SCIF: Privacy-Preserving Statistics Collection with Input Validation and Full Security
Authors: Jianan Su (Georgetown University), Laasya Bangalore (SandboxAQ), Harel Berger (Ariel University), Jason Yi (Georgetown University), Sophia Castor (Georgetown University), Micah Sherr (Georgetown University), Muthuramakrishnan Venkitasubramaniam (Georgetown University)
Volume: 2025
Issue: 3
Pages: 415–435
DOI: https://doi.org/10.56553/popets-2025-0106
Abstract: Secure aggregation is the distributed task of securely computing a sum of values (or a vector of values) held by a set of parties, revealing only the output (i.e., the sum) in the computation. Existing protocols, such as Prio (NDSI’17), Prio+ (SCN’22), Elsa (S&P’23), and Whisper (S&P’24), support secure aggregation with input validation to ensure inputs belong to a specified domain. However, when malicious servers are present, these protocols primarily guarantee privacy but not input validity. Also, malicious server(s) can cause the protocol to abort. We introduce SCIF, a novel multi-server secure aggregation protocol with input validation, that remains secure even in the presence of malicious actors, provided fewer than one-third of the servers are malicious. Our protocol overcomes previous limitations by providing two key properties: (1) guaranteed output delivery, ensuring malicious parties cannot prevent the protocol from completing, and (2) guaranteed input inclusion, ensuring no malicious party can prevent an honest party’s input from being included in the computation. Together, these guarantees provide strong resilience against denial-of-service attacks. Moreover, SCIF offers these guarantees without increasing client costs over Prio and keeps server costs moderate. We present a robust end-to-end implementation of SCIF and demonstrate the ease with which it can be instrumented by integrating it in a simulated Tor network for privacy-preserving measurement.
Keywords: secure aggregation, multiparty computation, malicious security
Copyright in PoPETs articles are held by their authors. This article is published under a Creative Commons Attribution 4.0 license.
