Lightweight Privacy-preserving Distributed Recommender System using Tag-based Multikey Fully Homomorphic Data Encapsulation

Recommender systems facilitate personalized service provision through the statistical analysis and model training of user historical data (e.g., browsing behavior, travel history, etc). To address the underpinning privacy implications associated with such systems, a number of privacy-preserving recommendation approaches have been presented. There are, however, limitations in many of these approaches. For example, approaches that apply public key (fully) homomorphic encryption (FHE) on different users. historical ratings under a unique public key of a target recommendation user incur significant computational overheads on resource-constrained local users and may not be scalable. On the other hand, approaches without utilizing public key FHE can neither resist chosen ciphertext attack (CCA), nor be straightforwardly applied to the setting of distributed servers. In this paper, a lightweight privacy-preserving distributed recommender system is proposed. Specifically, we present a new cryptographic primitive (i.e., tag-based multikey fully homomorphic data encapsulation mechanism; TMFH-DEM) designed to achieve CCA security for both input privacy and result privacy. TMFH-DEM enables a set of distributed servers to collaboratively execute efficient privacy-preserving outsourced computation on multiple inputs encrypted under different secret keys from different data owners, without using public key FHE. Building on TMFH-DEM, we propose a lightweight privacy-preserving distributed recommender system, which flexibly returns all the recommended items with certain predicted ratings for all target users. Formal security proof shows that our proposal achieves both user historical rating data privacy and recommendation result privacy. Findings from our evaluations demonstrate its practicability in terms of scalability, recommendation accuracy, computational and communication efficiency.