Privacy-Preserving Computation and Verification of Aggregate Queries on Outsourced Databases學習筆記

1. 引言

Brian Thompson, Stuart Haber, William G. Horne,Tomas Sander, and Danfeng Yao 2009年論文《Privacy-Preserving Computation and Verification of Aggregate Queries on Outsourced Databases》中主要提出的是支持SUM求和、AVERAGE求平均值的aggregate query操作的outsourced database協議——aggregate queries can be computed without revealing microdata to service providers.

適於的場景如：

• Database-as-a-service（DAS）：support sophisticated queries such as aggregation while simultaneously maintaining the secrecy of microdata(i.e., individual data entries).
• Cross-domain collaborative data analysis：如multiple regional hospitals collaborate to discover the most frequently occurring flu strain of the season in that area.

所用到的關鍵技術有：

• Shamir’s Secret-Sharing Scheme: a $k-out-of-n-secret-sharing$ scheme。基於的是polynomial interpolation多項式插值。 具體可參見博客 verifiable secret sharing可驗證的祕密共享。
  
  any $k$ servers can cooperate to determine the answer to an aggregate query, but $k-1$ cooperating servers cannot.

• Pedersen Commitment：主要利用了其加法同態屬性，有：
  $c_i=C_{r_i}(x_i)=g^{x_i}h^{r_i}\in G_p$
  儘管不知道每一個$x_i$值，但是it’s easy to compute a commitment to the sum of the unknown values $X=\sum_{i=1}^{m}x_i(\mod p)$：$\prod_{i=1}^{m}c_i=C_R(X)\in G_p$，其中$R=\sum_{i=1}^{m}r_i(\mod p)$。