Presentation is loading. Please wait.

Presentation is loading. Please wait.

Computational Differential Privacy Ilya Mironov (MICROSOFT) Omkant Pandey (UCLA) Omer Reingold (MICROSOFT) Salil Vadhan (HARVARD)

Published byClaude Thompson Modified over 7 years ago

Similar presentations

Presentation on theme: "Computational Differential Privacy Ilya Mironov (MICROSOFT) Omkant Pandey (UCLA) Omer Reingold (MICROSOFT) Salil Vadhan (HARVARD)"— Presentation transcript:

1 Computational Differential Privacy Ilya Mironov (MICROSOFT) Omkant Pandey (UCLA) Omer Reingold (MICROSOFT) Salil Vadhan (HARVARD)

2 Focus of the Talk Relaxations of differential privacy for computational adversaries How they relate to one another and other existing notions Natural protocols demonstrating their benefits

3 Motivation Achieve better utility Standard MPC does not prevent what is leaked by the output – Can we combine computational MPC protocols with DP -functions [DKMMN’06,BNO’08]? Nontrivial differentially private mechanisms must be randomized – Applications typically use pseudorandom sources. What are the formal privacy guarantees achieved?

4 Differential Privacy [ Dwork’06 ] Mechanism K provides privacy to an individual, if individual’s data effects the output of K only “little” K: D  R ensures ε- DP if for all adjacent datasets D 1, D 2 and for all subsets S of R : “adjacent” means “differ in one individual’s entry”

5 Pictorial Representation — bad outcome — probability with record x — probability without record x

6 Towards Computational Notions Equivalently,

7 First Definition: IND-CDP ε- IND-CDP : Mechanism K is ε- IND-CDP if for all adjacent D 1, D 2, for all polynomial sized circuits A, and for all large enough λ, it holds that, Necessary

8 Simulation-based Approach D : 010110 X M(D) Y K(D) Differentially Private M

9 Second Definition: SIM-CDP ε- SIM-CDP : Mechanism K is ε- SIM-CDP if there exists an ε-differentially-private mechanism M such that for all D, distributions M(D) and K(D) are computationally indistinguishable. – M is not necessarily a PPT mechanism – Reversing the order of quantifiers yields another definition, SIM  -CDP :

10 Immediate Questions Are these definitions equivalent? Not hard to see that Main question: SIM-CDP IND-CDP IND-CDP SIM-CDP?

11 Connection with Dense Models [RTTV’08, Imp’08] Distribution X is α-dense in Y if for all tests T, X is α-pseudodense in Y if for all PPT tests T, [RTTV’08] : Reingold, O., Trevisan, L., Tulsiani, M., Vadhan, S. “Dense subsets of Pseudorandom Sets”, FOCS 2008.

12 Connection with Dense Models [RTTV’08, Imp’08] Differential Privacy: – – In the language of dense models – K(D 1 ) is e ε -dense in K(D 2 ) – K(D 2 ) is e ε -dense in K(D 1 ) ε- DP : K(D 1 ) and K(D 2 ) are mutually e ε -dense

13 Connection with Dense Models [RTTV ’08, Imp’08] ε- IND-CDP : – – In the language of dense models – K(D 1 ) is e ε -pseudodense in K(D 2 ) – K(D 2 ) is e ε -pseudodense in K(D 1 ) ε- IND-CDP : K(D 1 ) and K(D 2 ) are mutually e ε -pseudodense

14 Some Notation X Y ( X is pseudodense in Y ) X Y ( X,Y are mutually pseudodense ) X Y ( X is dense in Y ) X Y ( X,Y are mutually dense) ( X,Y comp. indistinguishable) X Y

15 The Dense Model Theorem [RTTV’08] X1X1 X2X2 Y Thm : If X 1 is pseudodense in X 2, there exists a model Y (truly) dense in X 2 such that X 1 is computationally indistinguishable from Y.

16 X1X1 X2X2 X 1 =K(D 1 ) X 2 =K(D 2 ) (IND-CDP) Y1Y1 Y2Y2 Y 1 =M(D 1 ) Y 2 =M(D 2 ) X1X1 X2X2 Z1Z1 Z2Z2 ? Proof Ideas Extension of DM T X Y: X dense in Y, X Y: X,Y mutually dense X Y: X pseudo-dense in Y, X Y: X,Y mutually pseudo-dense (SIM -CDP) Z2Z2

17 To Recap We prove an extension of “The Dense Model Theorem” of [ RTTV’08 ]. Sufficient to establish: Still OPEN: IND-CDP SIM-CDP ? IND-CDP  SIM  -CDP

18 Benefits: Better Utility CDP : Easily get  (1/ε) error w/ constant probability. AliceBob x1x2…xnx1x2…xn y1y2…yny1y2…yn H(x,y) Protocol: Trusted Party: H(x,y)+Lap(1/ε) SFE DP : Requires Ω(n ½ ) error ! [Reingold-Vadhan] ~

19 Other Results A new protocol for Hamming Distance: – Differentially private (standard) – Constant multiplicative error Differentially Private Two-Party Computation

20 Thank you for your attention!

Download ppt "Computational Differential Privacy Ilya Mironov (MICROSOFT) Omkant Pandey (UCLA) Omer Reingold (MICROSOFT) Salil Vadhan (HARVARD)"

Similar presentations

Dov Gordon & Jonathan Katz University of Maryland.

Dov Gordon & Jonathan Katz University of Maryland.
On the (Im)Possibility of Arthur-Merlin Witness Hiding Protocols Iftach Haitner, Alon Rosen and Ronen Shaltiel 1.

On the (Im)Possibility of Arthur-Merlin Witness Hiding Protocols Iftach Haitner, Alon Rosen and Ronen Shaltiel 1.
Efficiency vs. Assumptions in Secure Computation Yuval Ishai Technion & UCLA.

Efficiency vs. Assumptions in Secure Computation Yuval Ishai Technion & UCLA.
Computational Privacy. Overview Goal: Allow n-private computation of arbitrary funcs. –Impossible in information-theoretic setting Computational setting:

Computational Privacy. Overview Goal: Allow n-private computation of arbitrary funcs. –Impossible in information-theoretic setting Computational setting:
Approximate List- Decoding and Hardness Amplification Valentine Kabanets (SFU) joint work with Russell Impagliazzo and Ragesh Jaiswal (UCSD)

Approximate List- Decoding and Hardness Amplification Valentine Kabanets (SFU) joint work with Russell Impagliazzo and Ragesh Jaiswal (UCSD)
Many-to-one Trapdoor Functions and their Relations to Public-key Cryptosystems M. Bellare S. Halevi A. Saha S. Vadhan.

Many-to-one Trapdoor Functions and their Relations to Public-key Cryptosystems M. Bellare S. Halevi A. Saha S. Vadhan.
1 Efficient Pseudorandom Generators from Exponentially Hard One-Way Functions Iftach Haitner, Danny Harnik, Omer Reingold.

1 Efficient Pseudorandom Generators from Exponentially Hard One-Way Functions Iftach Haitner, Danny Harnik, Omer Reingold.
Computational Complexity & Differential Privacy Salil Vadhan Harvard University Joint works with Cynthia Dwork, Kunal Talwar, Andrew McGregor, Ilya Mironov,

Computational Complexity & Differential Privacy Salil Vadhan Harvard University Joint works with Cynthia Dwork, Kunal Talwar, Andrew McGregor, Ilya Mironov,
Efficient Two-party and Multiparty Computation against Covert Adversaries Vipul Goyal Payman Mohassel Adam Smith Penn Sate UCLAUC Davis.

Efficient Two-party and Multiparty Computation against Covert Adversaries Vipul Goyal Payman Mohassel Adam Smith Penn Sate UCLAUC Davis.
1 Vipul Goyal Abhishek Jain UCLA On the Round Complexity of Covert Computation.

1 Vipul Goyal Abhishek Jain UCLA On the Round Complexity of Covert Computation.
CS555Topic 241 Cryptography CS 555 Topic 24: Secure Function Evaluation.

CS555Topic 241 Cryptography CS 555 Topic 24: Secure Function Evaluation.
CIS 5371 Cryptography 3b. Pseudorandomness.

CIS 5371 Cryptography 3b. Pseudorandomness.
Amortizing Garbled Circuits Yan Huang, Jonathan Katz, Alex Malozemoff (UMD) Vlad Kolesnikov (Bell Labs) Ranjit Kumaresan (Technion) Cut-and-Choose Yao-Based.

Amortizing Garbled Circuits Yan Huang, Jonathan Katz, Alex Malozemoff (UMD) Vlad Kolesnikov (Bell Labs) Ranjit Kumaresan (Technion) Cut-and-Choose Yao-Based.
Using Nondeterminism to Amplify Hardness Emanuele Viola Joint work with: Alex Healy and Salil Vadhan Harvard University.

Using Nondeterminism to Amplify Hardness Emanuele Viola Joint work with: Alex Healy and Salil Vadhan Harvard University.
Privacy Enhancing Technologies

Privacy Enhancing Technologies
Seminar in Foundations of Privacy 1.Adding Consistency to Differential Privacy 2.Attacks on Anonymized Social Networks Inbal Talgam March 2008.

Seminar in Foundations of Privacy 1.Adding Consistency to Differential Privacy 2.Attacks on Anonymized Social Networks Inbal Talgam March 2008.
Differential Privacy 18739A: Foundations of Security and Privacy Anupam Datta Fall 2009.

Differential Privacy 18739A: Foundations of Security and Privacy Anupam Datta Fall 2009.
How Should We Solve Search Problems Privately? Kobbi Nissim – BGU A. Beimel, T. Malkin, and E. Weinreb.

How Should We Solve Search Problems Privately? Kobbi Nissim – BGU A. Beimel, T. Malkin, and E. Weinreb.
Sets Definition of a Set: NAME = {list of elements or description of elements} i.e. B = {1,2,3} or C = {x  Z + | -4 < x < 4} Axiom of Extension: A set.

Sets Definition of a Set: NAME = {list of elements or description of elements} i.e. B = {1,2,3} or C = {x  Z + | -4 < x < 4} Axiom of Extension: A set.
On the Complexity of Approximating the VC Dimension Chris Umans, Microsoft Research joint work with Elchanan Mossel, Microsoft Research June 2001.

On the Complexity of Approximating the VC Dimension Chris Umans, Microsoft Research joint work with Elchanan Mossel, Microsoft Research June 2001.

Similar presentations

Ads by Google