From 962416145d9286a46e517baead4e52f4ec28362a Mon Sep 17 00:00:00 2001 From: Martin Thomson Date: Thu, 3 Oct 2024 17:06:49 +1000 Subject: [PATCH] Iterate on aggregator selection Use of `setlike` seems to be the right general approach for this, even if the spelling is a bit more verbose than is ideal. I've filled in more of the details of the protocol and improved some of the linking and references. --- api.bs | 103 +++++++++++++++++++++++++++++++++++++++++---------------- 1 file changed, 75 insertions(+), 28 deletions(-) diff --git a/api.bs b/api.bs index 9c5b4a9..9501b88 100644 --- a/api.bs +++ b/api.bs @@ -328,7 +328,7 @@ At [=conversion=] time, a [=conversion report=] is created. A conversion report is an encrypted histogram contribution that includes information from any [=impressions=] that the browser previously stored. -The measureConversion method accepts a simple query that is used +The measureConversion() method accepts a simple query that is used to tell the browser how to construct a [=conversion report=]. That includes a simple query that selects from the [=impressions=] that the browser has stored, @@ -392,20 +392,12 @@ select a supported [=aggregation service=]. The page may select any of the supported services found in aggregationServices. The name of the selected service must be supplied as -the `aggregator` member of the +the {{PrivateAttributionConversionOptions/aggregator}} member of the {{PrivateAttributionConversionOptions}} dictionary when calling the measureConversion() method. -

-This section needs to be more precise about [=site=] vs. [=origin=]. - ## Finding a Supported Aggregation Service ## {#find-aggregation-service} -

Is any additional information required in the -{{PrivateAttributionAggregationService}} dictionary? Do we want -to rename `apiVersion` to `protocol`? And we should definitely -define an enum for it. - The aggregationServices attribute contains a list of aggregation services supported by the [=user agent=]. The page must select and specify one of these services when calling the @@ -416,14 +408,21 @@ but that is not required, and impressions are not scoped to a single aggregation service.

+enum PrivateAttributionProtocol { "dap-11", "tee-00" }; + dictionary PrivateAttributionAggregationService { - required DOMString name; - required DOMString apiVersion; + required DOMString url; + required DOMString protocol; +}; + +[SecureContext, Exposed=Window] +interface PrivateAttributionAggregationServices { + readonly setlike<PrivateAttributionAggregationService>; }; [SecureContext, Exposed=Window] interface PrivateAttribution { - attribute FrozenArray<PrivateAttributionAggregationService> aggregationServices; + readonly attribute PrivateAttributionAggregationServices aggregators; }; @@ -431,21 +430,33 @@ The aggregationServices attribute contains the following information about each supported aggregation service:
-
name
+
url
- Name of the aggregation service. This is passed as the `aggregator` - parameter to measureConversion(). + A URL that identifies an [=aggregation service=]. + This value is passed as the {{PrivateAttributionConversionOptions/aggregator}} parameter + to measureConversion() to select the identified aggregation service.
-
apiVersion
+
protocol
- Version of the Private Attribution API supported by this aggregator. Even if - an aggregator supports multiple versions of the API, it is expected to - assign a unique aggregation service name for each supported version. - Thus, the API version is implicit in the aggregator selection - and does not need to be passed to measureConversion(). + The {{PrivateAttributionProtocol|protocol}} that the [=aggregation service=] uses. + Different versions of the same protocol will be use different values. + Even if a single service provider supports multiple protocols, + each needs to use a different URL. + This ensures that each can be uniquely identified by URL + without also specifying the choice of protocol.
+The PrivateAttributionProtocol describes the submission protocol +used by different [=aggregation services=]. This document defines two protocols: + +
+
dap-11
+
A DAP-based protocol [[DAP]] that uses [=MPC=]; see [[#s-mpc]].
+
tee-00
+
A protocol for submission to a [=TEE=]; see [[#s-tee]].
+
+ ## Saving Impressions ## {#save-impression-api} The saveImpression() method requests @@ -591,7 +602,7 @@ The arguments to measureConversion() are as
aggregator
A selection from the [=aggregation services=] that can be found in aggregationServices. + attribute for=PrivateAttribution>aggregators.
epsilon
The amount of [=privacy budget=] to expend on this [=conversion report=].
@@ -612,7 +623,7 @@ The arguments to measureConversion() are as
The maximum [=conversion value=] across all contributions included in the aggregation. Together with epsilon, this is used to calibrate the distribution of random noise that - will be added to the outcome. It is also used to determine the amount of [=privacy budget=] + will be added to the outcome. It is also used to determine the amount of [=privacy budget=] to expend on this [=conversion report=].
lookbackDays
@@ -623,8 +634,8 @@ The arguments to measureConversion() are as
A list of impression sites. Only [=impressions=] recorded where the top-level site is on this list are eligible to match this [=conversion=].
intermediarySites
- A list of sites which called the saveImpression() API. - Only [=impressions=] recorded by scripts originating from one of the intermediary sites + A list of sites which called the saveImpression() API. + Only [=impressions=] recorded by scripts originating from one of the intermediary sites are eligible to match this [=conversion=].
@@ -871,12 +882,27 @@ and produces an aggregate metric. Each browser will have different requirements for aggregation. -## Multi-Party Computation Aggregation ## {#mpc} +## Multi-Party Computation Aggregation ## {#s-mpc} + +A Multi-Party Computation (MPC) system is one that +involves multiple independent entities +that cooperatively compute an agreed function. + +This specification uses an MPC system based on Prio [[PRIO]] +and the Distributed Aggregation Protocol (DAP) [[DAP]]. +This is a two-party MPC system that is characterized by +its reliance on client-provided proofs of correctness for inputs. +This allows for very efficient MPC operation +at a modest cost in the size of submissions to the system. TODO -## Trusted Execution Environments ## {#tee} +## Trusted Execution Environments ## {#s-tee} + +A Trusted Execution Environment (TEE) uses specialized hardware +to ensure that computation is isolated +from other programs that run on the same hardware. TODO @@ -1422,6 +1448,18 @@ spec:infra; type:dfn; text:user agent "href": "https://papers.ssrn.com/sol3/papers.cfm?abstract_id=4430334", "date": "2024-03-14" }, + "dap": { + "authors": [ + "Tim Geoghegan", + "Christopher Patton", + "Brandon Pitman", + "Eric Rescorla", + "Christopher A. Wood" + ], + "href": "https://datatracker.ietf.org/doc/html/draft-ietf-ppm-dap-11", + "title": "Distributed Aggregation Protocol for Privacy Preserving Measurement", + "publisher": "IETF Draft" + }, "dp": { "authors": [ "Cynthia Dwork", @@ -1488,6 +1526,15 @@ spec:infra; type:dfn; text:user agent "href": "https://arxiv.org/abs/2405.16719", "title": "Cookie Monster: Efficient On-device Budgeting for Differentially-Private Ad-Measurement Systems", "publisher": "SOSP'24" + }, + "prio": { + "authors": [ + "Henry Corrigan-Gibbs", + "Dan Boneh" + ], + "title": "Prio: Private, Robust, and Scalable Computation of Aggregate Statistics", + "href": "https://crypto.stanford.edu/prio/paper.pdf", + "date": "2017-03-17" } }