Privacy-preserving aggregation for participatory sensing with efficient group management

Participatory sensing applications can learn the aggregate statistics over personal data to produce useful knowledge about the world. Since personal data may be privacy-sensitive, the aggregator should only gain desired statistics without learning anything about the personal data. To guarantee differential privacy of personal data under an untrusted aggregator, existing approaches encrypt the noisy personal data, and allow the aggregator to get a noisy sum. However, these approaches suffer from either high computation overhead, or lack of efficient group management to support dynamic joins and leaves, or node failures. In this paper, we propose a novel privacy-preserving aggregation scheme to address these issues in participatory sensing applications. In our scheme, we first design an efficient group management protocol to deal with participants´ dynamic joins and leaves. Specifically, when a participant joins or leaves, only three participants need to update their encryption keys. Moreover, we leverage the future ciphertext buffering mechanism to deal with node failures, which is combined with the group management protocol making low communication overhead. The analysis indicates that our scheme achieves desired properties, and the performance evaluation demonstrates the scheme´s efficiency in terms of communication and computation overhead.