1 / 35

Approximate Privacy: Foundations and Quantification

Approximate Privacy: Foundations and Quantification. Joan Feigenbaum http://www.cs.yale.edu/homes/jf Northwest Univ.; May 20, 2009 Joint work with A. D. Jaggard and M. Schapira. Starting Point: Agents’ Privacy in MD.

clinton-carlson
Download Presentation

Approximate Privacy: Foundations and Quantification

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Approximate Privacy:Foundations and Quantification Joan Feigenbaum http://www.cs.yale.edu/homes/jf Northwest Univ.; May 20, 2009 Joint work with A. D. Jaggard and M. Schapira

  2. Starting Point: Agents’ Privacy in MD • Traditional goal of mechanism design: Incent agents to reveal private information that is needed to compute optimal results. • Complementary, newly important goal: Enable agents not to reveal private information that is not needed to compute optimal results. • Example (Naor-Pinkas-Sumner, EC ’99): It’s undesirable for the auctioneer to learn the winning bid in a 2nd–price Vickrey auction.

  3. Privacy is Important! • Sensitive Information: Information that can harm data subjects, data owners, or data users if it is mishandled • There’s a lot more of it than there used to be! • Increased use of computers and networks • Increased processing power and algorithmic knowledge • Decreased storage costs • “Mishandling” can be very harmful. • ID theft • Loss of employment or insurance • “You already have zero privacy. Get over it.” (Scott McNealy, 1999)

  4. . . . xn-1 x3 xn x2 x1 Private, MultipartyFunction Evaluation y = F (x1, …, xn) • Each i learns y. • No i can learn anything about xj • (except what he can infer from xiand y ). • Very general positive results.

  5. Drawbacks of PMFE Protocols • Information-theoretically private MFE: Requires that a substantial fraction of the agents be obedient rather than strategic. • Cryptographically private MFE: Requires (plausible but) currently unprovable complexity-theoretic assumptions and (usually) heavy communication overhead. • Brandt and Sandholm (TISSEC ’08): Which auctions of interest are unconditionally privately computable?

  6. Minimum Knowledge Requirements for 2nd–Price Auction 0 1 2 3 bidder 2 0 1 2 3 2, 0 1, 0 winner price bidder 1 2, 1 1, 1 2, 2 1, 2 RI (2, 0) 1, 3 Perfect Privacy Auctioneer learns only which region corresponds to the bids. ≈

  7. Outline • Background • Two-party communication (Yao) • “Tiling” characterization of privately computable functions (Chor + Kushilevitz) • Privacy Approximation Ratios (PARs) • Bisection auction protocol: exponential gap between worst-case and average-case PARs • Summary of Our Results • Open Problems

  8. Two-party Communication Model f: {0, 1}k x {0, 1}k {0, 1}t x1 Party 1 Party 2 x2 q1 qj{0, 1} is a function of (q1, …, qj-1) and one player’s private input. q2 ••• qr-1 qr = f(x1, x2) Δ s(x1, x2) = (q1, …, qr)

  9. Example: Millionaires’ Problem 0 1 2 3 millionaire 2 0 1 2 3 millionaire 1 A(f) f(x1, x2) = 1 if x1 ≥ x2 ; else f(x1, x2) = 2

  10. Bisection Protocol In each round, a player “bisects” an interval. 0 1 2 3 0 1 2 3 Example: f(2, 3)

  11. Monochromatic Tilings • A region of A(f) is any subset of entries (not necessarily a submatrix). A partition of A(f) is a set of disjoint regions whose union is A(f). • Monochromatic regions and partitions • A rectangle in A(f) is a submatrix. A tiling is a partition into rectangles. • Tiling T1(f) is a refinement of partition PT2(f) if every rectangle in T1(f) is contained in some region in PT2(f).

  12. A Protocol “Zeros in on” a Monochromatic Rectangle Let A(f) = R x C While R x C is not monochromatic • Party i sends bit q. • If i = 1, q indicates whether x1 is in R1 or R2, where R = R1⊔ R2. If x1 Rk, both parties set R  Rk. • If i = 2, q indicates whether x2 is in C1 or C2, where C = C1⊔ C2. If x2 Ck, both parties set C  Ck. One party sends the value of f in R x C.

  13. Example: Ascending-Auction Tiling bidder 2 0 1 2 3 0 1 2 3 bidder 1 Same execution for f(1, 1), f(2, 1), and f(3, 1)

  14. Perfectly Private Protocols • Protocol P for f is perfectly private with respect to party 1 if f(x1, x2) = f(x’1, x2) s(x1, x2) = s(x’1, x2) • Similarly, perfectly private wrt party 2 • P achieves perfect subjective privacy if it is perfectly private wrt both parties. • P achieves perfect objective privacy if f(x1, x2) = f(x’1, x’2) s(x1, x2) = s(x’1, x’2)

  15. Ideal Monochromatic Partitions • The ideal monochromatic partition of A(f) consists of the maximal monochromatic regions. • Note that this partition is unique. • Protocol P for f is perfectly privacy-preserving iff the tiling induced by P is the ideal monochromatic partition of A(f).

  16. Privacy and Communication Complexity[Kushilevitz (SJDM ’92)] • f is perfectly privately computable if and only if A(f) has no forbidden submatrix. • Note that the Millionaires’ Problem is not perfectly privately computable. • If 1 ≤ r(k) ≤ 2(2k-1), there is an f that is perfectly privately computable in r(k) rounds but not r(k)-1 rounds. X2X’2 x1 f(x1, x2) = f(x’1, x2) = f(x’1, x’2) = a, but f(x1, x’2) ≠ a x’1

  17. Perfect Privacy for 2nd–Price Auction[Brandt and Sandholm (TISSEC ’08)] • The ascending-price, English-auction protocol is perfectly private. • It is essentially the only perfectly privateprotocol for 2nd–price auctions. • Note the exponential communication cost of perfect privacy.

  18. Objective PAR (1) • Worst-case objective privacy-approximation ratio of protocol P for function f: • Worst-case PAR of f is the minimum, over all P for f, of worst-case PAR of P. |R (x1, x2)| |R (x1, x2)| I MAX (x1, x2) P

  19. Objective PAR (2) • Average-case objective privacy-approximation ratio of P for f with respect to distribution D on {0, 1}k x {0,1}k : • Average-case PAR of f is the minimum, over all P for f, of average-case PAR of P. [ ] |R (x1, x2)| |R (x1, x2)| I ED P

  20. Subjective PARs (1) • The 1-partition of region R in matrix A(f): { Rx1 = {x1} x {x2 s.t. (x1, x2)  R} } (similarly, 2-partition) • The i-induced tiling of protocol P for f is obtained by i-partitioning each rectangle in the tiling induced by P. • The i-ideal monochromatic partition of A(f) is obtained by i-partitioning each region in the ideal monochromatic partition of A(f).

  21. Example: 1-Ideal Monochromatic Partition for 2nd–Price Auction 0 1 2 3 I I I R1 (0, 1) = R1 (0, 2) = R1 (0, 3) 0 1 2 3 I I R1 (1, 2) = R1 (1, 3) I |R1 (x1,x2)| = 1 for all other (x1,x2) P (Ri defined analogously for protocol P)

  22. Subjective PARs (2) • Worst-case PAR of protocol P for f wrt i: • Worst-case subjective PAR of P for f: maximize over i  {1, 2} • Worst-case subjective PAR of f: minimize over P • Average-case subjective PAR with respect to distribution D: use ED instead of MAX |Ri (x1, x2)| |Ri (x1, x2)| MAX (x1, x2) I P

  23. Bisection Auction Protocol (BAP)[Grigorieva, Herings, Muller, & Vermeulen (ORL’06)] • Bisection protocol on [0,2k-1] to find an interval [L,H] that contains lower bid but not higher bid. • Bisection protocol on [L,H] to find lower bid p. • Sell the item to higher bidder for price p.

  24. Bisection Auction Protocol bidder 2 0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7 bidder 1 A(f) Example: f(7, 4)

  25. Objective PARs for BAP(k) • Theorem: Average-case objective PAR of BAP(k) with respect to the uniform distribution is+1. • Observation: Worst-case objective PAR of BAP(k) is at least 2 . k 2 k/2

  26. Proof (1) 0 2k-1 2k-1 • ak= number of rectangles in induced tiling for BAP(k). • a0=1, ak = 2ak-1+2k ak = (k+1)2k 0 Δ 2k-1 2k-1 The monochromatic tiling induced by the Bisection Auction Protocol for k=4

  27. Proof (2) Δ • R = {R1,…,Ra } is the set of rectangles in the BAP(k) tiling • RI = rectangle in the ideal partition that contains Rs • js= 2k - |RI| • bk=SR js k Δ s Δ s Δ s

  28. Proof (3) |RI(x1,x2)| (+) 1 PAR = S = S = S 22k |RBAP(k)(x1,x2)| (x1,x2) . |RI| 1 1 s |Rs| |RI| 22k 22k |Rs| s Rs Rs number of (x1,x2)’s in Rs contribution to (+) of one (x1,x2) in Rs

  29. Proof (4) 0 2k-1 2k-1 • bk = bk-1+(bk-1+ak-12k-1) + ( S i ) + ( S i ) • b0=0, bk=2bk-1+(k+1)22(k-1) bk = k22k-1 0 2k-1-1 2k-1 2k-1 i=0 i=1 2k-1 The monochromatic tiling induced by the Bisection Auction Protocol for k=4

  30. Proof (5) S= S (2k-js) = (ak2k-bk) = ( (k+1)22k- k22k-1 ) = k+1- = + 1 1 1 |RI| 22k s 22k 1 22k 1 22k k 2 k 2 QED

  31. Bounded Bisection Auction Protocol (BBAP) • Parametrized by g: N -> N • Do at most g(k) bisection steps. • If the winner is still unknown, run the ascending English auction protocol on the remaining interval. • Ascending auction protocol: BBAP(0)Bisection auction protocol: BBAP(k)

  32. Average-Case Objective PAR • Theorem: For positive g(k), the average-case objective PAR of BBAP(g(k)) with respect to the uniform distribution satisfies 3g(k)+6 ≥ PAR ≥ g(k) + 1 (for g(k)=0, this PAR is exactly 1) • Observation: BBAP(g(k)) has communication complexity Q(k + 2k-g(k)). 8 4

  33. Average-Case Objective PARs for 2nd-price Auction Protocols 4 2k+1 8 2 16 2 +1 2 (3*2k) 3

  34. Average-Case PARs for the Millionaires Problem 1 2 k 1 +1 2 2

  35. Open Problems • Upper bounds on non-uniform average-case PARs • Lower bounds on average-case PARs • PARs of other functions • Extension to n-party case • Relationship between PARs and h-privacy [Bar-Yehuda, Chor, Kushilevitz, and Orlitsky (IEEE-IT ’93)]

More Related