Evaluation of Encryption Algorithms for Privacy Preserving Association Rules Mining on Distributed Horizontal Database Ashraf El-Sisi, and Hamdy M. Mousa Faculty of Computers and Information, Menofyia University, Egypt {ashrafelsisi@hotmail.com, hamdimmm@hotmail.com } Abstract - Encryption algorithms used in privacy preserving protocols can be affected on overall performance. In this paper we study several encryption algorithms with two methods of privacy preserving association rule mining on distributed horizontal database (PPARM4, and PPARM3). The first method PPARM4 computes association rules that hold globally while limiting the information shared about each site in order to increase the efficiency. The second method PPARM3 is a modification for PPARM4 based on a semi-honest model with negligible collision probability. Common encryption algorithms for the two methods of privacy preserving association rule mining on distributed horizontal database selected based on performance metric. So a performance comparison among five of the most common encryption algorithms: RSA, DES, 3DES, AES and Blowfish with the two privacy methods are presented. The comparison has been conducted by running several encryption settings with the two methods of privacy preserving association rule mining on distributed horizontal database. Simulation has been conducted using Java. Results show that, PPARM3 gives better performance with all encryption algorithms implemented. Also PPARM3 with encryption algorithm DES gives best result with different database sizes. Based on the results we can tune the suitable encryption algorithm from our implementations to the required overall performance. Keywords: Encryption, distributed data mining, Association rule mining, privacy, security. 1 Introduction Data Mining (DM) techniques have been widely used in many areas especially for strategic decision-making [1-8]. Apart from its usual benefits, it also has a few disadvantages associated with it. Experts say that data mining in the wrong hands will end up in destruction. The main threat of data mining is to privacy and security of data residing in large data stores [9-15]. Some of the information considered as private and secret can be brought out with advanced data mining tools. It is a real concern of people working in the field of database technology. Different research efforts are under way to address this problem of preserving security and privacy. The privacy term is overloaded, and can, in general, assume a wide range of different meanings. For example, in the context of the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule, privacy means the individual’s ability to control who has the access to personal health care information. From the organizations point of view, privacy involves the definition of policies stating which information is collected, how it is used, and how customers are informed and involved in this process. We can considering privacy as “The right of an entity to be secure from unauthorized disclosure of sensible information that are contained in an electronic repository or that can be derived as aggregate and complex information from data stored in an electronic repository”. There are many methods for privacy preserving distributed association rule mining across private databases. So these methods try to compute the answer to the mining without revealing any additional information about user privacy. An application that needs privacy preserving distributed association rule mining across private databases, like medical research. Sensitive information contained in a database can be extracted with the help of non-sensitive information. This is called the inference problem. Different concepts have been proposed to handle the inference problem. The process of modifying the transactional database to hide some sensitive information is called sanitization. By sanitizing the original transactional database, the sensitive information can be hidden. In the sanitization process, selective transactions are retrieved and modified before handing over the database to a third party. Modification of transaction involves removing an item from a transaction or adding an element to the transaction. In some cases, transactions will be either added to or removed from the database as suggested in [16]. The modified database is called sanitized database or released database. The efficiency of a privacy-preserving algorithm is measured based on: (1) the time taken to hide the data, (2) the number of new rules introduced because of the hiding process, and (3) the number of legitimate rules lost or unable to be extracted from the released database. Encryption algorithm used in privacy preserving can be affected on overall performance, so in this paper we addresses the problem of evaluate several encryption algorithms with two protocols of privacy preserving association rule mining (PPARM4, and PPARM3) on distributed horizontal database. The numbers (4 and 3) in