Privacy-Preserving Queries And Applications Based On Secure Computation Protocols

With the rapid development of information technology and the comprehensive popularization of the Internet,human production and life have entered the digital age.Data,as an information carrier,has become a fundamental and important means of production.With the support of cloud computing and big data technologies,people can better manage massive date and mine new value from it.However,while fully enjoying the dividends brought by big data,the protection of personal privacy and enterprise sensitive data cannot be ignored.Querying is a common operation for data analysis and processing.The result of the query can be the data record itself that matches the query conditions,or a function mapping on a set of data.According to the storage location of data,it can be categorized into data-centralized query and data-distributed query.For the data-centralized query,a client submits his/her query request to the server that provides data storage,and obtains the corresponding query result.For example,in a data outsourcing scenario,the data owner outsources all data and query response task to the cloud service provider in order to save local storage and computing costs.For the data-distributed query,a client submits his/her query request to a group of data owners,and obtains query results on the group of data.For example,in a federated learning scenario,each model aggregation during the training process can be modeled as an aggregate query on the local model data of a group of learning participants,where the query result is the aggregated model parameters.The research in this dissertation focuses on the privacy-preserving query problem in the data outsourcing setting and the federal learning scenario.In the data outsourcing setting,the data owner usually encrypts his data before outsourcing it in order to protect his sensitive information.However,traditional encryption schemes make the data completely unavailable until it is decrypted,and thus the cloud server cannot perform any query operations.In addition to the data privacy,a fully functional privacy-preserving query scheme also needs to consider the protection of query requests and query results.In other words,the cloud server is expected to have as little information as possible related to the data and the query when performing the search.In the federation learning scenario,the model aggregation process requires the participants to share their local model information.However,many studies have shown that sharing local models directly will lead to the leakage of the participants’ local data information.Focusing on these privacy-preserving query issues,the dissertation mainly conducts the following three researches:1.Secure range query in the data outsourcing setting.Multi-dimensional range queries on outsourced data usually involve multiple privacy issues such as data,query,result,and single-dimensional matching pattern.Based on R-tree index structure,this dissertation propose a tree-based private range query scheme over dynamic encrypted cloud data(TRQED).Compared with existing solutions,our scheme takes into account more comprehensive privacy protections and achieves more efficient search efficiency.Moreover,we discuss the defects of TRQED in term of privacy-preservation,and puts forward a safer range query scheme,called TRQED+,by adopting two-server model.In this enhanced scheme,we design two building blocks,i.e.,secure node query and secure point query(SPQ),and propose the oblivious R-tree traversal(ORT)operation to preserve both path pattern and single-dimensional privacy.We conduct comprehensive experiments on real-world dataset and perform comparison with existing works to evaluate the performance of the proposed schemes.Experimental results show that our schemes surpass the state-of-the-art methods in efficiency and privacypreservation level.2.Secure skyline query in the data outsourcing setting.Skyline query is a similarity search functionality,whose goal is to obtain all Pareto-similar records with respect to the query point.A significant challenge of designing a secure skyline query scheme is that skyline queries need the complex comparisons and computations.To achieving secure and efficient skyline query in the data outsourcing setting,this dissertation proposes a hybrid protocol via additively homomorphic encryption system and Yao’s garbled circuits.first,we design an oblivious selection protocol that enables the participants to obliviously extract appropriate labels in Yao’s protocol for further step computation.This protocol ensures that the cloud server cannot obtain any intermediate results in the query process.Based on our oblivious selection protocol,we present an efficient and fully secure protocol for dynamic skyline query.To evaluate the performance of HybridSky,we conduct extensive experiments on three synthetic datasets and a real-world dataset.Experimental results show that our scheme provides order-of-magnitude improvements in computation time compared to the state-of-the-art methods.3.Decentralized secure model aggregation query in the federal learning scenario.For distributed model training based on federated learning,aggregation of models from different training participants is a crucial step,but there is also the risk of disclosing participants’ local data privacy.In addition,compared to centralized federated learning framework with central servers,P2P framework allowing direct communication among participants is more scalable for decentralized networks of device.However,previous research in P2P setting has largely focused on the optimization of communication based on different topologies.This dissertation studies the problem of secure model aggregation in the decentralized federated learning scenario,and proposes a privacy-preserving decentralized federated learning scheme.Specifically,we model each model aggregation process as an aggregation query initiated by a node to its neighbors,and use a decentralized dynamic function encryption scheme to construct a secure and efficient model aggregation protocol.Based on this protocol,we propose a privacypreserving decentralized federated learning framework,and give two concrete algorithms based on All-reduce and Gossip,respectively.