More Web Proxy on the site http://driver.im/

research-article

Public Access

Privacy-Preserving Maximum Matching on General Graphs and its Application to Enable Privacy-Preserving Kidney Exchange

Authors:

Susanne WetzelAuthors Info & Claims

CODASPY '22: Proceedings of the Twelfth ACM Conference on Data and Application Security and Privacy

Pages 53 - 64

https://doi.org/10.1145/3508398.3511509

Published: 15 April 2022 Publication History

Abstract

To this day, there are still some countries where the exchange of kidneys between multiple incompatible patient-donor pairs is restricted by law. Typically, legal regulations in this context are put in place to prohibit coercion and manipulation in order to prevent a market for organ trade. Yet, in countries where kidney exchange is practiced, existing platforms to facilitate such exchanges generally lack sufficient privacy mechanisms. In this paper, we propose a privacy-preserving protocol for kidney exchange that not only addresses the privacy problem of existing platforms but also is geared to lead the way in overcoming legal issues in those countries where kidney exchange is still not practiced. In our approach, we use the concept of secret sharing to distribute the medical data of patients and donors among a set of computing peers in a privacy-preserving fashion. These computing peers then execute our new Secure Multi-Party Computation (SMPC) protocol among each other to determine an optimal set of kidney exchanges. As part of our new protocol, we devise a privacy-preserving solution to the maximum matching problem on general graphs. We have implemented the protocol in the SMPC benchmarking framework MP-SPDZ and provide a comprehensive performance evaluation. Furthermore, we analyze the practicality of our protocol when used in a dynamic setting where patients and donors arrive and depart over time) based on a data set from the United Network for Organ Sharing.

References

[1]

David J Abraham, Avrim Blum, and Tuomas Sandholm. 2007. Clearing Algorithms for Barter Exchange Markets: Enabling Nationwide Kidney Exchange. ACM Conference on Electronic Commerce .

Digital Library

[2]

Nikhil Agarwal, Itai Ashlagi, Eduardo Azevedo, Clayton Featherstone, and Ömer Karaduman. 2018. What Matters for the Productivity of Kidney Exchange?. In AEA Papers and Proceedings, Vol. 108.

[3]

Abdelrahaman Aly, Edouard Cuvelier, Sophie Mawet, Olivier Pereira, and Mathieu Van Vyve. 2013. Securely solving simple combinatorial graph problems. International Conference on Financial Cryptography and Data Security .

[4]

, Balamurugan Anandan and Chris Clifton. 2017. Secure minimum weighted bipartite matching. IEEE Conference on Dependable and Secure Computing .

[5]

, Tommy Andersson and Jörgen Kratz. 2020. Pairwise kidney exchange over the blood group barrier. The Review of Economic Studies, Vol. 87, 3.

[6]

Itai Ashlagi, Adam Bingaman, Maximilien Burq, Vahideh Manshadi, David Gamarnik, Cathi Murphey, Alvin E Roth, Marc L Melcher, and Michael A Rees. 2018. Effect of match-run frequencies on the number of transplants and waiting times in kidney exchange. American Journal of Transplantation, Vol. 18, 5 (2018).

[7]

, Itai Ashlagi and Alvin E Roth. 2021. Kidney Exchange: An Operations Perspective . Technical Report. National Bureau of Economic Research.

[8]

Michael Ben-Or, Shafi Goldwasser, and Avi Wigderson. 1988. Completeness theorems for non-cryptographic fault-tolerant distributed computations. In ACM Symposium on Theory of Computing. ACM.

Digital Library

[9]

, Claude Berge. 1957. Two Theorems in Graph Theory. Proceedings of the National Academy of Sciences of the United States of America, Vol. 43, 9 (1957).

[10]

Péter Biró, Bernadette Haase-Kromwijk, Tommy Andersson, Eyjólfur Ingi Ásgeirsson, Tatiana Baltesová, Ioannis Boletis, Catarina Bolotinha, Gregor Bond, Georg Böhmig, Lisa Burnapp, et almbox. 2019 a. Building Kidney Exchange Programmes in Europe -- An Overview of Exchange Practice and Activities. Transplantation, Vol. 103, 7 (2019).

[11]

Péter Biró, Joris van de Klundert, David Manlove, William Pettersson, Tommy Andersson, Lisa Burnapp, Pavel Chromy, Pablo Delgado, Piotr Dworczak, Bernadette Haase, et almbox. 2019 b. Modelling and optimisation in european kidney exchange programmes. In European Journal of Operational Research. Elsevier.

[12]

, Marina Blanton and Siddharth Saraph. 2015. Oblivious maximum bipartite matching size algorithm with applications to secure fingerprint identification. European Symposium on Research in Computer Security .

Digital Library

[13]

Marina Blanton, Aaron Steele, and Mehrdad Alisagari. 2013. Data-oblivious graph algorithms for secure computation and outsourcing. ACM SIGSAC symposium on Information, computer and communications security .

Digital Library

[14]

Norbert Blum. 1990. A new approach to maximum matching in general graphs. In International Colloquium on Automata, Languages, and Programming. Springer.

[15]

Dan Bogdanov, Marko J oemets, Sander Siim, and Meril Vaht. 2015. How the estonian tax and customs board evaluated a tax fraud detection system based on secure multi-party computation. In International conference on financial cryptography and data security. Springer.

[16]

Dan Bogdanov, Sven Laur, and Jan Willemson. 2008. Sharemind: A framework for fast privacy-preserving computations. In European Symposium on Research in Computer Security. Springer.

Digital Library

[17]

Malte Breuer, Ulrike Meyer, and Susanne Wetzel. 2022. Privacy-Preserving Maximum Matching on General Graphs and its Application to Kidney Exchange (Extended Version). arXiv preprint arXiv:2201.06446 .

[18]

Malte Breuer, Ulrike Meyer, and Susanne Wetzel. Source Code. https://gitlab.com/rwth-itsec/crossover-exchange .

[19]

Malte Breuer, Ulrike Meyer, Susanne Wetzel, and Anja Mühlfeld. 2020. A Privacy-Preserving Protocol for the Kidney Exchange Problem. In Workshop on Privacy in the Electronic Society. ACM.

Digital Library

[20]

Octavian Catrina and Sebastiaan De Hoogh. 2010. Improved primitives for secure multiparty integer computation. International Conference on Security and Cryptography for Networks .

[21]

Edward H Cole, Peter Nickerson, Patricia Campbell, Kathy Yetzer, Nick Lahaie, Jeffery Zaltzman, and John S Gill. 2015. The Canadian kidney paired donation program: a national program to increase living donor transplantation. Transplantation, Vol. 99, 5 (2015).

[22]

DESMOJ, DESMO-J. http://desmoj.sourceforge.net. Accessed 30-Sep-2021.

[23]

John P. Dickerson, Ariel D. Procaccia, and Tuomas Sandholm. 2019. Failure-Aware Kidney Exchange. Management Science, Vol. 65, 4 (2019).

[24]

Jack Doerner, David Evans, and Abhi Shelat. 2016. Secure stable matching at scale. ACM SIGSAC Conference on Computer and Communications Security .

Digital Library

[25]

, Jack Edmonds. 1965. Paths, Trees, and Flowers. Canadian Journal of mathematics, Vol. 17 (1965).

[26]

Paolo Ferrari, Willem Weimar, Rachel J Johnson, Wai H Lim, and Kathryn J Tinckam. 2015. Kidney paired donation: principles, protocols and programs. Nephrology Dialysis Transplantation, Vol. 30, 8 (2015).

[27]

, Harold N Gabow. 1976. An Efficient Implementation of Edmonds' Algorithm for Maximum Matching on Graphs. J. ACM, Vol. 23, 2 (1976).

Digital Library

[28]

, Harold N Gabow and Robert E Tarjan. 1991. Faster scaling algorithms for general graph matching problems. J. ACM, Vol. 38, 4 (1991).

Digital Library

[29]

, Oded Goldreich. 2004. Foundations of Cryptography: Volume 2 - Basic Applications .Cambridge University Press.

Digital Library

[30]

, Philippe Golle. 2006. A private stable matching algorithm. International Conference on Financial Cryptography and Data Security .

Digital Library

[31]

, Marcel Keller. 2020. MP-SPDZ: A Versatile Framework for Multi-Party Computation. In Computer and Communications Security. ACM.

[32]

, Marcel Keller and Peter Scholl. 2014. Efficient, oblivious data structures for MPC. International Conference on the Theory and Application of Cryptology and Information Security .

[33]

John Launchbury, Iavor S Diatchki, Thomas DuBuisson, and Andy Adams-Moran. 2012. Efficient lookup-table protocol in secure multiparty computation. ACM SIGPLAN international conference on Functional programming .

Digital Library

[34]

Silvio Micali and Vijay V Vazirani. 1980. An O($sqrtvert V vert vert E vert $) Algorithm for Finding Maximum Matching in General Graphs. In Symposium on Foundations of Computer Science . IEEE.

[35]

World Health Organization. Top 10 Causes of Death. https://www.who.int/news-room/fact-sheets/detail/the-top-10-causes-of-death . Accessed 30-Sep-2021.

[36]

U Pape and D Conradt. 1980. Maximales Matching in Graphen. Ausgew"ahlte Operations Research Software in FORTRAN (1980).

[37]

Organ Procurement and Transplantation Network. https://optn.transplant.hrsa.gov/data/view-data-reports/national-data/. Accessed 30-Sep-2021 .

[38]

M Sadegh Riazi, Ebrahim M Songhori, Ahmad-Reza Sadeghi, Thomas Schneider, and Farinaz Koushanfar. 2017. Toward Practical Secure Stable Matching. Proc. Priv. Enhancing Technol., Vol. 2017, 1.

[39]

Adi Shamir. 1979. How to Share a Secret. Commun. ACM, Vol. 22, 11 (1979).

Digital Library

[40]

Maciej Syslo, Narsingh Deo, and Janusz S Kowalik. 1983. Discrete Optimization Algorithms with Pascal Programs .Prentice Hall.

[41]

Stefan Wüller, Michael Vu, Ulrike Meyer, and Susanne Wetzel. 2017. Using Secure Graph Algorithms for the Privacy-Preserving Identification of Optimal Bartering Opportunities. Workshop on Privacy in the Electronic Society .

Cited By

Breuer MHein PPompe LMeyer UWetzel S(2024)Prioritization and exchange chains in privacy-preserving kidney exchangeJournal of Computer Security10.3233/JCS-23001232:4(349-404)Online publication date: 26-Aug-2024
https://doi.org/10.3233/JCS-230012
Breuer MMeyer UWetzel S(2024)Efficient Integration of Exchange Chains in Privacy-Preserving Kidney Exchange2024 21st Annual International Conference on Privacy, Security and Trust (PST)10.1109/PST62714.2024.10788043(1-10)Online publication date: 28-Aug-2024
https://doi.org/10.1109/PST62714.2024.10788043
Birka THamacher KKussel TMöllering HSchneider T(2022)SPIKE: secure and private investigation of the kidney exchange problemBMC Medical Informatics and Decision Making10.1186/s12911-022-01994-422:1Online publication date: 22-Sep-2022
https://doi.org/10.1186/s12911-022-01994-4

Index Terms

Privacy-Preserving Maximum Matching on General Graphs and its Application to Enable Privacy-Preserving Kidney Exchange

Recommendations

Privacy-Preserving Fully Online Matching with Deadlines
CODASPY '23: Proceedings of the Thirteenth ACM Conference on Data and Application Security and Privacy

In classical secure multi-party computation (SMPC) it is assumed that a fixed and a priori known set of parties wants to securely evaluate a function of their private inputs. This assumption implies that online problems, in which the set of parties that ...
A Privacy-Preserving Protocol for the Kidney Exchange Problem
WPES'20: Proceedings of the 19th Workshop on Privacy in the Electronic Society

Kidney donations from living donors form an attractive alternative to long waiting times on a list for a post-mortem donation. However, even if a living donor for a given patient is found, the donor's kidney might not meet the patient's medical ...
Prioritization and exchange chains in privacy-preserving kidney exchange

The Kidney Exchange Problem (KEP) aims at finding an optimal set of exchanges among pairs of patients and their medically incompatible living kidney donors as well as altruistic donors who are not associated with any particular patient but want to donate ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

CODASPY '22: Proceedings of the Twelfth ACM Conference on Data and Application Security and Privacy

April 2022

392 pages

ISBN:9781450392204

DOI:10.1145/3508398

General Chair:
Anupam Joshi
University of Maryland, Baltimore County, USA
,
Program Chairs:
Maribel Fernandez
King's College London, UK
,
Rakesh M. Verma
University of Houston, USA

Copyright © 2022 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 15 April 2022

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Conference

CODASPY '22

Sponsor:

SIGSAC

CODASPY '22: Twelveth ACM Conference on Data and Application Security and Privacy

April 24 - 27, 2022

MD, Baltimore, USA

Acceptance Rates

Overall Acceptance Rate 149 of 789 submissions, 19%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
356
Total Downloads

Downloads (Last 12 months)118
Downloads (Last 6 weeks)9

Reflects downloads up to 14 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Breuer MHein PPompe LMeyer UWetzel S(2024)Prioritization and exchange chains in privacy-preserving kidney exchangeJournal of Computer Security10.3233/JCS-23001232:4(349-404)Online publication date: 26-Aug-2024
https://doi.org/10.3233/JCS-230012
Breuer MMeyer UWetzel S(2024)Efficient Integration of Exchange Chains in Privacy-Preserving Kidney Exchange2024 21st Annual International Conference on Privacy, Security and Trust (PST)10.1109/PST62714.2024.10788043(1-10)Online publication date: 28-Aug-2024
https://doi.org/10.1109/PST62714.2024.10788043
Birka THamacher KKussel TMöllering HSchneider T(2022)SPIKE: secure and private investigation of the kidney exchange problemBMC Medical Informatics and Decision Making10.1186/s12911-022-01994-422:1Online publication date: 22-Sep-2022
https://doi.org/10.1186/s12911-022-01994-4

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents