In the digital era, users share their personal data with service providers to
obtain some utility, e.g., access to high-quality services. Yet, the induced
information flows raise privacy and integrity concerns. Consequently, cautious
users may want to protect their privacy by minimizing the amount of information
they disclose to curious service providers. Service providers are interested in
verifying the integrity of the users’ data to improve their services and obtain
useful knowledge for their business. In this work, we present a generic
solution to the trade-off between privacy, integrity, and utility, by achieving
authenticity verification of data that has been encrypted for offloading to
service providers. Based on lattice-based homomorphic encryption and
commitments, as well as zero-knowledge proofs, our construction enables a
service provider to process and reuse third-party signed data in a
privacy-friendly manner with integrity guarantees. We evaluate our solution on
different use cases such as smart-metering, disease susceptibility, and
location-based activity tracking, thus showing its versatility. Our solution
achieves broad generality, quantum-resistance, and relaxes some assumptions of
state-of-the-art solutions without affecting performance.

By admin