Privacy-preserving data computing and anonymous authentication protocols

Abstract

Privacy-preserving technology has been actively studied lately since it is crucial for data security. Privacy-preserving data computing, for instance, enables data to be analyzed and at the same time protected from disclosure. Anonymous authentication mechanism can effectively ensure reliability and integrity. However, existing work suffers from problems such as low efficiency and poor performance in specific application scenarios. This thesis mainly studies privacy-preserving data computing and anonymous authentication protocols. Specifically, this thesis focus on the investigations of three important mechanisms of privacy-preserving technology, namely, private set intersection cardinality (PSI-CA), federated learning with secure aggregation and anonymous reputation system. The contributions of this thesis are summarised as follows. We propose a lightweight delegated PSI-CA protocol based on multi-point oblivious pseudorandom function and collision-resistant hash function. In addition, we develop PC-CONTrace, a privacy-preserving contact tracing system by utilizing this protocol. We evaluate the efficiency of the system under different set sizes and compare it with related schemes from the aspects of functionality and performance. We propose an accountable and verifiable aggregation protocol for federated learning. We employ homomorphic proxy re-authenticators and homomorphic proxy re-encryption to execute secure aggregation, while integrating the blockchain to realize the function of penalty for malicious behavior. To demonstrate the useability of the protocol, we evaluate the specific cryptography schemes and develop a blockchain-based prototype system to test the performance of the protocol. We propose an anonymous and publicly linkable reputation system with distributed trust (DTrustRS). We define the system model of DTrustRS, formalize its security and give a concrete construction. We adopt the re-randomizable signatures paradigm to prove the security of DTrustRS in the random oracle model under a q-type assumption. We evaluate DTrustRS and compare it with related works to demonstrate its validity.