Differential Privacy on Finite Computers

Balcer, Victor; Vadhan, Salil

doi:10.29012/jpc.679

Cited by 31 publications

(40 citation statements)

References 21 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In the literature, some contributions are made in providing the noise mechanisms for discrete queries such as geometric distribution [5], [15] or a quantized Gaussian distribution, as proposed in [11]. First, we find the ( , δ)− differential privacy trade offs for the addition methodologies based on these mechanisms and compare them to highlight the effect of clamping.…”

Section: Numerical Resultsmentioning

confidence: 99%

Optimum Noise Mechanism for Differentially Private Queries in Discrete Finite Sets

Kadam¹,

Scaglione²,

Ravi³

et al. 2021

Preprint

View full text Add to dashboard Cite

In this paper, we provide an optimal additive noise mechanism for database queries with discrete answers on a finite support. The noise provides the minimum error rate for a given ( , δ) pair. Popular schemes apply random additive noise with infinite support and then clamp the resulting query response to the desired range. Clamping, unfortunately, compromises the privacy guarantees. Using modulo addition, rather than clamping, we show that, for any ( , δ) pair, the optimum additive noise distribution can be obtained by solving a mixed integer linear program (MILP). Having introduced our optimal noise design formulation, we derive closed form solutions for the optimal noise probability mass function (PMF) and the probability of error for two special cases. In our performance studies, we show that the proposed optimal mechanism outperforms state of the art for a given probability of error and for any budget > 0.

show abstract

Section: Numerical Resultsmentioning

confidence: 99%

Optimum Noise Mechanism for Differentially Private Queries in Discrete Finite Sets

Kadam¹,

Scaglione²,

Ravi³

et al. 2021

Preprint

View full text Add to dashboard Cite

show abstract

“…The probability P (∆ = δ) can be interpreted as the probability of adding discrete noise δ to the result of the query function f . The Geometric mechanism is a discretized version of the Laplace mechanism [57]. 4) Exponential mechanism [58]: is most suited when we have to select a noisy (i.e., random) response from the set of all possible outputs, instead of adding a noise to the result of the query function [53].…”

Section: Probability Distributions Satisfying Dp (ϵ-Dp or (ϵ δ)-Dp)mentioning

confidence: 99%

Differential Privacy for Deep and Federated Learning: A Survey

2022

View full text Add to dashboard Cite

Users' privacy is vulnerable at all stages of the deep learning process. Sensitive information of users may be disclosed during data collection, or during training, or even after releasing the trained learning model. Differential privacy (DP) is one of the main approaches proven to ensure strong privacy protection in data analysis. DP protects the users' privacy by adding noise to the original dataset or the learning parameters. Thus, an attacker could not retrieve the sensitive information of an individual involved in the training dataset. In this survey paper, we analyze and present the main ideas based on DP to guarantee users' privacy in deep and federated learning. In addition, we illustrate all types of probability distributions that satisfy the DP mechanism, with their properties and use cases. Furthermore, we bridge the gap in the literature by providing a comprehensive overview of the different variants of DP, highlighting their advantages and limitations. Our study reveals the gap between theory and application, accuracy, and robustness of DP. Finally, we provide several open problems and future research directions.

show abstract

“…Balcer and Vadhan [3] recently showed a statistical price of privacy-preserving release of the top-k counts in a histogram. They proved an analogous O(log 2 (d/k)) penalty for point queries under ǫ-DP (and also results for approximate DP).…”

Section: Lower Boundsmentioning

confidence: 99%

“…Thus, given a set Q of counting queries, for each q ∈ Q, the data collector computes a noisy answer a q by adding noise with distribution F q to the true answer and then must postprocess them to create microdata. 3 We assume the data collector chooses the noise distributions to achieve their desired privacy definition (e.g., ǫ-DP, ρ-zCDP).…”

Section: Algorithmsmentioning

confidence: 99%

An Uncertainty Principle is a Price of Privacy-Preserving Microdata

Abowd¹,

Ashmead²,

Cumings-Menon³

et al. 2021

Preprint

View full text Add to dashboard Cite

Privacy-protected microdata are often the desired output of a differentially private algorithm since microdata is familiar and convenient for downstream users. However, there is a statistical price for this kind of convenience. We show that an uncertainty principle governs the trade-off between accuracy for a population of interest ("sum query") vs. accuracy for its component sub-populations ("point queries"). Compared to differentially private query answering systems that are not required to produce microdata, accuracy can degrade by a logarithmic factor. For example, in the case of pure differential privacy, without the microdata requirement, one can provide noisy answers to the sum query and all point queries while guaranteeing that each answer has squared error O(1/ǫ 2 ). With the microdata requirement, one must choose between allowing an additional log 2 (d) factor (d is the number of point queries) for some point queries or allowing an extra O(d 2 ) factor for the sum query. We present lower bounds for pure, approximate, and concentrated differential privacy. We propose mitigation strategies and create a collection of benchmark datasets that can be used for public study of this problem.

show abstract

Differential Privacy on Finite Computers

Cited by 31 publications

References 21 publications

Optimum Noise Mechanism for Differentially Private Queries in Discrete Finite Sets

Optimum Noise Mechanism for Differentially Private Queries in Discrete Finite Sets

Differential Privacy for Deep and Federated Learning: A Survey

An Uncertainty Principle is a Price of Privacy-Preserving Microdata

Contact Info

Product

Resources

About