Mastic: Private Weighted Heavy-Hitters and Attribute-Based Metrics

Dimitris Mouris; Christopher Patton; Hannah Davis; Pratik Sarkar; Nektarios Georgios Tsoutsos

Paper 2024/221

Mastic: Private Weighted Heavy-Hitters and Attribute-Based Metrics

Dimitris Mouris

, Nillion, University of Delaware

Christopher Patton, Cloudflare

Hannah Davis, Seagate

Pratik Sarkar

, Supra Research

Nektarios Georgios Tsoutsos

, University of Delaware

Abstract

Insight into user experience and behavior is critical to the success of large software systems and web services. Gaining such insights, while preserving user privacy, is a significant challenge. Recent advancements in multi-party computation have made it practical to securely compute aggregates over secret shared data. Two such protocols have emerged as candidates for standardization at the IETF: Prio (NSDI 2017) for general-purpose statistics; and Poplar (IEEE S&P 2021) for heavy hitters, where the goal is to compute the most popular inputs held by users without learning the inputs themselves. While each of these protocols is well-suited to certain applications, there remain a number of use cases identified by IETF for which neither Prio nor Poplar is practical. We introduce Mastic, a protocol for the following functionality: each of a large number of clients holds an input (e.g., a URL) and its corresponding weight (e.g., page load time); for a given candidate input (or prefix), a small number of non-colluding servers wish to securely aggregate the weights of clients that hold that input (or some input with that prefix), without learning the weights or which client holds which input. This functionality makes two new classes of applications possible. The first is a natural generalization of heavy hitters we call weighted heavy-hitters. The second is an enhancement of Prio-style metrics we call attribute-based metrics in which aggregates are grouped by hierarchical user attributes (e.g., their geographic location or software version). We demonstrate Mastic's practicality for these applications with a real-world example of each. We also compare our protocol with Prio and Poplar on a wide area network. Overall, we report over one order of magnitude performance improvement over Poplar for plain heavy-hitters and $1.5-2\times$ improvement over Prio for attribute-based metrics.

Note: Our implementation of Mastic is open-source: https://github.com/TrustworthyComputing/mastic

Metadata

Available format(s): PDF
Category: Cryptographic protocols
Publication info: Published elsewhere. Minor revision. Proceedings on Privacy Enhancing Technologies (PoPETs) 2025
Keywords: Function secret sharing histograms heavy hitters privacy-enhancing technologies secure multiparty computation
Contact author(s): dimitris @ nillion com
cpatton @ cloudflare com
hannahedavis @ protonmail com
pratik93 @ bu edu
tsoutsos @ udel edu
History: 2024-09-27: last of 2 revisions; 2024-02-13: received; See all versions
Short URL: https://ia.cr/2024/221
License: CC BY

BibTeX

@misc{cryptoeprint:2024/221,
      author = {Dimitris Mouris and Christopher Patton and Hannah Davis and Pratik Sarkar and Nektarios Georgios Tsoutsos},
      title = {Mastic: Private Weighted Heavy-Hitters and Attribute-Based Metrics},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/221},
      year = {2024},
      url = {https://eprint.iacr.org/2024/221}
}