IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, VOL. 7, NO. 3, JUNE 2012 1053 Generating Private Recommendations Ef ficiently Using Homomorphic Encryption and Data Packing Zekeriya Erkin, Member, IEEE, Thijs Veugen, Tomas Toft, and Reginald L. Lagendijk, Fellow, IEEE Abstract—Recommender systems have become an important tool for personalization of online services. Generating recom- mendations in online services depends on privacy-sensitive data collected from the users. Traditional data protection mecha- nisms focus on access control and secure transmission, which provide security only against malicious third parties, but not the service provider. This creates a serious privacy risk for the users. In this paper, we aim to protect the private data against the service provider while preserving the functionality of the system. We propose encrypting private data and processing them under encryption to generate recommendations. By introducing a semitrusted third party and using data packing, we construct a highly efficient system that does not require the active par- ticipation of the user. We also present a comparison protocol, which is the first one to the best of our knowledge, that compares multiple values that are packed in one encryption. Conducted experiments show that this work opens a door to generate private recommendations in a privacy-preserving manner. Index Terms—Homomorphic encryption, privacy, recom- mender systems, secure multiparty computation. I. INTRODUCTION M ILLIONS of people are using online services for var- ious daily activities [1], many of which require sharing personal information with the service provider. Consider the fol- lowing online services: Social Networks: People use social networks to get in touch with other people, and create and share content that includes personal information, images, and videos. The service providers have access to the content provided by their users and have the right to process collected data and distribute them to third parties. A very common service provided in social networks is to generate recommenda- tions for finding new friends, groups, and events using Manuscript received September 01, 2011; revised March 05, 2012; accepted March 06, 2012. Date of publication March 13, 2012; date of current version May 08, 2012. This work was supported by the Kindred Spirits Project, spon- sored by the STWs Sentinels program in The Netherlands. The associate editor coordinating the review of this manuscript and approving it for publication was Dr. Alessandro Piva. Z. Erkin and R. L. Lagendijk are with the Information Security and Pri- vacy Laboratory, Department of Intelligent Systems, Delft University of Technology, 2628 CD, Delft, The Netherlands (e-mail: z.erkin@tudelft.nl; r.l.lagendijk@tudelft.nl). T. Veugen is with Information Security and Privacy Laboratory, Department of Intelligent Systems, Delft University of Technology, 2628 CD, Delft, The Netherlands, and also with TNO, 2600 GB, Delft, The Netherlands (e-mail: p.j.m.veugen@tudelft.nl). T. Toft is with the Computer Science Department, Aarhus University, Aarhus DK-8200, Denmark (e-mail: ttoft@cs.au.dk). Color versions of one or more of the figures in this paper are available online at http://ieeexplore.ieee.org. Digital Object Identifier 10.1109/TIFS.2012.2190726 collaborative filtering techniques [2]. The data required for the collaborative filtering algorithm is collected from various resources including users’ profiles and behaviors. Online Shopping: Online shopping services increase the likelihood of a purchase by providing personalized sug- gestions to their customers. To find services and products suitable to a particular customer, the service provider pro- cesses collected user data like user preferences and click- logs. IP-TV: A set-top box with high storage capacity and processing power takes its place almost in every house- hold. The service providers use smart applications to monitor people’s actions to get (statistical) information on people’s watching habits, their likes and dislikes. Based on the information collected from the users, the service provider recommends personalized digital content like TV programs, movies, and products that a particular user may find interesting. In all of the above services and in many others, recommender systems based on collaborative filtering techniques that collect and process personal user data constitute an essential part of the service. On one hand, people benefit from online services. On the other hand, direct access to private data by the service provider has potential privacy risks for the users since the data can be processed for other purposes, transferred to third parties without user consent, or even stolen [3]. Recent studies show that the privacy considerations in online services seem to be one of the most important factors that threaten the healthy growth of e-business [4]. Therefore, it is important to protect the privacy of the users of online services for the benefit of both individuals and business. A. Previous Work The need for privacy protection for online services, partic- ularly those using collaborative filtering techniques, triggered research efforts in the past years. Among many different approaches, two main directions, which are based on data perturbation [5] and cryptography [6], have been investigated primarily in literature. Polat and Du in [7] and [8] suggest hiding the personal data statistically, which has been proven to be an insecure approach [9]. Shokri et al. present a recommender system that is built on distributed aggregation of user profiles, which suffers from the trade-off between privacy and accuracy [10]. McSherry and Mironov proposed a method using differ- ential privacy, which has a similar trade-off between accuracy and privacy [11]. Cissée and Albayrak present an agent system where trusted software and secure environment are required [12]. Atallah et al. proposed privacy-preserving collaborative forecasting and benchmarking to increase the reliability of local 1556-6013/$31.00 © 2012 IEEE