by Gunnar Kreitz, Mads Dam, Douglas Wikström
Published in Proceedings of Nordsec 2010
Emerging approaches to network monitoring involve large numbers of agents collaborating to produce performance or security related statistics on huge, partial mesh networks. The aggregation process often involves security or business-critical information which network providers are generally unwilling to share without strong privacy protection. We present efficient and scalable protocols for privately computing a large range of aggregation functions based on addition, disjunction, and max/min. For addition, we give a protocol that is information-theoretically secure against a passive adversary, and which requires only one additional round compared to non-private protocols for computing sums. For disjunctions, we present both a computationally secure, and an information-theoretically secure solution. The latter uses a general composition approach which executes the sum protocol together with a standard multi-party protocol for a complete subgraph of ``trusted servers''. This can be used, for instance, when a large network can be partitioned into a smaller number of provider domains.
Keywords. Multi-party computation; Private aggregation; Partial mesh network