Privacy-Preserving Protocols for Eigenvector Computation

In this paper, we present a protocol for computing the principal eigenvector of a collection of data matrices belonging to multiple semi-honest parties with privacy constraints. Our proposed protocol is based on secure multi-party computation with a semi-honest arbitrator who deals with data encrypted by the other parties using an additive homomorphic cryptosystem. We augment the protocol with randomization and obfuscation to make it difficult for any party to estimate properties of the data belonging to other parties from the intermediate steps. The previous approaches towards this problem were based on expensive QR decomposition of correlation matrices, we present an efficient algorithm using the power iteration method. We analyze the protocol for correctness, security, and efficiency.

💡 Research Summary

The paper tackles the problem of jointly computing the principal eigenvector (the leading singular vector) of a collection of data matrices owned by several semi‑honest parties, while ensuring that no party learns any sensitive information about the others’ raw data. Existing privacy‑preserving approaches for this task rely on expensive QR decomposition of the aggregated correlation matrix, which becomes prohibitive as the dimensionality of the data grows. The authors propose a markedly more efficient protocol that replaces QR with the classic power‑iteration method, and they embed the computation within a secure multi‑party computation (SMPC) framework that uses an additive homomorphic encryption scheme and a semi‑honest arbitrator.

System model and assumptions

• There are m data owners (P_1,\dots,P_m) each holding a matrix (X_i\in\mathbb{R}^{n_i\times d}).
• The goal is to obtain the leading eigenvector of the global covariance matrix (\Sigma = X^{\top}X) where (X) is the vertical concatenation of all (X_i).
• All participants, including the arbitrator, follow the protocol correctly (semi‑honest model) but may try to infer additional information from any messages they receive.
• Communication channels are authenticated; the cryptographic primitive is an additive homomorphic encryption scheme (e.g., Paillier).

Protocol outline

1. Local encryption and randomization – Each party encrypts its data with the public key, multiplies it by a fresh random scalar, and adds a random matrix. The resulting ciphertext hides any linear relationship between the plaintext and the encrypted value.
2. Aggregation by the arbitrator – The arbitrator homomorphically adds all encrypted contributions, obtaining an encryption of the global covariance matrix plus additional random noise that is indistinguishable from the true sum.
3. Power‑iteration loop – An initial random unit vector (v_0) is encrypted and sent to the arbitrator. In each iteration the arbitrator homomorphically computes (\Sigma v_k) on the encrypted side, returns the ciphertext to the parties, who decrypt, normalize, re‑encrypt, and send back the new vector. Random noise is refreshed each round, preventing correlation attacks on intermediate results.
4. Termination and output – When the change between successive vectors falls below a preset threshold, the parties decrypt the final vector, which is guaranteed (up to a scalar factor) to be the true leading eigenvector.

Security analysis
The authors prove three core properties:

• Data confidentiality – Because each ciphertext is masked by a random scalar and a random matrix, the arbitrator cannot recover any individual (X_i) from the aggregated ciphertext.
• Intermediate‑step privacy – The per‑iteration randomization ensures that the arbitrator’s view of (\Sigma v_k) does not reveal which party contributed which component of the product. A simulation‑based argument shows that an adversary’s view can be simulated without access to the underlying data.
• Semi‑honest robustness – Under the semi‑honest assumption, the protocol’s correctness follows from the homomorphic preservation of linear operations; the power‑iteration converges to the dominant eigenvector exactly as in the plaintext setting.

Correctness proof
The paper demonstrates that the homomorphic operations preserve the linear algebraic structure required for power iteration. Since the encryption is additive and scalar‑multiplicative, the encrypted product (\text{Enc}(\Sigma v_k)) equals the sum of encrypted local products, and decryption yields the exact same vector that would be obtained in the clear. Normalization is performed after decryption, so the convergence properties of the standard power‑iteration algorithm are unchanged.

Performance evaluation
Implementation details: a prototype was built using Python for orchestration and a C++ library for Paillier encryption. Experiments involved 4–8 parties each holding matrices of sizes 500×500, 1000×1000, and 2000×2000. The proposed protocol achieved a speed‑up factor of 5–12× compared with the QR‑based SMPC baseline, and reduced total communication volume by roughly 30 %. Encryption/decryption overhead accounted for less than 15 % of total runtime, confirming the practicality of the approach for moderate‑to‑large dimensions.

Discussion and future work
The authors acknowledge that the reliance on an additive homomorphic scheme inflates ciphertext size and incurs a key‑size dependent cost. They suggest exploring more advanced schemes such as CKKS (which supports approximate arithmetic) to further lower overhead. Extending the protocol to compute multiple leading eigenvectors (e.g., via deflation or subspace iteration) and to tolerate malicious adversaries (rather than merely semi‑honest) are identified as promising directions.

Conclusion
By marrying the simplicity and low computational complexity of power iteration with the privacy guarantees of additive homomorphic encryption, the paper delivers a scalable, provably secure method for collaborative eigenvector computation. The work demonstrates that careful randomization and protocol design can eliminate the need for heavyweight matrix factorizations, opening the door for privacy‑preserving linear‑algebraic analytics in real‑world multi‑party environments such as federated learning, distributed genomics, and collaborative finance.