Formal treatment of verifiable privacy-preserving data-aggregation protocols.

*(English)*Zbl 1443.94085
Baek, Joonsang (ed.) et al., Provable security. 12th international conference, ProvSec 2018, Jeju, South Korea, October 25–28, 2018. Proceedings. Cham: Springer. Lect. Notes Comput. Sci. 11192, 415-422 (2018).

Summary: Homomorphic encryption allows computation over encrypted data and can be used for delegating computation: data providers encrypt their data and send them to an aggregator, and then the aggregator performs computation for a receiver with the data kept secret. However, since the aggregator is merely the third party, it may be malicious, and particularly may submit a result of incorrect aggregation to the receiver. K. Ohara et al. [Privacy-preserving smart metering with verifiability for both billing and energy management, AsiaPKC 2014, ACM, 23–32 (2014; doi:10.1145/2600694.2600700)] studied secure aggregation of time-series data while enabling the correctness of aggregation to be verified. However, they only provided a concrete construction in the smart metering system and only gave an intuitive argument of security. In this paper, we give general syntax of their scheme as verifiable homomorphic encryption (VHE) and introduce formal security definitions. Further, we formally prove that Ohara et al.’s VHE scheme satisfies our proposed security definitions.

For the entire collection see [Zbl 1398.94007].

For the entire collection see [Zbl 1398.94007].