Certifying Private Probabilistic Mechanisms

Download Presenatation
Certifying Private Probabilistic Mechanisms
Slide Note
Embed
Share

Cryptography research paper on certifying private probabilistic mechanisms and differential privacy, addressing issues and the need for certification in practice. Insights on a cryptographic paradigm for regulatory compliance.

  • Cryptography
  • Differential Privacy
  • Probabilistic Mechanisms
  • Data Analysis
  • Regulatory Compliance
fitz_lly
fitz_lly Follow

Uploaded on Feb 24, 2025 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

Download Presentation

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

E N D

Presentation Transcript

  1. Certifying Private Probabilistic Mechanisms Presented by Zo Ruha Bell, Crypto 2024 Paper with Shafi Goldwasser, Michael P. Kim, & Jean-Luc Watson Find at https://eprint.iacr.org/2024/938

  2. Today: Differential Privacy 2

  3. What is Differential Privacy? Motivation: allow external analysis of sensitive databases (DBs) Query function ? DB Curator Analyst ?={x1,x2, } Probabilistic mechanism Mf(D) 3

  4. What is Differential Privacy? Motivation: allow external analysis of sensitive databases (DBs) Ex.: how many residents of Census block 9821 have income $200k? Query function ? DB Curator Analyst ?={x1,x2, } Probabilistic mechanism Mf(D) 4

  5. What is Differential Privacy? Motivation: allow external analysis of sensitive databases (DBs) Differential Privacy (DP): can t tell if an individual is "in" the DB vs "excluded" from the DB Query function ? DB Curator Analyst ?={x1,x2, } Probabilistic mechanism Mf(D) 5

  6. What is Differential Privacy? Motivation: allow external analysis of sensitive databases (DBs) Differential Privacy (DP): can t tell if an individual is "in" the DB vs "excluded" from the DB Definition: a mechanism Mfis (?,?)-DP if DB D, individuals x, outputs Y Pr [ Mf(D) Y ] e? Pr [ Mf(D\{x}) Y ] + ? and Pr [ Mf(D\{x}) Y ] e? Pr [ Mf(D) Y ] + ? 6

  7. Differential Privacy in Practice Issues: Incorrect implementations/bugs [CDEGH+ 2024] Low transparency [TKBWW 2017] Conclusion: we need to certify 7

  8. Cryptographic Paradigm for Regulatory Compliance Institutions prove to auditors (in a formal mathematical sense) that they are utilizing mechanisms for trustworthiness (expressed as mathematical definitions) at design-time. (catching misbehavior as it occurs, not after-the-fact) 8

  9. Trust Models for DP Centralized DP Local/MPC DP Certified DP Trusted Curator Curator has DB 9

  10. Outline Security Definitions Construction Implementation 10

  11. Certified Differential Privacy Function f Curator/ Prover D={x1, } Analyst/ Auditor/ Verifier Answer Q Correctness: The release of an honest Curator queried by an honest Analyst is (?, ?)-DP Dishonest-Curator DP: Whenever a Curator degrades DP, an honest Analyst proportionally catches them & raises a failure flag , i.e. the release is (?, ?+O(Pr[ ]))-DP Dishonest-Analyst DP: Every release of an honest Curator is (?, ?)-DP 11

  12. Certified Probabilistic Mechanism Query q Prover Verifier ? ? Probabilistic mechanism Mq: input parameters ? ? random Output Output Correctness: For honest P and honest V, Output ~ Mq(? ?) Cheating-Prover Soundness: When P deviates significantly from Mq(? ?), honest V detects, so Pr[Output = ] TV(Output, Mq(? ?)) Cheating-Verifier Soundness: Even if deviates, Output ~ Mq(? ?) conditioned on Output (hiding P s input ? ? & internal randomness) 12

  13. Certified Probabilistic Mechanism Query q Prover Verifier ? ? Probabilistic mechanism Mq: input parameters ? ? random Output Output Cheating-Prover Soundness: Cheating-Verifier Soundness: Correctness: intended distribution Pr[ ] TV(actual, intended) intended when

  14. What is Needed for Hiding Generic techniques can add Zero Knowledge (ZK) For DP, witness indistinguishability (WI) suffices: for a given Output, ViewD( ) = ViewD ( ) Prover D={x1, } Prover D ={x1 , } Verifier Verifier Output Output 14

  15. What is a Random Variable Commitment Scheme? Idea: commit to random variable Z ~ distribution ? Ex: draw a permutation of a card deck uniformly at random to play blackjack Dealer & Player shuffle the deck together Binding: Dealer can open the resulting commitment ? to a single value Hiding: Player does not know which value ? is a commitment to Distributional Soundness: Dealer & Player are both convinced that ? is to a value Z ~ ?

  16. Certified Additive Noise Mechanisms For Z ~ ?, a distribution independent of f and D, let Mf(D) = f(D) + Z Setup: 1. Commit(D) 2. Commit(Z) a RV Commitment Query f: 1. Commit(D) Commit(f(D)) 2. Commit(f(D)) Commit(Z) = Commit(Mf(D)) Mf(D) f(D) Z 16

  17. Protocol to Generate a Random Bit Commitment Verifier Prover 17

  18. Public Certifiability from Public Randomness Verifier Prover Our Random Variable Bit Commitments turn such trustworthy public random bits into trustworthy private random bits 18

  19. Instantiation of Certified Counting Queries Counting queries for arbitrary predicate f: {0,1}d {0,1} f(D) = x Df(x) Binomial mechanism Bf(D) = f(D) + Binomial(N, ) - N/2 for N = 8 log(2/ ) / 2 8 (log2(|D|) + 1) Only using a lightweight cryptographic primitive (Pedersen commitments) 19

  20. Querying Income on the Census PUMS Dataset DB of n = 7,000 individuals, dimension d = 37 (age, sex, edu, income) Privacy budget = 1 Query: How many individuals have income over $262,144? Query degree k = 6, sparsity s = 63 Commitment time = 136 s + randomness generation time = 494 ms Querying time = 1.9 ms 20

  21. Complexity Analysis # rounds of interaction # expensive operations Commitment Phase 3* n |M| n 2d Random Bit Generation 3 16 per bit** Querying Phase 1 4 sf * Can be made non-interactive with standard techniques ** N = 8 log(2/ ) / 2total bits 21

  22. 22

  23. Summary of Contributions Introduce DP trust setting: certified DP Define cryptographic guarantee: certified probabilistic mechanisms Define primitive: random variable commitments Provide construction for additive noise mechanisms Provide trustworthy private random bits from public random bits Instantiate for counting queries with Binomial noise Implement & evaluate this protocol 23

  24. Future Directions Certifying differentially private machine learning (DP-ML) Certifying data deletion from machine learning models (MUL) Certifying fairness Other probabilistic mechanisms? 24

  25. Questions? 25

Related


Evolution of Robot Localization: From Deterministic to Probabilistic Approaches

Evolution of Robot Localization: From Deterministic to Probabilistic Approaches

eren
Probabilistic Approach for Solving Burnup Problems in Nuclear Transmutations

Probabilistic Approach for Solving Burnup Problems in Nuclear Transmutations

tristan
Private Security Training: Law, Regulations, and Civil Liability

Private Security Training: Law, Regulations, and Civil Liability

plum
Everything You Need to Know About Hiring a Private Chef

Everything You Need to Know About Hiring a Private Chef

Kelvin1
Canvassing and Certifying an Election Process Steps

Canvassing and Certifying an Election Process Steps

betsy
Different Types of Companies in Business

Different Types of Companies in Business

lilly
Private School Children with Disabilities - U.S. Department of Education Updates

Private School Children with Disabilities - U.S. Department of Education Updates

neve
The Case for Private Credit Investments in the Global Market

The Case for Private Credit Investments in the Global Market

kinsley
Private Placement of Securities: Overview and Methods to Raise Capital

Private Placement of Securities: Overview and Methods to Raise Capital

jericho
Geospatial Private Sector in Africa: Opportunities and Challenges

Geospatial Private Sector in Africa: Opportunities and Challenges

anan206
Probabilistic Pursuit on Grid: Convergence and Shortest Paths Analysis

Probabilistic Pursuit on Grid: Convergence and Shortest Paths Analysis

eurie
Public and Private Spaces and Behaviors

Public and Private Spaces and Behaviors

rayd_76
Private Foundations: Advantages, Benefits, and Collaborations

Private Foundations: Advantages, Benefits, and Collaborations

emmaka
Introduction to Probabilistic Reasoning and Machine Learning in CS440

Introduction to Probabilistic Reasoning and Machine Learning in CS440

liv_gar
Probabilistic Information Retrieval: Okapi BM25 Model

Probabilistic Information Retrieval: Okapi BM25 Model

sabo_hid
Enhancing Public-Private Dialogue for Development in Africa

Enhancing Public-Private Dialogue for Development in Africa

sora262
Equitable Services to Private Schools: Shared Responsibility and Requirements

Equitable Services to Private Schools: Shared Responsibility and Requirements

noak
Private Equity Fundamentals for Long-Term Value Creation

Private Equity Fundamentals for Long-Term Value Creation

niom_8
Legitimacy and Public-Private Partnerships in Cybercrime Enforcement

Legitimacy and Public-Private Partnerships in Cybercrime Enforcement

scranton_c
Probabilistic Graphical Models in Real-world Applications

Probabilistic Graphical Models in Real-world Applications

main_nd
Benefits of Probabilistic Static Analysis for Improving Program Analysis

Benefits of Probabilistic Static Analysis for Improving Program Analysis

elizahdo
Benchmarking Study of Probabilistic Fracture Mechanics Codes for Piping

Benchmarking Study of Probabilistic Fracture Mechanics Codes for Piping

jos_o

More Related Content