zhang MASS 2018 slides

LPDA-EC: A Lightweight Privacy-Preserving Data Aggregation Scheme for Edge Computing Jiale Zhang, Yanchao Zhao, Jie Wu ...

0 downloads 60 Views 2MB Size
LPDA-EC: A Lightweight Privacy-Preserving Data Aggregation Scheme for Edge Computing

Jiale Zhang, Yanchao Zhao, Jie Wu & Bing Chen @ Nanjing University of Aeronautics and Astronautics & Temple University

IEEE MASS 2018

Chengdu, China

Background p Simple application scenario: smart grid ED1

Make Decisions Household1

搽 EDn

ED1, ED2 … EDn Responses Data Center

Householdn



Users collect the sensitive data



Then, forward them to the data center



Making the intelligent decisions

Oct 10, 2018

MASS 2018

Page 2

Background Traditional data transmission • Communication overhead • Adversary can eavesdrop the channel • System entities may not fully trusted • User’s private data may leakage

How to efficiently transmit the data while protecting user’s privacy?

Oct 10, 2018

MASS 2018

Page 3

PPDA solution p PPDA: Privacy-preserving data aggregation •

Cryptographic scheme to protect the data privacy



Signature scheme to ensure the integrity Encryption & Signature

Verification & Local aggregation

Decryption

User 1

ED1, ED2 … EDn User 2

搽 User n

Oct 10, 2018

EDAgg

Responses

Responses Aggregator

Data Center

Reducing the communication overhead ! MASS 2018

Page 4

Problem statement p So what’s the problem? •

We can ensure the user’s privacy — cryptographic



Data can be aggregated — homomorphic



The data integrity can be guaranteed — signature



Why can’t we just use it?

Oct 10, 2018

MASS 2018

Page 5

Problem statement p Two small wrinkles: •

Oct 10, 2018

Complex signature and verification operations

MASS 2018

Page 6

Problem statement p Two small wrinkles: •

Complex signature and verification operations 2012 TPDS: EPPA

Notations

Descriptions

Sign & Ver Cost

! + 1 ∗ %& +(! + 1) ∗ %+

%&

Multiplication operation

Total Cost

2! + 5 ∗ %& + %( + (! + 9)%+

%(

Exponentiation operation

%+

Pairing operation

2014 TII: PEDA Sign & Ver Cost

! + 1 ∗ %& + 2! + 1 ∗ %( +(! + 1) ∗ %+

Total Cost

3! ∗ %& + 5! + 1 ∗ %( + ! + 1 ∗ %+



Oct 10, 2018

Aggregator is always resource-constraint

MASS 2018

Page 7

Edge Computing p Edge computing architecture How to construct a new signature method to solve the computational problem in PPDA?

Lightweight PPDA

How to apply the new signature to traditional PPDA while ensure users data privacy?

Oct 10, 2018

MASS 2018

Page 8

Our work p LPDA: System model •

Shifting the time-consuming operations to ES Entities

Trusted Model

TA

Fully trusted

CC

Honest-but-curious

ES

Honest-but-curious

ETs Adversary

Oct 10, 2018

MASS 2018

Malicious

Page 9

OOS: Online/offline signature p BLS signature scheme (BLS’01: Asymmetric version) •

KeyGen: output



Sign ((%, +): output , -./ ← 1(+ )'



Verify ($%, +, , -./ ): accept if 3 1 + , $% = 3(, -./ , !" )

!" , $% = !"

3 1 + , $% = 3 1 + , !"

'

'

, (% ← *

= 3(1(+ )' , !" ) = 3(, -./ , !" )

p Property • Signature aggregation: anyone can compress n signatures into one Verify ($%, +, , ∗ ) = “accept”

$%" , +" → ,"

...

Aggregate

→ ,∗

Convinces verifier that: User 7 signed the msg +8

$%5 , +5 → ,5 Oct 10, 2018

MASS 2018

Page 10

OOS Construction p Offline signature: •

Calculate the DTCH function value: (*+, =