Prio: Private, Robust, and Scalable Computation of Aggregate Statistics
It addresses privacy and scalability issues in data aggregation for applications like location-based services, though it builds incrementally on classic private aggregation techniques.
The paper tackles the problem of computing aggregate statistics from private client data while preserving privacy and robustness against malicious clients, achieving a hundred-fold performance improvement over conventional zero-knowledge approaches with secret-shared non-interactive proofs (SNIPs).
This paper presents Prio, a privacy-preserving system for the collection of aggregate statistics. Each Prio client holds a private data value (e.g., its current location), and a small set of servers compute statistical functions over the values of all clients (e.g., the most popular location). As long as at least one server is honest, the Prio servers learn nearly nothing about the clients' private data, except what they can infer from the aggregate statistics that the system computes. To protect functionality in the face of faulty or malicious clients, Prio uses secret-shared non-interactive proofs (SNIPs), a new cryptographic technique that yields a hundred-fold performance improvement over conventional zero-knowledge approaches. Prio extends classic private aggregation techniques to enable the collection of a large class of useful statistics. For example, Prio can perform a least-squares regression on high-dimensional client-provided data without ever seeing the data in the clear.