Markdown Version | Session Recording

Session Date/Time: 30 Jun 2025 15:00

PPM

Summary

This interim meeting of the Privacy Preserving Measurement (PPM) Working Group primarily focused on the Distributed Aggregation Protocol (DAP) draft and its path to Working Group Last Call (WGLC). Significant updates to DAP draft-15 were reviewed, including editorial improvements, alignment with HTTP BCPs, and enhancements to validation rules. A proposed change for streaming aggregation job messages was discussed, with the Chair indicating a plan to merge this change absent objections. The meeting also included updates on draft-thompson-ppm-l1-bound-sum, which garnered interest for potential WG adoption, and a detailed presentation on draft-chen-ppm-psi outlining various privacy-preserving computation use cases, though its fit within the current PPM charter was questioned.

Key Discussion Points

• DAP Draft-15 and updates towards Draft-16:

  • Editorial Changes: Extensive revisions for clarity and concision, consistent terminology (e.g., "aggregate" vs. "batch"), improved explanatory material including diagrams, and reordering of the document to ease reader onboarding.
  • Time Definitions: Stricter definitions for time-related types and durations, requiring them to be multiples of a task's time precision, drawing inspiration from TLS-related drafts.
  • RFC 9205 Alignment: Consistent asynchronous handling of requests across aggregation, collection, and aggregate share interactions, aligning with HTTP API best current practices.
  • Eric Rascora's Review: Led to significant simplification by removing custom RFC8446 structure syntax and syncing with the latest, near-final VDAF draft, particularly regarding the ping-pong topology API.
  • Validation Rules: Enhanced clarity and unambiguous definitions for input share and batch validation, covering anti-replay, double collection, and aggregator agreement rules. Guidance was added on relaxing these rules (e.g., for privacy vs. utility tradeoffs) in security considerations, with mention of differential privacy.
  • Bulk Uploads (Implemented since Draft-15): The upload request message now supports an array of reports, allowing a single HTTP request to transmit multiple reports. Message length is determined by the HTTP transport (e.g., Content-Length, chunk encoding, HTTP/2 streams), enabling streaming of reports from clients/proxies.
  • Proposed Streaming for Aggregation Jobs (PR 717): Discussion on extending the streaming concept to aggregation job messages (aggregation_job_init_req, aggregation_job_cont_req, aggregation_job_resp). This would remove explicit length prefixes for variable-length fields, relying on HTTP message length. This aims for consistency across the protocol where streaming is beneficial for messages containing per-report content.

• Path to DAP Working Group Last Call (WGLC):

  • HTTP Directorate Review: An outstanding request for draft-15 was noted; the Chairs suggested the Directorate review draft-16 once available.
  • Remaining Open Issues: Include disambiguating malformed time handling, procedural tasks for registry setup (URNs for error types, protocol object identifiers), and updating document references (e.g., VDAF RFC number). Less defined issues include adding diagrams and questions around aggregator storage.
  • WGLC Blockers: The Chair's personal opinion was that none of the remaining open issues are strict blockers for initiating WGLC, as they could be addressed during the last call period.
  • Implementation Status: "Bits and pieces" are implemented in ISRG BUP's Yiannis, but a full working implementation is not yet available. While "really nice to have," the Chair expressed reluctance to make it a blocker for WGLC.
  • VDAF Dependency: A participant inquired about the stability of the VDAF draft, a key dependency. A VDAF editor confirmed no further changes are expected that would impact DAP, and VDAF is currently awaiting crypto panel review.

• draft-thompson-ppm-l1-bound-sum Update:

  • This draft defines a Proof-of-3 (PO3) instance for vectors of integers where their sum is bounded. It supports Laplace distribution noise for differential privacy and allows zero measurements.
  • Status: Draft 01 is on the data tracker, with a reference implementation and test vectors available. It is considered ready for production implementation.
  • WG Adoption Discussion: A sense of those present indicated general interest in adopting this draft within the PPM WG. It was noted that the work is not "crypto per se" but rather defines a measurement encoding and validity circuit, making PPM a suitable venue. Experience with VDAF suggests that the same experts would review this work in PPM as in CFRG, making PPM a more expedient choice.

• draft-chen-ppm-psi Presentation (Privacy Preserving Computation Use Cases and Problem Statements):

  • Motivation: Increasing value of proprietary data for cross-company collaboration (e.g., financial, health data) and the need for secure, private computation to unlock this value without revealing raw data.
  • Use Cases:
    • Private Set Intersection (PSI): Finding mutual customers between two companies (e.g., Twitter and an entertainment company) without revealing individual customer lists. ECDH-based PSI was highlighted as mature and efficient, with real-world deployments handling large datasets. Post-quantum resilience for ECDH PSI was raised as a future consideration.
    • Private Key-Value Query: A client querying a server's database for a value associated with a key, without revealing the key to the server (e.g., credit checks, medicine searches). Fully Homomorphic Encryption (FHE) was presented as a method, involving polynomial interpolation of data. FHE trades higher computation for compact communication compared to Oblivious Transfer (OT).
    • Private Inner Product: Securely computing the inner product of two vectors held by different parties (e.g., customer similarity, credit risk models). Paillier FHE was mentioned for achieving efficient computations.
    • Collaborative Machine Learning: Jointly training ML models on combined datasets from multiple companies without direct data sharing (e.g., fraud detection, recommendation systems). Utilizes PSI for data alignment and Secure Multi-Party Computation (MPC) for model training.
  • Requirements: Focus on 2-3 data owners, semi-honest security often sufficient, support for common business scenarios, easy-to-use APIs, and performance optimization (balancing computation and communication).
  • Standardization Proposal: Suggested commencing research and standardization efforts on privacy-preserving computations for cross-company collaborations, starting with PSI due to its foundational role and simplicity.
  • Charter Fit Discussion: Participants noted that the current PPM charter is specific to aggregating measurements from a large number of individuals. The proposed work (2-3 companies combining data) might not fit the existing charter, potentially requiring a re-charter or a new working group. The general framework for multi-party data fusion versus specific protocols like PSI was also discussed as a design consideration.

Decisions and Action Items

• Decision: The Chair will proceed to merge Pull Request 717 (enabling streaming for aggregation job messages) at the end of day Thursday, July 3rd, 2024, unless objections are raised on the pull request.
• Action Item: Chairs to release DAP draft-16.
• Action Item: Chairs to update the HTTP Directorate on the new DAP draft-16 for their review.
• Action Item: Working Group members are encouraged to review PR 717 and provide feedback before the planned merge date.
• Action Item: The Working Group expressed general interest in adopting draft-thompson-ppm-l1-bound-sum. Chairs will consider next steps for formal adoption.

Next Steps

• DAP Progress:
  • Release DAP draft-16.
  • Resolve remaining open issues for DAP, aiming to address them during the WGLC period.
  • Continue implementation efforts for DAP in parallel with the WGLC process.
  • Initiate the Working Group Last Call for DAP as soon as feasible.
• draft-thompson-ppm-l1-bound-sum:
  • Further implementation and deployment efforts for draft-thompson-ppm-l1-bound-sum.
  • The Chairs will follow up on the process for formally proposing adoption of this draft into the PPM Working Group.
• draft-chen-ppm-psi and related work:
  • The author of draft-chen-ppm-psi and interested parties are encouraged to explore potential pathways for standardization, considering the discussion around the current PPM charter and whether a re-charter or a new working group might be more appropriate for multi-party data fusion.
  • Further discussions are needed to determine the scope and framework (e.g., general data fusion vs. specific protocols like PSI) for such work within the IETF.