Achieving Full Security in Privacy-Preserving Data Mining

In privacy-preserving data mining, a number of parties would like to jointly learn a function of their private data sets in a way that no information about their inputs, beyond the output itself, is revealed as a result of such computation. Yang et al. 2010 showed that several popular data mining algorithms can be reduced to three basic operations, secure implementation of which -- termed Secure Product of Summations (SPoS), Secure Ratios of Summations (SRoS), and Secure Comparison of Summations (SCoS) -- would lead to privacy-preserving data mining solutions. The authors showed that prior privacy-preserving data mining solutions are unsatisfactory in presence of participants' collusion and they gave new implementation of these operations that were designed to sustain the collusion. In this work, we show that unfortunately the protocols of Yang et al. leak a significant amount of private information and are not secure even if no collusion takes place. We then show how these operations can be securely and efficiently realized in the same and stronger security models, which leads to fully secure solutions for many data mining algorithms.

[1]  Octavian Catrina,et al.  Multiparty Computation of Fixed-Point Multiplication and Reciprocal , 2009, 2009 20th International Workshop on Database and Expert Systems Application.

[2]  Ran Canetti,et al.  Security and Composition of Multiparty Cryptographic Protocols , 2000, Journal of Cryptology.

[3]  Octavian Catrina,et al.  Secure Computation with Fixed-Point Numbers , 2010, Financial Cryptography.

[4]  Silvio Micali,et al.  How to play ANY mental game , 1987, STOC.

[5]  Octavian Catrina,et al.  Improved Primitives for Secure Multiparty Integer Computation , 2010, SCN.

[6]  Tal Rabin,et al.  Simplified VSS and fast-track multiparty computations with applications to threshold cryptography , 1998, PODC '98.

[7]  Somesh Jha,et al.  Privacy Preserving Clustering , 2005, ESORICS.

[8]  Ueli Maurer,et al.  General Secure Multi-party Computation from any Linear Secret-Sharing Scheme , 2000, EUROCRYPT.

[9]  裕志 中川 Collusion-Resistant Privacy-Preserving Data Mining , 2013 .

[10]  Mert Özarar,et al.  Secure Multiparty Overall Mean Computation via Oblivious Polynomial Evaluation , 2007 .

[11]  I. Damglurd Unconditionally secure constant-rounds multi-party computation for equality, comparison, bits and exponentiation , 2006 .

[12]  Chris Clifton,et al.  Privacy-preserving Naïve Bayes classification , 2008, The VLDB Journal.

[13]  Chris Clifton,et al.  Privacy-Preserving Kth Element Score over Vertically Partitioned Data , 2009, IEEE Transactions on Knowledge and Data Engineering.

[14]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[15]  Rafail Ostrovsky,et al.  Secure two-party k-means clustering , 2007, CCS '07.

[16]  Chris Clifton,et al.  Privacy-preserving k-means clustering over vertically partitioned data , 2003, KDD '03.

[17]  Benny Pinkas,et al.  FairplayMP: a system for secure multi-party computation , 2008, CCS.

[18]  Juan A. Garay,et al.  Practical and Secure Solutions for Integer Comparison , 2007, Public Key Cryptography.

[19]  Kazuo Ohta,et al.  Multiparty Computation for Interval, Equality, and Comparison Without Bit-Decomposition Protocol , 2007, Public Key Cryptography.

[20]  Tomas Toft,et al.  Linear, Constant-Rounds Bit-Decomposition , 2009, ICISC.

[21]  Xenofontas A. Dimitropoulos,et al.  SEPIA: Privacy-Preserving Aggregation of Multi-Domain Network Events and Statistics , 2010, USENIX Security Symposium.

[22]  Tord Ingolf Reistad Multiparty Comparison - An Improved Multiparty Protocol for Comparison of Secret-shared Values , 2009, SECRYPT.

[23]  Mikhail J. Atallah,et al.  Private collaborative forecasting and benchmarking , 2004, WPES '04.

[24]  Nitesh V. Chawla,et al.  A Private and Reliable Recommendation System Using a Social Network , 2009 .