STAR: Secret Sharing for Private Threshold Aggregation Reporting

Threshold aggregation reporting systems promise a practical, privacy preserving solution for developers to learn about how their developed applications are used "\emph{in-the-wild}". Unfortunately, proposed systems to date prove impractical for wide scale adoption, suffering from a combination of requiring: \textit{i)} prohibitive trust assumptions; \textit{ii)} high computation costs; or \textit{iii)} massive user bases. As a result, adoption of truly-private approaches has been limited to only a small number of enormous (and excessively costly) projects. This work improves the state of private data collection by proposing $\mathsf{STAR}$, a highly efficient, easily deployable system for providing cryptographically-enforced $\kappa$-anonymity protections on user data collection. The $\mathsf{STAR}$ protocol is highly efficient, easy to implement, and cheap to run, all while providing privacy properties similar to, or exceeding the current state-of-the-art. Our open-source implementation of $\mathsf{STAR}$ and performance measurements find that $\mathsf{STAR}$ is $1773\times$ quicker, requires $62.4\times$ less communication, and is $24\times$ cheaper to run than the existing state-of-the-art.