IMR:MM-1B: New directions in Privacy-Preserving Telemetry

IMR:MM-1B：隐私保护遥测的新方向

• 批准号: 2220450
• 负责人: Rafail Ostrovsky
• 金额: $ 60万
• 依托单位: University of California-Los Angeles
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2022
• 资助国家: 美国
• 起止时间: 2022-09-01 至 2025-08-31
• 项目状态: 未结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2220450&HistoricalAwards=false
• 关键词: IMR; MM; 1B; New; directions

Almost all modern-day devices are connected to the internet. Home appliances, smart watches, phones, cars, industrial tools, and even body weight scales are connected. For example, Samsung Smart TV reports back to Samsung every choice and every click that a consumer makes as well as the duration that a consumer watches any program. Internet browsers collect user browsing data. Internet Service Providers collect user IP access data. The torrent of data collected is typically used to improve user experience, service, and target advertisements. However, collection of ever more intrusive data regarding each individual consumer or organization comes at the price of tremulous invasion of privacy, and increases the risk that the data collected can be harvested for other (unintended) purposes, such as counter-intelligence, political campaigns, as well as identity theft and other criminal activity. How do we allow organizations to collect aggregate statistics regarding streaming data without violating individual consumer privacy?This research aims to explore novel ways to compute aggregate statistics on streaming data in a privacy-preserving way, extending systems such as PRIO, PRIO+, and Poplar. The framework is that users or devices send their data in a secret-shared way to two servers which then communicate with each other to compute telemetry data while not revealing (to each other or anyone else) users’ individual data. This approach was adopted, for example, by the Firefox browser in a Mozilla project titled “Origin Telemetry”. The goals of this research are to explore even more efficient methods to privately compute telemetry data in this setting by exploring how to generalize streaming algorithms (without privacy) that were pioneered by Alon, Matias, and Szegedy to streaming algorithms with privacy. More specifically, can we compute frequency moments in a privacy-preserving and efficient manner by two servers receiving a (secret-shared) stream? While this seems like a very specialized question, it is, in fact, generalizable, as shown by the PI in the paper titled “Zero-One Frequency Laws”. This brings us to the even more interesting question: how to classify all functions that can be privately computed over streaming secret-shared data in one pass and with poly-logarithmic memory. Our goal is to provide new tools for the questions of privacy-preserving analysis of streaming large volume data, specifically called out in section MM-1B of the NSF Internet Measurement Research call for proposals. If successful, our methods will allow large-scale and efficient computation of all aggregate statistics that can be computed in small memory in a privacy-preserving way. This project will also advance the state-of-the-art performance of MPC on streaming data to Internet-size streaming computations. Lastly, our proposal calls for robust training of graduate and undergraduate students, including actively seeking minorities and female students to enter cryptographic research.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

几乎所有的现代设备都连接到互联网。家用电器、智能手表、手机、汽车、工业工具，甚至体重秤都可以联网。例如，三星智能电视向三星报告消费者的每一个选择和每一次点击，以及消费者观看任何节目的持续时间。互联网浏览器收集用户浏览数据。互联网服务提供商收集用户IP访问数据。收集的数据流通常用于改善用户体验、服务和目标广告。然而，收集关于每个消费者或组织的越来越多的侵入性数据的代价是令人不安的隐私侵犯，并增加了收集的数据可能被用于其他（意想不到的）目的的风险，例如反情报，政治竞选，以及身份盗窃和其他犯罪活动。我们如何允许组织在不侵犯个人消费者隐私的情况下收集有关流数据的汇总统计数据？本研究旨在探索以保护隐私的方式计算流数据聚合统计的新方法，扩展PRIO、PRIO+和Poplar等系统。该框架是用户或设备以秘密共享的方式将他们的数据发送到两个服务器，然后两个服务器相互通信以计算遥测数据，同时不透露（彼此或其他任何人）用户的个人数据。例如，Firefox浏览器在一个名为“Origin Telemetry”的Mozilla项目中采用了这种方法。本研究的目标是通过探索如何将由Alon、Matias和Szegedy开创的流算法（无隐私）推广到具有隐私的流算法，探索在这种情况下更有效地私下计算遥测数据的方法。更具体地说，我们能否通过两台服务器接收（秘密共享）流，以一种保护隐私和有效的方式计算频率矩？虽然这似乎是一个非常专业的问题，但它实际上是可推广的，正如题为“零-一频率定律”的论文中的PI所示。这给我们带来了一个更有趣的问题：如何对所有可以在一次通过流秘密共享数据并使用多对数内存私下计算的函数进行分类。我们的目标是为大容量流数据的隐私保护分析问题提供新的工具，特别是在NSF互联网测量研究征集提案的MM-1B部分中。如果成功，我们的方法将允许大规模和高效地计算所有聚合统计数据，这些统计数据可以在小内存中以保护隐私的方式计算。该项目还将把MPC在流数据上的最先进性能提升到互联网大小的流计算。最后，我们的建议要求对研究生和本科生进行强有力的培训，包括积极寻求少数民族和女学生进入密码学研究。该奖项反映了美国国家科学基金会的法定使命，并通过使用基金会的知识价值和更广泛的影响审查标准进行评估，被认为值得支持。

项目成果

List Oblivious Transfer and Applications to Round-Optimal Black-Box Multiparty Coin Tossing

列出不经意转移及其在轮次最优黑盒多方抛硬币中的应用

• 发表时间: 2023
• 期刊: CRYPTO 2023 conference proceedgins
• 作者: Michele Ciampi;Rafail Ostrovsky;Luisa Siniscalchi;Hendrik Waldner
• 通讯作者: Hendrik Waldner