Our data, ourselves: privacy via distributed noise generation
Cynthia Dwork,Krishnaram Kenthapadi,Frank McSherry,Ilya Mironov,Moni Naor +4 more
- Vol. 4004, pp 486-503
TLDR
In this paper, a distributed protocol for generating shares of random noise, secure against malicious participants, was proposed, where the purpose of the noise generation is to create a distributed implementation of the privacy-preserving statistical databases described in recent papers.Abstract:
In this work we provide efficient distributed protocols for generating shares of random noise, secure against malicious participants. The purpose of the noise generation is to create a distributed implementation of the privacy-preserving statistical databases described in recent papers [14,4,13]. In these databases, privacy is obtained by perturbing the true answer to a database query by the addition of a small amount of Gaussian or exponentially distributed random noise. The computational power of even a simple form of these databases, when the query is just of the form ∑if(di), that is, the sum over all rows i in the database of a function f applied to the data in row i, has been demonstrated in [4]. A distributed implementation eliminates the need for a trusted database administrator.
The results for noise generation are of independent interest. The generation of Gaussian noise introduces a technique for distributing shares of many unbiased coins with fewer executions of verifiable secret sharing than would be needed using previous approaches (reduced by a factor of n). The generation of exponentially distributed noise uses two shallow circuits: one for generating many arbitrarily but identically biased coins at an amortized cost of two unbiased random bits apiece, independent of the bias, and the other to combine bits of appropriate biases to obtain an exponential distribution.read more
Citations
More filters
Posted Content
Prio: Private, Robust, and Scalable Computation of Aggregate Statistics
Henry Corrigan-Gibbs,Dan Boneh +1 more
TL;DR: Pozo is presented, a privacy-preserving system for the collection of aggregate statistics that uses secret-shared non-interactive proofs (SNIPs), a new cryptographic technique that yields a hundred-fold performance improvement over conventional zero-knowledge approaches.
Book ChapterDOI
Differentially Private Smart Metering with Battery Recharging
Michael Backes,Sebastian Meiser +1 more
TL;DR: In this article, the authors proposed a novel technique for provably hiding sensitive power consumption information in the overall power consumption stream, which relies on a rechargeable battery that is connected to the household's power supply.
Posted Content
Privacy in Deep Learning: A Survey
Fatemehsadat Mireshghallah,Mohammadkazem Taram,Praneeth Vepakomma,Abhishek Singh,Ramesh Raskar,Hadi Esmaeilzadeh +5 more
TL;DR: This survey reviews the privacy concerns brought by deep learning, and the mitigating techniques introduced to tackle these issues, and shows that there is a gap in the literature regarding test-time inference privacy.
Book ChapterDOI
Putting Statistical Disclosure Control into Practice: The ARX Data Anonymization Tool
Fabian Prasser,Florian Kohlmayer +1 more
TL;DR: ARX is an anonymization tool for structured data which supports a broad spectrum of methods for statistical disclosure control by providing models for analyzing re-identification risks, and syntactic privacy criteria, such as k-anonymity, l-diversity, t-closeness and δ-presence.
Journal ArticleDOI
Subsampled Rényi Differential Privacy and Analytical Moments Accountant
TL;DR: In this paper, the authors provide a tight upper bound on the Renyi Differential Privacy (RDP) parameters for algorithms that subsample the dataset, and then apply a randomized mechanism M to the subsample, in terms of the RDP parameters of M and the subsampling probability parameter.
References
More filters
Book ChapterDOI
Calibrating noise to sensitivity in private data analysis
TL;DR: In this article, the authors show that for several particular applications substantially less noise is needed than was previously understood to be the case, and also show the separation results showing the increased value of interactive sanitization mechanisms over non-interactive.
Journal ArticleDOI
The Byzantine Generals Problem
TL;DR: The Albanian Generals Problem as mentioned in this paper is a generalization of Dijkstra's dining philosophers problem, where two generals have to come to a common agreement on whether to attack or retreat, but can communicate only by sending messengers who might never arrive.
Book ChapterDOI
The Byzantine generals problem
TL;DR: In this article, a group of generals of the Byzantine army camped with their troops around an enemy city are shown to agree upon a common battle plan using only oral messages, if and only if more than two-thirds of the generals are loyal; so a single traitor can confound two loyal generals.
Journal Article
Calibrating noise to sensitivity in private data analysis
TL;DR: The study is extended to general functions f, proving that privacy can be preserved by calibrating the standard deviation of the noise according to the sensitivity of the function f, which is the amount that any single argument to f can change its output.
Proceedings ArticleDOI
How to play ANY mental game
TL;DR: This work presents a polynomial-time algorithm that, given as a input the description of a game with incomplete information and any number of players, produces a protocol for playing the game that leaks no partial information, provided the majority of the players is honest.