Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Benchmarking Secure Sampling Protocols for Differential Privacy

Yucheng Fu, Tianhao Wang

TL;DR

These experiments show that malicious protocols based on a technique called bitwise sampling are more efficient than other methods, and using an oblivious data structure can reduce the circuit size in high-security regimes, and the utility loss caused by sampling noise in MPC is small, which to a certain extent eliminates utility concerns when using the DDP protocol in practice.

Abstract

Differential privacy (DP) is widely employed to provide privacy protection for individuals by limiting information leakage from the aggregated data. Two well-known models of DP are the central model and the local model. The former requires a trustworthy server for data aggregation, while the latter requires individuals to add noise, significantly decreasing the utility of aggregated results. Recently, many studies have proposed to achieve DP with Secure Multi-party Computation (MPC) in distributed settings, namely, the distributed model, which has utility comparable to central model while, under specific security assumptions, preventing parties from obtaining others' information. One challenge of realizing DP in distributed model is efficiently sampling noise with MPC. Although many secure sampling methods have been proposed, they have different security assumptions and isolated theoretical analyses. There is a lack of experimental evaluations to measure and compare their performances. We fill this gap by benchmarking existing sampling protocols in MPC and performing comprehensive measurements of their efficiency. First, we present a taxonomy of the underlying techniques of these sampling protocols. Second, we extend widely used distributed noise generation protocols to be resilient against Byzantine attackers. Third, we implement discrete sampling protocols and align their security settings for a fair comparison. We then conduct an extensive evaluation to study their efficiency and utility.

Benchmarking Secure Sampling Protocols for Differential Privacy

TL;DR

These experiments show that malicious protocols based on a technique called bitwise sampling are more efficient than other methods, and using an oblivious data structure can reduce the circuit size in high-security regimes, and the utility loss caused by sampling noise in MPC is small, which to a certain extent eliminates utility concerns when using the DDP protocol in practice.

Abstract

Differential privacy (DP) is widely employed to provide privacy protection for individuals by limiting information leakage from the aggregated data. Two well-known models of DP are the central model and the local model. The former requires a trustworthy server for data aggregation, while the latter requires individuals to add noise, significantly decreasing the utility of aggregated results. Recently, many studies have proposed to achieve DP with Secure Multi-party Computation (MPC) in distributed settings, namely, the distributed model, which has utility comparable to central model while, under specific security assumptions, preventing parties from obtaining others' information. One challenge of realizing DP in distributed model is efficiently sampling noise with MPC. Although many secure sampling methods have been proposed, they have different security assumptions and isolated theoretical analyses. There is a lack of experimental evaluations to measure and compare their performances. We fill this gap by benchmarking existing sampling protocols in MPC and performing comprehensive measurements of their efficiency. First, we present a taxonomy of the underlying techniques of these sampling protocols. Second, we extend widely used distributed noise generation protocols to be resilient against Byzantine attackers. Third, we implement discrete sampling protocols and align their security settings for a fair comparison. We then conduct an extensive evaluation to study their efficiency and utility.
Paper Structure (32 sections, 5 theorems, 11 equations, 8 figures, 10 tables, 3 algorithms)

This paper contains 32 sections, 5 theorems, 11 equations, 8 figures, 10 tables, 3 algorithms.

Table of Contents

  1. Introduction
  2. Related Work
  3. Preliminaries
  4. Differential Privacy
  5. Secure Multi-party Computation
  6. Distributed Differential Privacy
  7. Overview of Sampling Protocols
  8. Semi-honest Sampling Protocols
  9. Poisoning Attacks to Semi-honest Protocols
  10. Malicious Sampling Protocols
  11. Statistical Distances Caused by MPC
  12. Verifying DNG protocol
  13. Benchmark and Parameter Alignment
  14. Benchmark Protocols
  15. Parameter Alignment
  16. ...and 17 more sections

Key Result

Theorem 3.2

Given a function $f$: $\mathbb{F} \rightarrow \mathbb{O}^k$, and a dataset $D \in \mathbb{F}$, the Laplace Mechanism is defined as ${\rm M}_{\mathsf{Lap}}(D, f(\cdot), \epsilon) = f(D) + (L_0, ..., L_{k-1})$, where $L_i$ are i.i.d. random variables sampled from zero-mean Laplace distribution $\maths

Figures (8)

  • Figure 1: The running time of sampling protocols for $n=4096$ discrete Laplace (ODO-Laplace, Ostack-Laplace) and Gaussian (ODO-Gaussian, Ostack-Gaussian) samples under different security parameters $\lambda \in \{64, 128, 256, 512\}$.
  • Figure 2: Overview of sampling protocols’ number of AND gates, running time, communication in Shamir-BMR under different $\lambda \in \{128, 256, 512\}$ and $n \in \{2^4, 2^{6}, 2^8, 2^{10}, 2^{12} \}$.
  • Figure 3: Sampling protocols' trade-off between efficiency and security, measured by security parameter $\lambda$ and AND gates.
  • Figure 4: Sampling protocols' trade-off between efficiency and security, measured by security parameter $\lambda$ and random bits.
  • Figure 5: Comparison of sampling protocols’ number of AND gates + random bits under different $\epsilon$ and $\lambda$.
  • ...and 3 more figures

Theorems & Definitions (10)

  • Definition 1.1: Distributed Differential Privacy
  • Definition 3.1: Differential Privacy dwork2006calibrating
  • Theorem 3.2: Laplace Mechanism dwork2014algorithmic
  • Theorem 3.3: Gaussian Mechanism dwork2014algorithmic
  • Theorem 3.4: Discrete Laplace Mechanism
  • Theorem 3.5: Discrete Gaussian Mechanism
  • Definition 3.6: Distributed Differential Privacy eigner2014differentially
  • Definition 5.1: Two-sample KS test berger2014kolmogorov
  • Definition 6.1: Statistical Distance
  • Theorem 6.2