International Association
for Cryptologic Research

With the advent of networking applications collecting user data on

a massive scale, the privacy of individual users appears to be a major concern.

The main challenge is the design of a solution that allows the data analyzer to

compute global statistics over the set of individual inputs that are protected by

some confidentiality mechanism. Joye et al. [7] recently suggested a solution

that allows a centralized party to compute the sum of encrypted inputs collected

through a smart metering network. The main shortcomings of this solution are

its reliance on a trusted dealer for key distribution and the need for frequent key

updates. In this paper we introduce a secure protocol for aggregation of timeseries

data that is based on the Joye et al. [7] scheme and in which the main

shortcomings of the latter, namely, the requirement for key updates and for the

trusted dealer are eliminated. As such, during the protocol execution none of the

parties apart from the users themselves are aware of the secret keys. Moreover

our scheme supports a dynamic group management, whereby as opposed to Joye

et al. [7] leave and join operations do not trigger a key update at the users.