Thijs Veugen

Generating Private Recommendations Efficiently Using Homomorphic Encryption and Data Packing

Recommender systems have become an important tool for personalization of online services. Generating recommendations in online services depends on privacy-sensitive data collected from the users. Traditional data protection mechanisms focus on access control and secure transmission, which provide security only against malicious third parties, but not the service provider. This creates a serious privacy risk for the users. In this paper, we aim to protect the private data against the service provider while preserving the functionality of the system. We propose encrypting private data and processing them under encryption to generate recommendations. By introducing a semitrusted third party and using data packing, we construct a highly efficient system that does not require the active participation of the user. We also present a comparison protocol, which is the first one to the best of our knowledge, that compares multiple values that are packed in one encryption. Conducted experiments show that this work opens a door to generate private recommendations in a privacy-preserving manner.

Efficiently computing private recommendations

Online recommender systems enable personalized service to users. The underlying collaborative filtering techniques operate on privacy sensitive user data, which could be misused by the service provider. To protect user privacy, we propose to encrypt the data and generate recommendations by processing them under encryption. Thus, the service provider observes neither user preferences nor recommendations. The proposed method uses homomorphic encryption and secure multi-party computation (MPC) techniques, which introduce a significant overhead in computational complexity. We minimize the introduced overhead by packing data and using cryptographic protocols particularly developed for this purpose. The proposed cryptographic protocol is implemented to test its correctness and performance.

Privacy-preserving user clustering in a social network

In a ubiquitously connected world, social networks are playing an important role on the Internet by allowing users to find groups of people with similar interests. The data needed to construct such networks may be considered sensitive personal information by the users, which raises privacy concerns. The problem of building social networks while user privacy is protected is hence crucial for further development of such networks. K-means clustering is widely used for clustering users in a social network. In this paper, we provide an efficient privacy-preserving variant of K-means clustering. The scenario we consider involves a server and multiple users where users need to be grouped into K clusters. In our protocol the server is not allowed to learn the individual user data and users are not allowed to learn the cluster centers. The experiments on the MovieLens dataset show that deployment of the system for real use is reasonable as its efficiency even on conventional hardware is promising.

Encrypted integer division

When processing signals in the encrypted domain, homomorphic encryption can be used to enable linear operations on encrypted data. Integer division of encrypted data however requires an additional protocol with the server and will be relatively expensive. We present new solutions for dividing encrypted data, having low computational complexity. Two protocols for computing exact division, and two for approximating the division result.

Improving the DGK comparison protocol

When processing signals in the encrypted domain, homomorphic encryption can be used to enable linear operations on encrypted data. Comparison of encrypted data however requires an additional protocol between the parties and will be relatively expensive. A well-known and frequently used comparison protocol is by Damgard, Geisler and Kroigaard. We present two ways of improving this comparison protocol. Firstly, we reduce the computational effort of one party by roughly 50%. Secondly, we show how to achieve perfect security towards the other party without additional costs, whereas the original version with encrypted inputs only achieved statistical security. An additional advantage is that larger inputs are allowed.

Encrypted integer division and secure comparison

When processing data in the encrypted domain, homomorphic encryption can be used to enable linear operations on encrypted data. Integer division of encrypted data however requires an additional protocol between the client and the server and will be relatively expensive. We present new solutions for dividing encrypted data in the semi-honest model using homomorphic encryption and additive blinding, having low computational and communication complexity. In most of our protocols we assume the divisor is publicly known. The division result is not only computed exactly, but may also be approximated leading to further improved performance. The idea of approximating the result of an integer division is extended to similar results for secure comparison, secure minimum, and secure maximum in the client-server model, yielding new efficient protocols with demonstrated application in biometrics. The exact minimum protocol is shown to outperform existing approaches.

Generating private recommendations in a social trust network

Recommender systems have become increasingly important in e-commerce as they can guide customers with finding personalized services and products. A variant of recommender systems that generates recommendations from a set of trusted people is recently getting more attention in social networks. However, people are concerned about their privacy as the information revealed in recommender systems, particularly in social networks, can be misused easily. A way to eliminate the privacy risks is to make the privacy-sensitive data inaccessible by means of encryption. While the private data is inaccessible to any outsiders and the server, the same functionality of the system can be achieved by processing the encrypted data. Unfortunately, the efficiency of processing encrypted data constitutes a big challenge. In this paper, we present a privacy-enhanced recommender system in a social trust network, which is designed to be highly efficient. The cryptographic protocol for generating recommendations is based on homomorphic encryption and secure multi-party computation techniques. The additional overhead with regard to computation and communication is minimized by packing data. The experimental results show that our proposal is promising to be deployed in real world.

Privacy-preserving content-based recommender system

By offering personalized content to users, recommender systems have become a vital tool in e-commerce and online media applications. Content-based algorithms recommend items or products to users, that are most similar to those previously purchased or consumed. Unfortunately, collecting and storing ratings, on which content-based methods rely, also poses a serious privacy risk for the customers: ratings may be very personal or revealing, and thus highly privacy sensitive. Service providers could process the collected rating data for other purposes, sell them to third parties or fail to provide adequate physical security. In this paper, we propose technological mechanisms to protect the privacy of individuals in a recommender system. Our proposal is founded on homomorphic encryption, which is used to obscure the private rating information of the customers from the service provider. While the users privacy is respected by the service provider, by generating recommendations using encrypted customer ratings, the service providers commercially valuable item-item similarities are protected against curious entities, in turn. Our proposal explores simple and efficient cryptographic techniques to generate private recommendations using a server-client model, which neither relies on (trusted) third parties, nor requires interaction with peer users. The main strength of our contribution lies in providing a highly efficient solution without resorting to unrealistic assumptions.

A Framework for Secure Computations With Two Non-Colluding Servers and Multiple Clients, Applied to Recommendations

We provide a generic framework that, with the help of a preprocessing phase that is independent of the inputs of the users, allows an arbitrary number of users to securely outsource a computation to two non-colluding external servers. Our approach is shown to be provably secure in an adversarial model where one of the servers may arbitrarily deviate from the protocol specification, as well as employ an arbitrary number of dummy users. We use these techniques to implement a secure recommender system based on collaborative filtering that becomes more secure, and significantly more efficient than previously known implementations of such systems, when the preprocessing efforts are excluded. We suggest different alternatives for preprocessing, and discuss their merits and demerits.

Processing in the encrypted domain using a composite signal representation: Pros and cons

The current solutions for secure processing in the encrypted domain are usually based on homomorphic cryptosystems operating on very large algebraic structures. Recently, a composite signal representation has been proposed that allows to speed up linear operations on encrypted signals via parallel processing and to reduce the size of the encrypted signals. Though many of the most common signal processing operations can be applied to composite signals, some operations require to process the signal samples independently from each other, thus requiring an unpacking of the composite signals. In this paper, we will address the above issues, showing both merits and limits of the composite signal representation when applied in practical scenarios. A secure protocol for converting an encrypted composite representation into the encryptions of the single signal samples will be introduced. A case study clearly highlights pros and cons of using the composite signal representation in the proposed scenarios.