[Thesis]. Manchester, UK: The University of Manchester; 2012.
The growth of the Internet has opened up tremendous opportunities for cooperative
computations where the results depend on the private data inputs of distributed participating
parties. In most cases, such computations are performed by multiple mutually untrusting
parties. This has led the research community into studying methods for performing
computation across the Internet securely and efficiently.This thesis investigates
security methods in the search for an optimum solution to privacy- preserving distributed
statistical computation problems. For this purpose, the nonparametric sign test algorithm
is chosen as a case for study to demonstrate our research methodology. Two privacy-preserving
protocol suites using data perturbation techniques and cryptographic primitives are
designed. The first protocol suite, i.e. the P22NSTP, is based on five novel data
perturbation building blocks, i.e. the random probability density function generation
protocol (RpdfGP), the data obscuring protocol (DOP), the secure two-party comparison
protocol (STCP), the data extraction protocol (DEP) and the permutation reverse protocol
(PRP). This protocol suite enables two parties to efficiently and securely perform
the sign test computation without the use of a third party. The second protocol suite,
i.e. the P22NSTC, uses an additively homomorphic encryption scheme and two novel building
blocks, i.e. the data separation protocol (DSP) and data randomization protocol (DRP).
With some assistance from an on-line STTP, this protocol suite provides an alternative
solution for two parties to achieve a secure privacy-preserving nonparametric sign
test computation. These two protocol suites have been implemented using MATLAB software.
Their implementations are evaluated and compared against the sign test computation
algorithm on an ideal trusted third party model (TTP-NST) in terms of security, computation
and communication overheads and protocol execution times. By managing the level of
noise data item addition, the P22NSTP can achieve specific levels of privacy protection
to fit particular computation scenarios. Alternatively, the P22NSTC provides a more
secure solution than the P22NSTP by employing an on-line STTP. The level of privacy
protection relies on the use of an additively homomorphic encryption scheme, DSP and
DRP. A four-phase privacy-preserving transformation methodology has also been demonstrated;
it includes data privacy definition, statistical algorithm decomposition, solution
design and solution implementation.