SLAP: Simpler, Improved Private Stream Aggregation from Ring Learning with Errors

Private Stream Aggregation (PSA) protocols perform secure aggregation of time-series data without leaking information about users’ inputs to the aggregator. Previous work in post-quantum PSA used the Ring Learning with Errors (RLWE) problem indirectly via homomorphic encryption (HE), leading to a needlessly complex and intensive construction. In this work, we present SLAP, the first PSA protocol that is directly constructed from the RLWE problem to gain post-quantum security. By nature of our white-box approach, SLAP is simpler and more efficient than previous PSA that uses RLWE indirectly through the black box of HE. We also show how to apply state-of-the-art optimizations for lattice-based cryptography to greatly improve the practical performance of SLAP. The communication overhead of SLAP is much less than in previous work, with decreases of up to 99.96% in ciphertext sizes as compared to previous work in RLWE-based PSA. We demonstrate a speedup of 20.76x over the previous state-of-the-art RLWE-based PSA work’s aggregation and show that SLAP achieves a throughput of 390,691 aggregations per second for 1000 users. We also compare SLAP to other state-of-the-art post-quantum PSA and show that SLAP is comparable in latency and shows improvement in throughput when compared to these works, and we compare the qualitative features of these schemes with regards to practical usability.