IETF Logo Mail Archive

[Ppm] Whisper: Private Analytics via Streaming, Sketching, and Silently Verifiable Proofs

Christopher Patton <cpatton@cloudflare.com> Fri, 17 May 2024 00:16 UTC

Return-Path: <cpatton@cloudflare.com>
X-Original-To: ppm@ietfa.amsl.com
Delivered-To: ppm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E6F8FC14F6FC for <ppm@ietfa.amsl.com>; Thu, 16 May 2024 17:16:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.095
X-Spam-Level:
X-Spam-Status: No, score=-2.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=cloudflare.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cQcTnPOywxND for <ppm@ietfa.amsl.com>; Thu, 16 May 2024 17:16:26 -0700 (PDT)
Received: from mail-ot1-x331.google.com (mail-ot1-x331.google.com [IPv6:2607:f8b0:4864:20::331]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E1CBDC14F615 for <ppm@ietf.org>; Thu, 16 May 2024 17:16:26 -0700 (PDT)
Received: by mail-ot1-x331.google.com with SMTP id 46e09a7af769-6f10092c8c7so526124a34.1 for <ppm@ietf.org>; Thu, 16 May 2024 17:16:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cloudflare.com; s=google09082023; t=1715904985; x=1716509785; darn=ietf.org; h=to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=FBa1Hq8nR9hilnnn8TyvPUyKzoDjpzxtRjl3CmEs63w=; b=CzvN468UXaKp+ojN8v8OY1nI090ibya1h6/Eel83xlXuBDrNp76Y4pRHQdk5Zax9oR Qw5rFRqrXshOCD8N61GYo824jhV5R10gGkZj21WbhZ3inYWVQhNE7K7IBTTuJuJ+S+78 Hha5/Irbo+5RURWch9c3WS/dGN/y6zNO/ER1KFFjVIKh2JYA9FfpORM9qmvedfeBWxKq KyAx5ByVMbICaRh6GNs+tVkhwVjlDiAR9JesrQDbMG0ID7TJNvshsX2Iiw1RWAWOL5sW wDvnAzaG7RF0McvaoZAq1nz+Lxpq7ZbYUFaZHtXbSRugsRwwh9z8iF/8rEg97oK1Ss77 RGZA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1715904985; x=1716509785; h=to:subject:message-id:date:from:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=FBa1Hq8nR9hilnnn8TyvPUyKzoDjpzxtRjl3CmEs63w=; b=Zk3/l0WPWyjMdakoXhuNKAbaCzPWo7BTxdBJZi/a5eSY6tMySv0PcIv8yhtToZuFSw CmxucxAvDeVdgQ2lf4oVNBsvB8wjMinIpTMqURFPnwk+bQITvUQnfBIbYh5IXP731LuR 3L+2vTaz1AOfgmiiEViJm659IlY+8rI5EWqs72Oyd/zF+nTPrZ/xQYgXTdusJ2B42EtH 24W3wykKPgmBmleHnW2Zcum9IlY1X/fWsV3Vj8VZ9B2zI4877aEVLr0ANVkeufIPM+6X RHGaoveZuhglj725vjV2K9N2sosB1FaaghkZ8AXEbVdDRBsoZPAhJN5Rm4dIeDhJuARK GKsg==
X-Gm-Message-State: AOJu0Yy0oBAJ66jPjGpDV2oDWJcOhe+fzi66zLNtYvue8zQKbuhT9gpj cwv7+UVJ3D3nfAF35Arnz6Q2vFe5lWMzSiR7uk8B2xSvfeFL6kVEGE9DNl/1/h/QLXs32WgmoGb D20igXMMfSCZOGKb9EeeJ3i2d8shf8M/4NglWaT0WZOykl5w5lvg/6Q==
X-Google-Smtp-Source: AGHT+IE85lRsVfZhbZ/SySL0zghbzqeMciNOJWa90cjpPowuWF8lI7fHVfPB0JvYwxC2BAb6yMknEuNyLdRRoIMnu4o=
X-Received: by 2002:a05:6870:e92:b0:234:56f5:cf16 with SMTP id 586e51a60fabf-24172c2f216mr29136955fac.32.1715904985459; Thu, 16 May 2024 17:16:25 -0700 (PDT)
MIME-Version: 1.0
From: Christopher Patton <cpatton@cloudflare.com>
Date: Thu, 16 May 2024 17:16:14 -0700
Message-ID: <CAG2Zi21C1n2w75Jwv5vQRnj8c8CzNcDzB8=tfT-D4RA4FWW4Kw@mail.gmail.com>
To: ppm <ppm@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000002088af06189b4376"
Message-ID-Hash: OM4QT42E2AN67IF56IFHBQCJB65NEKAF
X-Message-ID-Hash: OM4QT42E2AN67IF56IFHBQCJB65NEKAF
X-MailFrom: cpatton@cloudflare.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [Ppm] Whisper: Private Analytics via Streaming, Sketching, and Silently Verifiable Proofs
List-Id: Privacy Preserving Measurement technologies <ppm.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/ppm/ztWYtmiWBz0RrHKL__4pVeGZgdM>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ppm>
List-Help: <mailto:ppm-request@ietf.org?subject=help>
List-Owner: <mailto:ppm-owner@ietf.org>
List-Post: <mailto:ppm@ietf.org>
List-Subscribe: <mailto:ppm-join@ietf.org>
List-Unsubscribe: <mailto:ppm-leave@ietf.org>

Hi gang,

I wanted to make folks aware of a new paper, from Henry Corrigan-Gibbs and
friends, that has a couple of really cool features that are relevant to
this group:
https://eprint.iacr.org/2024/666

The first is a new batched verification technique that reduces the
Leader-Helper communication for Prio3. Supporting this would require
changes to DAP, though they might not be that bad (
https://github.com/ietf-wg-ppm/draft-ietf-ppm-dap/issues/561) The main
downside is that the communication cost increases as the number of
malicious clients increases: in the worst case the cost is about the same
as it is today. The implication is that there is an efficient DoS vector
that we'd have to engineer around.

The second exciting piece of this paper is a new approach to heavy hitters.
Whereas Poplar1 requires a round of aggregation per bit of input, Whisper
runs in just one round of aggregation, like Prio3 does. Plus, we can get
this benefit without changes to DAP if we forego batched verification. The
downside here is higher Client-Aggregator communication, plus the result is
only approximately correct (Poplar1 gives you an exact solution).

I'd love to hear folks' thoughts on this. I'd especially like to understand
if there's an appetite for doing batched verification.

Chris P.

v2.30.2 | Report a Bug | By Email | System Status