Privacy Preserving Data Mining within Anonymous Credential Systems

Regular (non-private) data mining can be applied to manage and utilize accumulated transaction data. For example, the accumulated relative service time per user per month can be calculated given individual transaction data from which the user compliance with a service agreement can be determined and possibly billing can be processed. Nevertheless, due to user privacy concerns, cryptographic research developed transactions based on unlinkable anonymous credentials. Given the nature of anonymous credentials the ease of managing accumulated data (e.g., per user) is lost. To restore the possibility of management and accumulation of data it seems that a suitable form of privacy preserving data mining is needed. Indeed, privacy preserving data mining methods have been suggested for various protocols and interactions where individual data can be contributed in an encrypted form, but not within the context of anonymous credentials. Given our motivation we suggest a new notion of performing "privacy preserving data mining within the context of anonymous cryptographic credential systems," so as to protect both the privacy of individually contributed data and the identity of their sources while revealing only what is needed. To instantiate our approach we focus on a primitive we call "data mining group signatures" (DMGS), where it is possible for a set of authorities to employ distributed quorum control for conducting privacy preserving data mining operations on a batch of transactions while preserving maximum possible anonymity. We define and model the new primitive and its security goals, we then present a construction and finally show its privacy and security properties. Along the way we build a methodology that safely combines multi-server protocols as sub-procedures in a more general setting.