Privacy-Preserving Task Matching in Crowdsourcing


Student thesis: Doctoral Thesis

View graph of relations


Related Research Unit(s)


Awarding Institution
Award date8 Jan 2019


With the development of sharing economy, crowdsourcing as a distributed computing paradigm, utilizing human knowledge and intelligence of crowds, has become increasingly pervasive. As one of indispensable services for most crowdsourcing applications, task matching has also been extensively explored. However, privacy issues are usually ignored during the task matching and few existing privacy-preserving crowdsourcing mechanisms can simultaneously protect both task privacy and worker privacy. To protect privacy, information about tasks and workers should be encrypted before being outsourced to the crowdsourcing platform, which makes the task matching a challenging problem.

Towards this problem, searchable encryption seems a promising approach as it can achieve the matching or comparison over the encrypted data. Unfortunately, most of the existing searchable encryption schemes only allow the users who hold the secret key to search, which are not applicable for the crowdsourcing scenario with multiple requesters and multiple workers. This thesis explores the privacy leaks and potential threats in the task matching for the multi-requester/multi-worker crowdsourcing, and proposes three privacy-preserving task matching schemes focusing on matching efficiency, re-key security, identity anonymity and potential attacks.

To achieve the expressiveness of task requirement and worker interest, we propose PPTM, an efficient proxy-based privacy-preserving task matching scheme, which supports the multi-keyword matching between task requirements and worker interests while preserving both task privacy and worker privacy. In PPTM, we first exploit the polynomial function to express multiple keywords of task requirements and worker interests. Then, we design a key derivation method based on matrix decomposition, to realize the multi-keyword matching between multiple requesters and multiple workers. Through PPTM, user accountability and user revocation are achieved effectively and efficiently. Extensive privacy analysis and performance evaluation show that PPTM is more effective and efficient than the state-of-the-art proxy-based solutions.

To eliminate hidden dangers of the leakage of re-keys in the proxy-based solutions, instead of utilizing proxy re-encryption, we propose a proxy-free privacy-preserving task matching scheme, called pMatch, which achieves the encrypted task-worker matching with scalability and non-interaction. We further design two different mechanisms for worker revocation including Server-Local Revocation (SLR) and Global Revocation (GR), which realize efficient worker revocation with minimal overhead on the whole system. The proposed pMatch scheme is provably secure in the random oracle model under the Decisional $q$-Combined Bilinear Diffie-Hellman ($q$-DCDBH) assumption. Comprehensive theoretical analysis and detailed simulation results show that the proposed pMatch scheme outperforms the state-of-the-art proxy-free work.

To protect the privacy of user identities and resist potential threats from dishonest users, we propose APTM, an anonymous privacy-preserving task matching scheme with efficient worker revocation. The proposed APTM scheme not only protects data confidentiality and identity anonymity against the crowd-server, but also achieves query traceability against dishonest or revoked workers. Detailed privacy analysis and thorough performance evaluation show that the proposed APTM scheme is secure and feasible.