Prio: Private, Robust, and Scalable Computation of Aggregate Statistics

TL;DR

Prio is a privacy-preserving system that enables secure, scalable collection of aggregate statistics using novel cryptographic techniques, ensuring data privacy even with malicious clients.

Contribution

Prio introduces SNIPs, a new cryptographic method that significantly improves performance for private aggregation, extending capabilities to complex statistical computations.

Findings

Achieves near-zero data exposure with at least one honest server

Enables complex statistics like regression without revealing individual data

Offers a hundred-fold performance boost over traditional zero-knowledge methods

Abstract

This paper presents Prio, a privacy-preserving system for the collection of aggregate statistics. Each Prio client holds a private data value (e.g., its current location), and a small set of servers compute statistical functions over the values of all clients (e.g., the most popular location). As long as at least one server is honest, the Prio servers learn nearly nothing about the clients' private data, except what they can infer from the aggregate statistics that the system computes. To protect functionality in the face of faulty or malicious clients, Prio uses secret-shared non-interactive proofs (SNIPs), a new cryptographic technique that yields a hundred-fold performance improvement over conventional zero-knowledge approaches. Prio extends classic private aggregation techniques to enable the collection of a large class of useful statistics. For example, Prio can perform a least-squares regression on high-dimensional client-provided data without ever seeing the data in the clear.