From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: ppm@ietf.org
Reply-To: iesg@ietf.org
Subject: WG Review: Privacy Preserving Measurement (ppm)
A new IETF WG has been proposed in the Security Area. The IESG has not made
any determination yet. The following draft charter was submitted, and is
provided for informational purposes only. Please send your comments to the
IESG mailing list (iesg@ietf.org) by 2022-02-16.
Privacy Preserving Measurement (ppm)
-----------------------------------------------------------------------
Current status: Proposed WG
Chairs:
Benjamin Schwartz <bemasc@google.com>
Assigned Area Director:
Roman Danyliw <rdd@cert.org>
Security Area Directors:
Benjamin Kaduk <kaduk@mit.edu>
Roman Danyliw <rdd@cert.org>
Mailing list:
Address: ppm@ietf.org
To subscribe: https://www.ietf.org/mailman/listinfo/ppm
Archive: https://mailarchive.ietf.org/arch/browse/ppm/
Group page: https://datatracker.ietf.org/group/ppm/
Charter: https://datatracker.ietf.org/doc/charter-ietf-ppm/
There are many situations in which it is desirable to take measurements of
data which people consider sensitive. For instance, a browser company might
want to measure web sites that do not render properly without learning which
users visit those sites, or a public health authority might want to measure
exposure to some disease without learning the identities of those exposed. In
these cases, the entity taking the measurement is not interested in
people's individual responses but rather in aggregated data (e.g., how many
users had errors on site X). Conventional methods require collecting
individual measurements in plaintext and then aggregating them, thus
representing a threat to user privacy and rendering many such measurements
difficult and impractical.
New cryptographic techniques address this gap through a variety of techniques,
all of which aim to ensure that the server (or multiple, non-colluding
servers) can compute the aggregated value without learning the value of
individual measurements. The Privacy Preserving Measurement (PPM) work will
standardize protocols for deployment of these techniques on the Internet.
This will include mechanisms for:
- Client submission of individual measurements, potentially along with proofs
of validity - Verification of validity proofs by the server(s), if sent by
client - Computation of aggregate values by the server(s) and reporting of
results to the entity taking the measurement
A successful PPM system assumes that clients and servers are configured with
each other's identities and details of the types of measurements to be
taken. This is assumed to happen out of band and will not be standardized in
this WG.
The WG will deliver one or more protocols which can accommodate multiple PPM
algorithms. The initial deliverables will support the calculation of simple
predefined statistical aggregates such as averages, as well as calculations
of the values that most frequently appear in individual measurements. The PPM
protocols will use cryptographic algorithms and protocols defined by the CFRG
to enable privacy-preserving properties. The protocol will be designed to
limit abuse by both client and server, including exposure of individual user
measurements and denial of service attacks on the measurement system. The
resulting document(s) shall consider deployment contexts, and clearly
describe abuse cases and remaining attacks which are not prevented or
mitigated by the protocol(s).
The starting point for PPM WG discussions shall be draft-gpew-priv-ppm.
Milestones:
Dec 2023 - Submit PPM protocol to IESG for publication
WG action announcement
WG Action Announcement
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: The IESG <iesg@ietf.org>,
ppm-chairs@ietf.org,
ppm@ietf.org
Subject: WG Action: Formed Privacy Preserving Measurement (ppm)
A new IETF WG has been formed in the Security Area. For additional
information, please contact the Area Directors or the WG Chairs.
Privacy Preserving Measurement (ppm)
-----------------------------------------------------------------------
Current status: Proposed WG
Chairs:
Benjamin Schwartz <bemasc@google.com>
Samuel Weiler <weiler@csail.mit.edu>
Assigned Area Director:
Roman Danyliw <rdd@cert.org>
Security Area Directors:
Benjamin Kaduk <kaduk@mit.edu>
Roman Danyliw <rdd@cert.org>
Mailing list:
Address: ppm@ietf.org
To subscribe: https://www.ietf.org/mailman/listinfo/ppm
Archive: https://mailarchive.ietf.org/arch/browse/ppm/
Group page: https://datatracker.ietf.org/group/ppm/
Charter: https://datatracker.ietf.org/doc/charter-ietf-ppm/
There are many situations in which it is desirable to take measurements of
data which people consider sensitive. For instance, a browser company might
want to measure web sites that do not render properly without learning which
users visit those sites, or a public health authority might want to measure
exposure to some disease without learning the identities of those exposed. In
these cases, the entity taking the measurement is not interested in people's
individual responses but rather in aggregated data (e.g., how many users had
errors on site X). Conventional methods require collecting individual
measurements in plaintext and then aggregating them, thus representing a
threat to user privacy and rendering many such measurements difficult and
impractical.
New cryptographic techniques address this gap through a variety of
approaches, all of which aim to ensure that the server (or multiple,
non-colluding servers) can compute the aggregated value without learning the
value of individual measurements. The Privacy Preserving Measurement (PPM)
work will standardize protocols for deployment of these techniques on the
Internet. This will include mechanisms for:
- Client submission of individual measurements, potentially along with proofs
of validity
- Verification of validity proofs by the server(s), if sent by client
- Computation of aggregate values by the server(s) and reporting of results
to the entity taking the measurement
A successful PPM system assumes that clients and servers are configured with
each other's identities and details of the types of measurements to be taken.
This is assumed to happen out of band and will not be standardized in this WG.
The WG will deliver one or more protocols which can accommodate multiple PPM
algorithms. The initial deliverables will support the calculation of simple
predefined statistical aggregates such as averages, as well as calculations
of the values that most frequently appear in individual measurements. The PPM
protocols will use cryptographic algorithms and protocols defined by the CFRG
to enable privacy-preserving properties. The protocol will be designed to
limit abuse by both client and server, including exposure of individual user
measurements and denial of service attacks on the measurement system. The
resulting document(s) shall consider deployment contexts, and clearly
describe abuse cases and remaining attacks which are not prevented or
mitigated by the protocol(s).
The starting point for PPM WG discussions shall be draft-gpew-priv-ppm.
Milestones:
Dec 2023 - Submit PPM protocol to IESG for publication