UnLynx: A Decentralized System for Privacy-Conscious Data Sharing
David Froelicher, Patricia Egger, João Sá Sousa, Jean Louis Raisaro, Zhicong Huang, Christian Mouchet, Bryan Ford, and Jean-Pierre Hubaux
Privacy Enhancing Technologies Symposium (PETS)
July 19, 2017
Abstract:
Current solutions for privacy-preserving data
sharing among multiple parties either depend on a centralized
authority that must be trusted and provides only
weakest-link security (e.g., the entity that manages private/secret
cryptographic keys), or leverage on decentralized
but impractical approaches (e.g., secure multi-party
computation). When the data to be shared are of a sensitive
nature and the number of data providers is high,
these solutions are not appropriate. Therefore, we present
UnLynx, a new decentralized system for efficient privacy-preserving
data sharing. We consider m servers that constitute
a collective authority whose goal is to verifiably
compute on data sent from n data providers. UnLynx
guarantees the confidentiality, unlinkability between data
providers and their data, privacy of the end result and the
correctness of computations by the servers. Furthermore,
to support differentially private queries, UnLynx can collectively
add noise under encryption. All of this is achieved
through a combination of a set of new distributed and
secure protocols that are based on homomorphic cryptography,
verifiable shuffling and zero-knowledge proofs. UnLynx
is highly parallelizable and modular by design as it enables
multiple security/privacy vs. runtime tradeoffs. Our
evaluation shows that UnLynx can execute a secure survey
on 400,000 personal data records containing 5 encrypted attributes,
distributed over 20 independent databases, for a
total of 2,000,000 ciphertexts, in 24 minutes.
Paper:
PDF
Slides:
PDF