Privacy-Preserving Analysis of Mobility Data Using Homomorphic Encryption
Clemens Krüger* 1, Bhavinkumar Moriya1, Dominik Schoop 1
Abstract
Cities, communes and public transport operators need data to plan the required, efficient, economic and ecologic road infrastructures and transportation systems. For example, a public transport operator will need to know the usage frequency of their buses, trams etc. to offer an economic service. Some of the required data can be collected by counting passengers, vehicles, pedestrians etc. However, many of the relevant questions require data over time and location of individual persons, although the outcome of the data analysis is not concerned with the data of individuals. For example, the question “How many people travel from location A to location B at time t using public transport?” cannot be answered by counting data alone. Questionnaires and interviews can provide the necessary data but are costly and do not necessarily provide representative data. Better data with higher quality could be obtained if people were tracked over time and location. However, personal mobility data is highly sensitive and may contain all sorts of information about the individual, e.g. about work, life style, health etc [3]. Therefore, it is worthwhile to search for a privacy-preserving solution to the analysis of mobility data, i.e. a solution where the input privacy of the mobility data of individual persons is ensured.
We present the design and first implementation of a system where sufficient insights into mobility data can be obtained from personal mobility data without having access to personal information. The system employs homomorphic encryption [4] to make the data of individual persons inaccessible but nevertheless allows the analysis of the data. Homomorphic encryption is a cryptographic technique where computations can be carried out over encrypted data without having access to the unencrypted data. We present an architecture where persons can provide their mobility data homomorphically encrypted to a data operator. The mobility data can be in the form of trajectories over time and space augmented with additional data such as the mode of transport. The data operator can then perform analyses over the encrypted data, including anonymization, without having access to the original mobility data. Since the results of such analyses will be encrypted, they need to be decrypted before they can be used by the party interested in the analysis result, namely the data user.
Our system employs the homomorphic encryption scheme CKKS [2] implemented in the library OpenFHE [1] to encrypt mobility data and to perform analyses of the encrypted data such ask-means clustering or heat maps. The runtime and memory demands of the calculations are investigated. Although homomorphic encryption is known to be resource intensive, we show that for some relevant analyses of mobility data the resource consumption is high but nevertheless leads to a feasible solution.
We present a research agenda for open problems, including i) a suitable key management, which ensures that the results of data analyses can be decrypted without being able to decrypt input data; ii) optimisation of resource use and iii) implementation of more complex data analyses.
References
- Ahmad Al Badawi, Andreea Alexandru, Jack Bates, Flavio Bergamaschi, David Bruce Cousins, Saroja Erabelli, Nicholas Genise, Shai Halevi, Hamish Hunt, Andrey Kim, Yongwoo Lee, Zeyu Liu, Daniele Micciancio, Carlo Pascoe, Yuriy Polyakov, Ian Quah, Saraswathy R.V., Kurt Rohloff, Jonathan Saylor, Dmitriy Suponitsky, Matthew Triplett, Vinod Vaikuntanathan, and Vincent Zucca. OpenFHE: Open-source fully homomorphic encryption library. Cryptology ePrint Archive, Paper 2022/915, 2022. https://eprint.iacr.org/2022/915.
- Jung Hee Cheon, Andrey Kim, Miran Kim, and Yong Soo Song. Homomorphic encryption for arithmetic of approximate numbers. In Tsuyoshi Takagi and Thomas Peyrin, editors, Advances in Cryptology - ASIACRYPT 2017 - 23rd International Conference on the Theory and Applications of Cryptology and Information Security, Hong Kong, China, December 3-7, 2017, Proceedings, Part I, volume 10624 of Lecture Notes in Computer Science, pages 409–437. Springer, 2017.
- Gerald Friedland and Robin Sommer. Cybercasing the joint: on the privacy implications of geotagging. In Proceedings of the 5th USENIX Conference on Hot Topics in Security, HotSec’10, page 1–8, USA, 2010. USENIX Association.
- Shai Halevi. Homomorphic encryption. In Yehuda Lindell, editor, Information Security and Cryptography, Information Security and Cryptography, pages 219–276. Springer International Publishing, Cham, 2017.