We consider how an untrusted data aggregator can learn desired statistics over multiple participants data, without compromising each individuals privacy. We propose a construction that allows a group of participants to periodically upload encrypted values to a data aggregator, such that the aggregator is able to compute the sum of all participants values in every time period, but is unable to learn anything else. We achieve strong privacy guarantees using two main techniques. First, we show how to utilize applied cryptographic techniques to allow the aggregator to decrypt the sum from multiple ciphertexts encrypted under different user keys. Second, we describe a distributed data randomization procedure that guarantees the differential privacy of the outcome statistic, even when a subset of participants might be compromised.
Shi, E.; Chan, H.; Rieffel, E.; Chow, R.; Song, D. Privacy-preserving aggregation of time-series data. 18th Annual Network & Distributed System Security Symposium (NDSS);2011 February 6-9; San Diego, CA.