University of Illinois Urbana-Champaign

Secure Aggregation in a Publish-Subscribe System

Minami, Kazuhiro; Lee, Adam J.; Winslett, Marianne; Borisov, Nikita

Permalink

https://hdl.handle.net/2142/11458

Description

Title
Secure Aggregation in a Publish-Subscribe System
Author(s)
  • Minami, Kazuhiro
  • Lee, Adam J.
  • Winslett, Marianne
  • Borisov, Nikita
Issue Date
2008-05
Keyword(s)
computer security
Abstract
A publish-subscribe system is an information dissemination infrastructure that supports many-to-many communications among publishers and subscribers. In many publish-subscribe systems, in-network aggregation of input data is considered to be an important service that reduces the bandwidth requirements of the system significantly. In this paper, we present a scheme for securing the aggregation of inputs to such a publish-subscribe system. Our scheme, which focuses on the additive aggregate function sum, preserves the confidentiality and integrity of aggregated data in the presence of untrusted routing nodes. Our scheme allows a group of publishers to publish aggregate data to authorized subscribers without revealing their individual private inputs to either the routing nodes or the subscribers. In addition, our scheme allows subscribers to verify that routing nodes perform the aggregation operation correctly. We use a message authentication code (MAC) scheme based on the discrete logarithm property to allow subscribers to verify the correctness of aggregated data without receiving the digitally-signed raw data used as input to the aggregation. In addition to describing our secure aggregation scheme, we provide formal proofs of its soundness and safety.
Type of Resource
text
Permalink
http://hdl.handle.net/2142/11458
Copyright and License Information
You are granted permission for the non-commercial reproduction, distribution, display, and performance of this technical report in any format, BUT this permission is only for a period of 45 (forty-five) days from the most recent time that you verified that this technical report is still available from the University of Illinois at Urbana-Champaign Computer Science Department under terms that include this permission. All other rights are reserved by the author(s).

Owning Collections

Research and Tech Reports - Computer Science PRIMARY