PANDA: Lightweight non-interactive privacy-preserving data aggregation for constrained devices

• Published in: Future generation computer systems Vol. 131; pp. 28 - 42
• Main Authors: Wang, Mei, He, Kun, Chen, Jing, Du, Ruiying, Zhang, Bingsheng, Li, Zengpeng
• Format: Journal Article
• Language: English
• Published: Elsevier B.V 01.06.2022
• Subjects: Privacy-preserving data aggregation; Trusted Execution Environment; Privacy-preserving data aggregation; Trusted Execution Environment
• ISSN: 0167-739X; 1872-7115
• DOI: 10.1016/j.future.2022.01.007

Privacy-preserving data aggregation is becoming a demanding necessity for many promising scenarios, e.g., health care analysis. Sensitive data are collected and aggregated in a privacy-preserving approach using current Internet of Things (IoT) technology, leading to immense challenge and consequent interest in developing secure computing algorithms for individual and organizational data. However, most existing solutions focus on specific evaluations (e.g., SUM), and they use heavy cryptographic techniques, which are far from practice for constrained IoT devices. The Trusted Execution Environment (TEE, implemented with Intel SGX) can assist in computing arbitrary functions and avoiding resource-consuming operations. Nevertheless, TEE is subject to several challenges because TEE is vulnerable to limited resource and even function violations, e.g., the attacker may bypass the boundary of TEE. In this paper, we propose a lightweight non-interactive privacy-preserving data aggregation scheme for resource-constrained devices, named PANDA, where TEE is introduced to bypass the trusted entities requirement and heavy overhead. Additionally, PANDA explores the certificate-aided function authorization to prevent leakage from unauthorized functions, and designs the public verifiable certificate management to detect the abnormal behaviors of the host to mitigate the external host compromise. We formalize PANDA with rigorous security analysis to indicate privacy protection against the compromised aggregator and analyst. The evaluation results show that PANDA has constant online communication cost and lightweight computation overhead for constrained devices, which is suitable for IoT applications. •PANDA can compute arbitrary aggregation functions and requires no trusted entities.•Privacy-preserving Function Evaluation exploits the TEEs to protect data.•Certificate-aided Function Authorization provides verifiable certificate management.•PANDA has constant online communication cost and lightweight computation overhead.