2001). Scholar
  32. 32.
    Dwork, C., Kenthapadi, K., McSherry, F., Mironov, I., Naor, M.: Our data, ourselves: privacy via distributed noise generation. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 486–503. Springer, Heidelberg (2006). Scholar
  33. 33.
    Dwork, C., McSherry, F., Nissim, K., Smith, A.: Calibrating noise to sensitivity in private data analysis. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 265–284. Springer, Heidelberg (2006). Scholar
  34. 34.
    Eigner, F., Maffei, M., Pampaloni, F., Pryvalov, I., Kate, A.: Differentially private data aggregation with optimal utility. In: Proceedings of the 30th Annual Computer Security Applications Conference, ACSAC 2014, 8–12 December 2014, New Orleans, LA, USA, pp. 316–325 (2014)Google Scholar
  35. 35.
    Ferguson, N., Schneier, B., Kohno, T.: Cryptography Engineering - Design Principles and Practical Applications. Wiley, Hoboken (2010)Google Scholar
  36. 36.
    Franz, M., Holzer, A., Katzenbeisser, S., Schallhart, C., Veith, H.: CBMC-GC: an ANSI C compiler for secure two-party computations. In: Cohen, A. (ed.) CC 2014. LNCS, vol. 8409, pp. 244–249. Springer, Heidelberg (2014). Scholar
  37. 37.
    Goldreich, O., Micali, S., Wigderson, A.: How to play any mental game or a completeness theorem for protocols with honest majority. In: Aho, A.V. (ed.) Proceedings of the 19th Annual ACM Symposium on Theory of Computing, New York, New York, USA, pp. 218–229. ACM (1987)Google Scholar
  38. 38.
    Henecka, W., Kögl, S. K., Sadeghi, A.-R., Schneider, T., Wehrenberg, I.: Tasty: tool for automating secure two-party computations. In: ACM CCS, pp. 451–462 (2010)Google Scholar
  39. 39.
    Henry, R., Olumofin, F.G., Goldberg, I.: Practical PIR for electronic commerce. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, CCS 2011, 17–21 October 2011, Chicago, Illinois, USA, pp. 677–690 (2011)Google Scholar
  40. 40.
    Huang, Y., Evans, D., Katz, J., Malka, L.: Faster secure two-party computation using garbled circuits. In: USENIX Security Symposium. USENIX Association (2011)Google Scholar
  41. 41.
    Ishai, Y., Kilian, J., Nissim, K., Petrank, E.: Extending oblivious transfers efficiently. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 145–161. Springer, Heidelberg (2003). Scholar
  42. 42.
    Jagomägis, R.: Secrec: a privacy-aware programming language with applications in data miningGoogle Scholar
  43. 43.
    Jurczyk, P., Lu, J.J., Xiong, L., Cragan, J.D., Correa, A.: FRIL: a tool for comparative record linkage. In: American Medical Informatics Association Annual Symposium, AMIA 2008, 8–12 November 2008, Washington, DC, USA (2008)Google Scholar
  44. 44.
    Jurczyk, P., Lu, J.J., Xiong, L., Cragan, J.D., Correa, A.: FRIL: a tool for comparative record linkage. AMIA Annu. Symp. Proc. 2008, 440 (2008)Google Scholar
  45. 45.
    Kantarcioglu, M., Clifton, C.: Privacy-preserving distributed mining of association rules on horizontally partitioned data. IEEE Trans. Knowl. Data Eng. 16(9), 1026–1037 (2004)CrossRefGoogle Scholar
  46. 46.
    Keller, M., Scholl, P.: Efficient, oblivious data structures for MPC. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8874, pp. 506–525. Springer, Heidelberg (2014). Scholar
  47. 47.
    Kerschbaum, F.: Automatically optimizing secure computation. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, CCS 2011, 17–21 October 2011, Chicago, Illinois, USA, pp. 703–714 (2011)Google Scholar
  48. 48.
    Kreuter, B., Shelat, A., Mood, B., Butler, K.R.: PCF: a portable circuit format for scalable two-party secure computation. In: Proceedings of the 22th USENIX Security Symposium, 14–16 August 2013, Washington, DC, USA, pp. 321–336 (2013)Google Scholar
  49. 49.
    Laud, P., Pankova, A.: Preprocessing-based verification of multiparty protocols with honest majority. IACR Cryptology ePrint Archive 2015:674 (2015)Google Scholar
  50. 50.
    LeFevre, K., DeWitt, D.J., Ramakrishnan, R.: Mondrian multidimensional k-anonymity. In: Liu et al. [53], p. 25 (2006)Google Scholar
  51. 51.
    Li, N., Li, T., Venkatasubramanian, S.: t-closeness: Privacy beyond k-anonymity and l-diversity. In: Proceedings of the 23rd International Conference on Data Engineering, ICDE 2007, 15–20 April 2007, The Marmara Hotel, Istanbul, Turkey, pp. 106–115 (2007)Google Scholar
  52. 52.
    Liu, C., Wang, X.S., Nayak, K., Huang, Y., Shi, E.: Oblivm: a programming framework for secure computation. In: 2015 IEEE Symposium on Security and Privacy, SP 2015, 17–21 May 2015, San Jose, CA, USA [15], pp. 359–376 (2015)Google Scholar
  53. 53.
    Liu, L., Reuter, A. Whang, K., Zhang, J. (eds.): In: Proceedings of the 22nd International Conference on Data Engineering, ICDE 2006, 3–8 April 2006, Atlanta, GA, USA. IEEE Computer Society (2006)Google Scholar
  54. 54.
    Liu, Y.T.L.: Privacy-preserving multi-keyword search in information networks. IEEE Trans. Knowl. Data Eng. 27(9), 2424–2437 (2015)CrossRefGoogle Scholar
  55. 55.
    Machanavajjhala, A., Gehrke, J., Kifer, D., Venkitasubramaniam, M.: l-diversity: privacy beyond k-anonymity. In: Liu et al. [53], p. 24 (2006)Google Scholar
  56. 56.
    Makulilo, A.B.: Asian Data Privacy Laws, Trade and Human Rights Perspective, By Graham Greenleaf, vol. 23, no. 3, pp. 322–324. I. J. Law and Information Technology (2015)CrossRefGoogle Scholar
  57. 57.
    Malkhi, D., Nisan, N., Pinkas, B., Sella, Y.: Fairplay - secure two-party computation system. In: Blaze, M. (ed.) USENIX Security Symposium, pp. 287–302. USENIX (2004)Google Scholar
  58. 58.
    Martin, D.J., Kifer, D., Machanavajjhala, A., Gehrke, J., Halpern, J.Y.: Worst-case background knowledge for privacy-preserving data publishing. In: Proceedings of the 23rd International Conference on Data Engineering, ICDE 2007, 15–20 April 2007, The Marmara Hotel, Istanbul, Turkey, pp. 126–135 (2007)Google Scholar
  59. 59.
    McCamant, S., Ernst, M. D.: Quantitative information flow as network flow capacity. In: Proceedings of the ACM SIGPLAN 2008 Conference on Programming Language Design and Implementation, 7–13 June 2008, Tucson, AZ, USA, pp. 193–205 (2008)Google Scholar
  60. 60.
    Narayan, A., Haeberlen, A.: DJoin: differentially private join queries over distributed databases. In: OSDI, October 2012Google Scholar
  61. 61.
    Pettai, M., Laud, P.: Combining differential privacy and secure multiparty computation. In: Proceedings of the 31st Annual Computer Security Applications Conference, 7–11 December 2015, Los Angeles, CA, USA, pp. 421–430 (2015)Google Scholar
  62. 62.
    Rabin, M.O.: How to exchange secrets with oblivious transfer. IACR Cryptology ePrint Archive 2005:187 (2005)Google Scholar
  63. 63.
    Rastogi, A., Hammer, M.A., Hicks, M.: Wysteria: a programming language for generic, mixed-mode multiparty computations. In: 2014 IEEE Symposium on Security and Privacy, SP 2014, 18–21 May 2014, Berkeley, CA, USA, pp. 655–670. IEEE Computer Society (2014)Google Scholar
  64. 64.
    Seward, J., Nethercote, N., Weidendorfer, J.: Valgrind 3.3-Advanced Debugging and Profiling for GNU/Linux Applications. Network Theory Ltd., UK (2008)Google Scholar
  65. 65.
    Shamir, A.: How to share a secret. Commun. ACM 22(11), 612–613 (1979)MathSciNetCrossRefGoogle Scholar
  66. 66.
    Songhori, E.M., Hussain, S.U., Sadeghi, A.R., Schneider, T., Koushanfar, F.: Tinygarble: highly compressed and scalable sequential garbled circuits. In: 2015 IEEE Symposium on Security and Privacy, SP 2015, 17–21 May 2015, San Jose, CA, USA [15], pp. 411–428 (2015)Google Scholar
  67. 67.
    Sweeney, L.: K-anonymity: a model for protecting privacy. Int. J. Uncertain. Fuzziness Knowl.-Based Syst. 10(5), 557–570 (2002)MathSciNetCrossRefGoogle Scholar
  68. 68.
    Tang, Y., Liu, L., Iyengar, A., Lee, K., Zhang, Q.: e-PPI: locator service in information networks with personalized privacy preservation. In: IEEE 34th International Conference on Distributed Computing Systems, ICDCS 2014, 30 June–3 July 2014, Madrid, Spain, pp. 186–197 (2014)Google Scholar
  69. 69.
    Tang, Y., Wang, T., Liu, L.: Privacy preserving indexing for ehealth information networks. In: CIKM, pp. 905–914 (2011)Google Scholar
  70. 70.
    Toth, C., Durham, E., Kantarcioglu, M., Xue, Y., Malin, B.: Soempi: A secure open enterprise master patient index software toolkit for private record linkage. In: AMIA Annual Symposium Proceedings, vol. 2014, p. 1105. American Medical Informatics Association (2014)Google Scholar
  71. 71.
    Vaidya, J., Clifton, C.: Privacy preserving association rule mining in vertically partitioned data. In: Proceedings of the Eighth ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, 23–26 July 2002, Edmonton, Alberta, Canada, pp. 639–644 (2002)Google Scholar
  72. 72.
    Warner, S.L.: Randomized response: a survey technique for eliminating evasive answer bias. J. Am. Stat. Assoc. 60(309), 63–69 (1965)CrossRefGoogle Scholar
  73. 73.
    Yao, A.C.: How to generate and exchange secrets (extended abstract). In: 27th Annual Symposium on Foundations of Computer Science, 27–29 October 1986, Toronto, Canada, pp. 162–167. IEEE Computer Society (1986)Google Scholar
  74. 74.
    Zerr, S., Demidova, E., Olmedilla, D., Nejdl, W., Winslett, M., Mitra, S.: Zerber: r-confidential indexing for distributed documents. In: EDBT, pp. 287–298 (2008)Google Scholar
  75. 75.
    Zhang, Y., Steele, A., Blanton, M.: PICCO: a general-purpose compiler for private distributed computation. In: 2013 ACM SIGSAC Conference on Computer and Communications Security, CCS 2013, 4–8 November 2013, Berlin, Germany, pp. 813–826 (2013)Google Scholar

Copyright information

© ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering 2018

Authors and Affiliations

  • Katchaguy Areekijseree
    • 1
    Email author
  • Yuzhe Tang
    • 1
  • Ju Chen
    • 1
  • Shuang Wang
    • 2
  • Arun Iyengar
    • 3
  • Balaji Palanisamy
    • 4
  1. 1.Department of EECSSyracuse UniversitySyracuseUSA
  2. 2.Department of Biomedical Informatics (DBMI)UCSDSan DiegoUSA
  3. 3.IBM T.J. Watson Research CenterYorktown HeightsUSA
  4. 4.School of Computing and InformationUniversity of PittsburghPittsburghUSA

Personalised recommendations