Efficient Private Statistics with Succinct Sketches

In our digital society, the large-scale collection of contextual information is often essential to gather statistics, train machine learning models, and extract knowledge from data. The ability to do so in a privacy-preserving way -- i.e., without collecting fine-grained user data -- enables a number of computational scenarios that would be hard, or outright impossible, to realize without strong privacy guarantees. In this paper, we present the design and implementation of practical techniques for privately gathering statistics from large data streams. We build on efficient cryptographic protocols for private aggregation and on data structures for succinct data representation, namely, Count-Min Sketch and Count Sketch. These allow us to reduce the communication and computation complexity incurred by each data source (e.g., end-users) from linear to logarithmic in the size of their input, while introducing a parametrized upper-bounded error that does not compromise the quality of the statistics. We then show that our techniques can be efficiently used to instantiate real-world privacy-friendly systems, supporting recommendations for media streaming services, prediction of user locations, and computation of median statistics for Tor hidden services.