ABSTRACT
Differential privacy (DP) is currently the de-facto standard for achieving privacy in data analysis, which is typically implemented either in the "central" or "local" model. The local model has been more popular for commercial deployments as it does not require a trusted data collector. This increased privacy, however, comes at the cost of utility and algorithmic expressibility as compared to the central model. In this work, we propose, Cryptε, a system and programming framework that (1) achieves the accuracy guarantees and algorithmic expressibility of the central model (2) without any trusted data collector like in the local model. Cryptε achieves the "best of both worlds" by employing two non-colluding untrusted servers that run DP programs on encrypted data from the data owners. In theory, straightforward implementations of DP programs using off-the-shelf secure multi-party computation tools can achieve the above goal. However, in practice, they are beset with many challenges like poor performance and tricky security proofs. To this end, Cryptε allows data analysts to author logical DP programs that are automatically translated to secure protocols that work on encrypted data. These protocols ensure that the untrusted servers learn nothing more than the noisy outputs, thereby guaranteeing DP (for computationally bounded adversaries) for all Cryptε programs. Cryptε supports a rich class of DP programs that can be expressed via a small set of transformation and measurement operators followed by arbitrary post-processing. Further, we propose performance optimizations leveraging the fact that the output is noisy. We demonstrate Cryptε's practical feasibility with extensive empirical evaluations on real world datasets.
Supplemental Material
- Google cloud platform. https://cloud.google.com.Google Scholar
- https://github.com/emp-toolkit.Google Scholar
- https://github.com/encryptogroup/aby.Google Scholar
- https://github.com/kuleuven-cosic/scale-mamba.Google Scholar
- http://www.multipartycomputation.com/mpc-software.Google Scholar
- Full version of the paper, 2019. https://arxiv.org/abs/1902.07756.Google Scholar
- A.Asuncion and D. Newman. Uci machine learning repository, 2010.Google Scholar
- J. M. Abowd and I. M. Schmutte. An economic analysis of privacy protection and statistical accuracy as social choices. American Economic Review, 109(1):171--202, January 2019.Google ScholarCross Ref
- G. Acs, C. Castelluccia, and R. Chen. Differentially private histogram publishing through lossy compression. In 2012 IEEE 12th International Conference on Data Mining, pages 1--10, Dec 2012.Google ScholarDigital Library
- A. Agarwal, M. Herlihy, S. Kamara, and T. Moataz. Encrypted databases for differential privacy, 2018. https://eprint.iacr.org/2018/860.Google Scholar
- E. Aïmeur, G. Brassard, J. M. Fernandez, and F. S. Mani Onana. Alambic: a privacy-preserving recommender system for electronic commerce. International Journal of Information Security, 7(5), Oct 2008.Google ScholarDigital Library
- J. Alwen, J. Katz, Y. Lindell, G. Persiano, a. shelat, and I. Visconti. Collusion-free multiparty computation in the mediated model. In S. Halevi, editor, Advances in Cryptology - CRYPTO 2009, pages 524--540, Berlin, Heidelberg, 2009. Springer Berlin Heidelberg.Google ScholarDigital Library
- M. Barbosa, D. Catalano, and D. Fiore. Labeled homomorphic encryption - scalable and privacy-preserving processing of outsourced data. In ESORICS, 2017.Google Scholar
- R. Bassily and A. Smith. Local, private, efficient protocols for succinct histograms. In Proceedings of the Forty-seventh Annual ACM Symposium on Theory of Computing, STOC '15, pages 127--135, New York, NY, USA, 2015. ACM.Google ScholarDigital Library
- J. Bater, X. He, S. Y. Tendryakova, A. Machanavajjhala, and J. Duggan. Shrinkwrap: Differentially-private query processing in private data federations. CoRR, abs/1810.01816, 2018.Google ScholarDigital Library
- D. Beaver. Precomputing oblivious transfer. In Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology, CRYPTO '95, pages 97--109, Berlin, Heidelberg, 1995. Springer-Verlag.Google ScholarDigital Library
- A. Beimel, K. Nissim, and E. Omri. Distributed private data analysis: Simultaneously solving how and what. In Proceedings of the 28th Annual Conference on Cryptology: Advances in Cryptology, CRYPTO 2008, pages 451--468, Berlin, Heidelberg, 2008. Springer-Verlag.Google ScholarDigital Library
- A. Beimel, K. Nissim, and E. Omri. Distributed private data analysis: On simultaneously solving how and what. CoRR, abs/1103.2626, 2011.Google Scholar
- A. Beimel, K. Nissim, and U. Stemmer. Private learning and sanitization: Pure vs. approximate differential privacy. CoRR, abs/1407.2674, 2014.Google Scholar
- M. Bellare and P. Rogaway. The security of triple encryption and a framework for code-based game-playing proofs. In Advances in Cryptology - EUROCRYPT 2006, pages 409--426, Berlin, Heidelberg, 2006. Springer Berlin Heidelberg.Google ScholarDigital Library
- A. Bittau, U. Erlingsson, P. Maniatis, I. Mironov, A. Raghunathan, D. Lie, M. Rudominer, U. Kode, J. Tinnes, and B. Seefeld. Prochlo: Strong privacy for analytics in the crowd. In Proceedings of the 26th Symposium on Operating Systems Principles, SOSP '17, pages 441--459, New York, NY, USA, 2017. ACM.Google ScholarDigital Library
- M. Blatt, A. Gusev, Y. Polyakov, K. Rohloff, and V. Vaikuntanathan. Optimized homomorphic encryption solution for secure genome-wide association studies. IACR Cryptology ePrint Archive, 2019:223, 2019.Google Scholar
- J. Blocki, A. Blum, A. Datta, and O. Sheffet. The johnson-lindenstrauss transform itself preserves differential privacy. 2012 IEEE 53rd Annual Symposium on Foundations of Computer Science, Oct 2012.Google ScholarDigital Library
- J. W. Bos, W. Castryck, I. Iliashenko, and F. Vercauteren. Privacy-friendly forecasting for the smart grid using homomorphic encryption and the group method of data handling. In M. Joye and A. Nitaj, editors, Progress in Cryptology - AFRICACRYPT 2017, pages 184--201, Cham, 2017. Springer International Publishing.Google ScholarCross Ref
- J. Camenisch and M. Michels. Proving in zero-knowledge that a number is the product of two safe primes. In Proceedings of the 17th International Conference on Theory and Application of Cryptographic Techniques, EUROCRYPT'99, pages 107--122, Berlin, Heidelberg, 1999. Springer-Verlag.Google ScholarDigital Library
- H. Chabanne, A. de Wargny, J. Milgram, C. Morel, and E. Prouff. Privacy-preserving classification on deep neural network. IACR Cryptology ePrint Archive, 2017:35, 2017.Google Scholar
- P. Chaidos and G. Couteau. Efficient designated-verifier non-interactive zero-knowledge proofs of knowledge. IACR Cryptology ePrint Archive, 2017:1029, 2017.Google Scholar
- T.-H. H. Chan, K.-M. Chung, B. M. Maggs, and E. Shi. Foundations of differentially oblivious algorithms. In Proceedings of the Thirtieth Annual ACM-SIAM Symposium on Discrete Algorithms, SODA '19, pages 2448--2467, Philadelphia, PA, USA, 2019. Society for Industrial and Applied Mathematics.Google ScholarDigital Library
- T.-H. H. Chan, E. Shi, and D. Song. Optimal lower bound for differentially private multi-party aggregation. In Proceedings of the 20th Annual European Conference on Algorithms, ESA'12, pages 277--288, Berlin, Heidelberg, 2012. Springer-Verlag.Google ScholarDigital Library
- T. H. H. Chan, E. Shi, and D. Song. Privacy-preserving stream aggregation with fault tolerance. In A. D. Keromytis, editor, Financial Cryptography and Data Security, pages 200--214, Berlin, Heidelberg, 2012. Springer Berlin Heidelberg.Google ScholarCross Ref
- T. Chanyaswad, A. Dytso, H. V. Poor, and P. Mittal. Mvg mechanism: Differential privacy under matrix-valued query. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, CCS '18, pages 230--246, New York, NY, USA, 2018. ACM.Google ScholarDigital Library
- A. Cheu, A. D. Smith, J. Ullman, D. Zeber, and M. Zhilyaev. Distributed differential privacy via mixnets. CoRR, abs/1808.01394, 2018.Google Scholar
- G. Cormode, T. Kulkarni, and D. Srivastava. Marginal release under local differential privacy. In Proceedings of the 2018 International Conference on Management of Data, SIGMOD '18, pages 131--146, New York, NY, USA, 2018. ACM.Google ScholarDigital Library
- G. Cormode, C. Procopiuc, D. Srivastava, E. Shen, and T. Yu. Differentially private spatial decompositions. 2012 IEEE 28th International Conference on Data Engineering, Apr 2012.Google ScholarDigital Library
- W.-Y. Day and N. Li. Differentially private publishing of high-dimensional data using sensitivity control. In Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security, ASIA CCS '15, pages 451--462, New York, NY, USA, 2015. ACM.Google ScholarDigital Library
- D. Demmler, T. Schneider, and M. Zohner. Aby - a framework for efficient mixed-protocol secure two-party computation. In NDSS, 2015.Google ScholarCross Ref
- J. C. Duchi, M. I. Jordan, and M. J. Wainwright. Local privacy and statistical minimax rates. In 2013 IEEE 54th Annual Symposium on Foundations of Computer Science, pages 429--438, Oct 2013.Google ScholarDigital Library
- C. Dwork, K. Kenthapadi, F. McSherry, I. Mironov, and M. Naor. Our data, ourselves: Privacy via distributed noise generation. In Proceedings of the 24th Annual International Conference on The Theory and Applications of Cryptographic Techniques, EUROCRYPT'06, pages 486--503, Berlin, Heidelberg, 2006. Springer-Verlag.Google ScholarDigital Library
- C. Dwork and A. Roth. The algorithmic foundations of differential privacy. Found. Trends Theor. Comput. Sci., 9(3&–4):211--407, Aug. 2014.Google Scholar
- C. Dwork, G. N. Rothblum, and S. Vadhan. Boosting and differential privacy. In Proceedings of the 2010 IEEE 51st Annual Symposium on Foundations of Computer Science, FOCS '10, pages 51--60, Washington, DC, USA, 2010. IEEE Computer Society.Google ScholarDigital Library
- H. Ebadi and D. Sands. Featherweight pinq, 2015.Google Scholar
- Ú. Erlingsson, V. Feldman, I. Mironov, A. Raghunathan, K. Talwar, and A. Thakurta. Amplification by shuffling: From local to central differential privacy via anonymity. CoRR, abs/1811.12469, 2018.Google Scholar
- Ú. Erlingsson, V. Pihur, and A. Korolova. Rappor: Randomized aggregatable privacy-preserving ordinal response. In CCS, 2014.Google Scholar
- A. Evfimievski, J. Gehrke, and R. Srikant. Limiting privacy breaches in privacy preserving data mining. In Proceedings of the Twenty-second ACM SIGMOD-SIGACT-SIGART Symposium on Principles of Database Systems, PODS '03, pages 211--222, New York, NY, USA, 2003. ACM.Google ScholarDigital Library
- G. Fanti, V. Pihur, and Úlfar Erlingsson. Building a rappor with the unknown: Privacy-preserving learning of associations and data dictionaries, 2015.Google Scholar
- A. Gascón, P. Schoppmann, B. Balle, M. Raykova, J. Doerner, S. Zahur, and D. Evans. Secure linear regression on vertically partitioned datasets. IACR Cryptology ePrint Archive, 2016:892, 2016.Google Scholar
- A. Gascón, P. Schoppmann, B. Balle, M. Raykova, J. Doerner, S. Zahur, and D. Evans. Privacy-preserving distributed linear regression on high-dimensional data. PoPETs, 2017:345--364, 2017.Google ScholarCross Ref
- C. Ge, X. He, I. F. Ilyas, and A. Machanavajjhala. Apex: Accuracy-aware differentially private data exploration. In Proceedings of the 2019 International Conference on Management of Data, SIGMOD '19, pages 177--194, New York, NY, USA, 2019. ACM.Google ScholarDigital Library
- I. Giacomelli, S. Jha, M. Joye, C. D. Page, and K. Yoon. Privacy-preserving ridge regression with only linearly-homomorphic encryption. In B. Preneel and F. Vercauteren, editors, Applied Cryptography and Network Security, pages 243--261, Cham, 2018. Springer International Publishing.Google ScholarDigital Library
- I. Giacomelli, S. Jha, R. Kleiman, D. Page, and K. Yoon. Privacy-preserving collaborative prediction using random forests, 2018.Google Scholar
- R. Gilad-Bachrach, N. Dowlin, K. Laine, K. E. Lauter, M. Naehrig, and J. R. Wernsing. Cryptonets: Applying neural networks to encrypted data with high throughput and accuracy. In ICML, 2016.Google Scholar
- A. Greenberg. Apple's `differential privacy' is about collecting your data--but not your data. Wired, Jun 13 2016.Google Scholar
- A. Groce, P. Rindal, and M. Rosulek. Cheaper private set intersection via differentially private leakage. Cryptology ePrint Archive, Report 2019/239, 2019. https://eprint.iacr.org/2019/239.Google Scholar
- J. Groth and A. Sahai. Efficient non-interactive proof systems for bilinear groups. Cryptology ePrint Archive, Report 2007/155, 2007. https://eprint.iacr.org/2007/155.Google Scholar
- M. Hardt, K. Ligett, and F. McSherry. A simple and practical algorithm for differentially private data release. In Proceedings of the 25th International Conference on Neural Information Processing Systems - Volume 2, NIPS'12, pages 2339--2347, USA, 2012. Curran Associates Inc.Google ScholarDigital Library
- M. Hardt and G. N. Rothblum. A multiplicative weights mechanism for privacy-preserving data analysis. In 2010 IEEE 51st Annual Symposium on Foundations of Computer Science, pages 61--70, Oct 2010.Google ScholarDigital Library
- M. Hay, A. Machanavajjhala, G. Miklau, Y. Chen, and D. Zhang. Principled evaluation of differentially private algorithms using dpbench. In Proceedings of the 2016 International Conference on Management of Data, SIGMOD '16, pages 139--154, New York, NY, USA, 2016. ACM.Google ScholarDigital Library
- M. Hay, V. Rastogi, G. Miklau, and D. Suciu. Boosting the accuracy of differentially private histograms through consistency. Proc. VLDB Endow., 3(1--2):1021--1032, Sept. 2010.Google ScholarDigital Library
- M. Hay, V. Rastogi, G. Miklau, and D. Suciu. Boosting the accuracy of differentially private histograms through consistency. Proceedings of the VLDB Endowment, 3(1--2):1021--1032, Sep 2010.Google ScholarDigital Library
- X. He, A. Machanavajjhala, C. Flynn, and D. Srivastava. Composing differential privacy and secure computation: A case study on scaling private record linkage. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, CCS '17, pages 1389--1406, New York, NY, USA, 2017. ACM.Google ScholarDigital Library
- E. Hesamifard, H. Takabi, and M. Ghasemi. Cryptodl: Deep neural networks over encrypted data, 2017.Google Scholar
- J. Hsu, M. Gaboardi, A. Haeberlen, S. Khanna, A. Narayan, B. C. Pierce, and A. Roth. Differential privacy: An economic method for choosing epsilon. 2014 IEEE 27th Computer Security Foundations Symposium, pages 398--410, 2014.Google ScholarDigital Library
- N. M. Johnson, J. P. Near, and D. X. Song. Practical differential privacy for SQL queries using elastic sensitivity. CoRR, abs/1706.09479, 2017.Google Scholar
- S. Kamara, P. Mohassel, and M. Raykova. Outsourcing multi-party computation. Cryptology ePrint Archive, Report 2011/272, 2011. https://eprint.iacr.org/2011/272.Google Scholar
- S. P. Kasiviswanathan, H. K. Lee, K. Nissim, S. Raskhodnikova, and A. Smith. What can we learn privately? In 2008 49th Annual IEEE Symposium on Foundations of Computer Science, pages 531--540, Oct 2008.Google ScholarDigital Library
- J. Katz and Y. Lindell. Introduction to Modern Cryptography, Second Edition. Chapman & Hall/CRC, 2nd edition, 2014.Google ScholarCross Ref
- M. Kearns. Efficient noise-tolerant learning from statistical queries. J. ACM, 45(6):983--1006, Nov. 1998.Google ScholarDigital Library
- S. Kim, J. Kim, D. Koo, Y. Kim, H. Yoon, and J. Shin. Efficient privacy-preserving matrix factorization via fully homomorphic encryption: Extended abstract. In Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security, ASIA CCS '16, pages 617--628, New York, NY, USA, 2016. ACM.Google ScholarDigital Library
- I. Kotsogiannis, Y. Tao, X. He, M. Fanaeepour, A. Machanavajjhala, M. Hay, and G. Miklau. Privatesql: A differentially private sql query engine. Proc. VLDB Endow., 12(11):1371--1384, July 2019.Google ScholarDigital Library
- J. Lee and C. Clifton. How much is enough? choosing ε for differential privacy. In Proceedings of the 14th International Conference on Information Security, ISC'11, pages 325--340, Berlin, Heidelberg, 2011. Springer-Verlag.Google ScholarDigital Library
- C. Li, M. Hay, G. Miklau, and Y. Wang. A data- and workload-aware algorithm for range queries under differential privacy. Proceedings of the VLDB Endowment, 7(5):341--352, Jan 2014.Google ScholarDigital Library
- C. Li, M. Hay, V. Rastogi, G. Miklau, and A. McGregor. Optimizing linear counting queries under differential privacy. In Proceedings of the Twenty-ninth ACM SIGMOD-SIGACT-SIGART Symposium on Principles of Database Systems, PODS '10, pages 123--134, New York, NY, USA, 2010. ACM.Google ScholarDigital Library
- N. Li, M. Lyu, D. Su, and W. Yang. Differential Privacy: From Theory to Practice. Morgan and Claypool, 2016.Google ScholarCross Ref
- Y. Lindell and B. Pinkas. A proof of security of yao’s protocol for two-party computation. J. Cryptol., 22(2):161--188, Apr. 2009.Google ScholarDigital Library
- Y. Lindell and B. Pinkas. A proof of security of yao’s protocol for two-party computation. J. Cryptol., 22(2):161--188, Apr. 2009.Google ScholarDigital Library
- M. Lyu, D. Su, and N. Li. Understanding the sparse vector technique for differential privacy. PVLDB, 10:637--648, 2017.Google ScholarDigital Library
- S. Mazloom and S. D. Gordon. Secure computation with differentially private access patterns. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, CCS '18, pages 490--507, New York, NY, USA, 2018. ACM.Google ScholarDigital Library
- F. D. McSherry. Privacy integrated queries: An extensible platform for privacy-preserving data analysis. In Proceedings of the 2009 ACM SIGMOD International Conference on Management of Data, SIGMOD '09, pages 19--30, New York, NY, USA, 2009. ACM.Google ScholarDigital Library
- I. Mironov. Renyi differential privacy. CoRR, abs/1702.07476, 2017.Google Scholar
- I. Mironov, O. Pandey, O. Reingold, and S. Vadhan. Computational differential privacy. In S. Halevi, editor, Advances in Cryptology - CRYPTO 2009, pages 126--142, Berlin, Heidelberg, 2009. Springer Berlin Heidelberg.Google ScholarDigital Library
- P. Mohassel and Y. Zhang. Secureml: A system for scalable privacy-preserving machine learning. In 2017 IEEE Symposium on Security and Privacy (SP), pages 19--38, May 2017.Google ScholarCross Ref
- A. Narayan and A. Haeberlen. Djoin: Differentially private join queries over distributed databases. In Proceedings of the 10th USENIX Conference on Operating Systems Design and Implementation, OSDI'12, pages 149--162, Berkeley, CA, USA, 2012. USENIX Association.Google Scholar
- T. T. Nguyên, X. Xiao, Y. Yang, S. C. Hui, H. Shin, and J. Shin. Collecting and analyzing data from smart device users with local differential privacy. CoRR, abs/1606.05053, 2016.Google Scholar
- V. Nikolaenko, S. Ioannidis, U. Weinsberg, M. Joye, N. Taft, and D. Boneh. Privacy-preserving matrix factorization. In Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, CCS '13, pages 801--812, New York, NY, USA, 2013. ACM.Google ScholarDigital Library
- V. Nikolaenko, U. Weinsberg, S. Ioannidis, M. Joye, D. Boneh, and N. Taft. Privacy-preserving ridge regression on hundreds of millions of records. In 2013 IEEE Symposium on Security and Privacy, pages 334--348, May 2013.Google ScholarDigital Library
- A. Nikolov, K. Talwar, and L. Zhang. The geometry of differential privacy. Proceedings of the 45th annual ACM symposium on Symposium on theory of computing - STOC '13, 2013.Google ScholarDigital Library
- G. Oded. Foundations of Cryptography: Volume 2, Basic Applications. Cambridge University Press, New York, NY, USA, 1st edition, 2009.Google ScholarDigital Library
- P. Paillier. Public-key cryptosystems based on composite degree residuosity classes. In Proceedings of the 17th International Conference on Theory and Application of Cryptographic Techniques, EUROCRYPT'99, pages 223--238, Berlin, Heidelberg, 1999. Springer-Verlag.Google ScholarDigital Library
- T. P. Pedersen. Non-interactive and information-theoretic secure verifiable secret sharing. In Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology, CRYPTO '91, pages 129--140, London, UK, UK, 1992. Springer-Verlag.Google ScholarDigital Library
- W. Qardaji, W. Yang, and N. Li. Differentially private grids for geospatial data. In 2013 IEEE 29th International Conference on Data Engineering (ICDE), pages 757--768, April 2013.Google ScholarDigital Library
- W. Qardaji, W. Yang, and N. Li. Understanding hierarchical methods for differentially private histograms. Proc. VLDB Endow., 6(14):1954--1965, Sept. 2013.Google ScholarDigital Library
- Z. Qin, Y. Yang, T. Yu, I. Khalil, X. Xiao, and K. Ren. Heavy hitter estimation over set-valued data with local differential privacy. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, CCS '16, pages 192--203, New York, NY, USA, 2016. ACM.Google ScholarDigital Library
- V. Rastogi and S. Nath. Differentially private aggregation of distributed time-series with transformation and encryption. In Proceedings of the 2010 ACM SIGMOD International Conference on Management of Data, SIGMOD '10, pages 735--746, New York, NY, USA, 2010. ACM.Google ScholarDigital Library
- E. Shi, T.-H. Hubert Chan, E. G. Rieffel, R. Chow, and D. Song. Privacy-preserving aggregation of time-series data. volume 2, 01 2011.Google Scholar
- J. Van Bulck, M. Minkin, O. Weisse, D. Genkin, B. Kasikci, F. Piessens, M. Silberstein, T. F. Wenisch, Y. Yarom, and R. Strackx. Foreshadow: Extracting the keys to the intel sgx kingdom with transient out-of-order execution. In Proceedings of the 27th USENIX Conference on Security Symposium, SEC'18, pages 991--1008, Berkeley, CA, USA, 2018. USENIX Association.Google Scholar
- T. Wang, J. Blocki, N. Li, and S. Jha. Locally differentially private protocols for frequency estimation. In Proceedings of the 26th USENIX Conference on Security Symposium, SEC'17, pages 729--745, Berkeley, CA, USA, 2017. USENIX Association.Google ScholarDigital Library
- T. Wang, N. Li, and S. Jha. Locally differentially private heavy hitter identification, 2017.Google Scholar
- T. Wang, N. Li, and S. Jha. Locally differentially private frequent itemset mining. In 2018 IEEE Symposium on Security and Privacy (SP), pages 127--143, May 2018.Google ScholarCross Ref
- X. Wang, S. Ranellucci, and J. Katz. Authenticated garbling and efficient maliciously secure two-party computation. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, CCS '17, pages 21--37, New York, NY, USA, 2017. ACM.Google ScholarDigital Library
- S. L. Warner. "randomized response: A survey technique for eliminating evasive answer bias.". Journal of the American Statistical Association, 60 60, no. 309:63--69, 1965.Google ScholarCross Ref
- X. Xiao, G. Bender, M. Hay, and J. Gehrke. ireduct: Differential privacy with reduced relative errors. In Proceedings of the 2011 ACM SIGMOD International Conference on Management of Data, SIGMOD '11, pages 229--240, New York, NY, USA, 2011. ACM.Google ScholarDigital Library
- X. Xiao, G. Wang, and J. Gehrke. Differential privacy via wavelet transforms. 2010 IEEE 26th International Conference on Data Engineering (ICDE 2010), 2010.Google ScholarCross Ref
- J. Xu, Z. Zhang, X. Xiao, Y. Yang, and G. Yu. Differentially private histogram publication. In 2012 IEEE 28th International Conference on Data Engineering, pages 32--43, April 2012.Google ScholarDigital Library
- A. C. Yao. How to generate and exchange secrets. In 27th Annual Symposium on Foundations of Computer Science (sfcs 1986), pages 162--167, Oct 1986.Google ScholarDigital Library
- G. Yuan, Z. Zhang, M. Winslett, X. Xiao, Y. Yang, and Z. Hao. Low-rank mechanism. Proceedings of the VLDB Endowment, 5(11):1352--1363, Jul 2012.Google ScholarDigital Library
- G. Yuan, Z. Zhang, M. Winslett, X. Xiao, Y. Yang, and Z. Hao. Optimizing batch linear queries under exact and approximate differential privacy. ACM Trans. Database Syst., 40(2):11:1--11:47, June 2015.Google ScholarDigital Library
- D. Zhang, R. McKenna, I. Kotsogiannis, M. Hay, A. Machanavajjhala, and G. Miklau. EKTELO: A framework for defining differentially-private computations. In Proceedings of the 2018 International Conference on Management of Data, SIGMOD Conference 2018, Houston, TX, USA, June 10--15, 2018, pages 115--130, 2018.Google ScholarDigital Library
- X. Zhang, R. Chen, J. Xu, X. Meng, and Y. Xie. Towards accurate histogram publication under differential privacy. In Proceedings of the 2014 SIAM International Conference on Data Mining, pages 587--595.Google Scholar
- Z. Zhang, T. Wang, N. Li, S. He, and J. Chen. Calm: Consistent adaptive local marginal for marginal release under local differential privacy. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, CCS '18, pages 212--229, New York, NY, USA, 2018. ACM.Google ScholarDigital Library
Index Terms
- Cryptϵ: Crypto-Assisted Differential Privacy on Untrusted Servers
Recommendations
Achieving Differential Privacy in Secure Multiparty Data Aggregation Protocols on Star Networks
CODASPY '17: Proceedings of the Seventh ACM on Conference on Data and Application Security and PrivacyWe consider the problem of privacy-preserving data aggregation in a star network topology, i.e., several untrusting participants connected to a single aggregator. We require that the participants do not discover each other's data, and the service ...
A Differentially Private Encryption Scheme
Information SecurityAbstractEncrypting data with a semantically secure cryptosystem guarantees that nothing is learned about the plaintext from the ciphertext. However, querying a database about individuals or requesting for summary statistics can leak information. ...
Privacy-enhanced multi-party deep learning
AbstractIn multi-party deep learning, multiple participants jointly train a deep learning model through a central server to achieve common objectives without sharing their private data. Recently, a significant amount of progress has been made ...
Comments