Hamburger attack: A collusion attack against privacy-preserving data aggregation schemes

Performing efficient data aggregation while keeping the property of privacy preservation of user-related data is of high concern. Extensive research has been conducted to address this problem in multiple areas. As a fact, the security of a number of privacy-preserving protocols are threatened by collusion between participants. Therefore, security analysis plays a fundamental role in privacy-preserving data aggregation protocols. In this paper, we present a new kind of collusion attack strategy called Hamburger Attack. It is of logical simplicity, but has the advantage of being effective and efficient. We employ it to check the security of several existing privacy-preserving data aggregation schemes. We show that under hamburger attack, some prior privacy-preserving data aggregation protocols will disclose part, even all, of the private data that they intended to protect. On the other hand, the hamburger attack is beneficial to designing new privacy-preserving data aggregation schemes. It can assist them in avoiding this kind of collusion attack.