1 / 62

Private Approximation of Search Problems

Private Approximation of Search Problems. Amos Beimel Paz Carmi Kobbi Nissim Enav Weinreb (Technion). Let’s compute f(x, y)!. x. y. No! You will learn too much information on my input!. x. y. Haven’t you heard of secure function evaluation?. x. y.

durin
Download Presentation

Private Approximation of Search Problems

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Private Approximation of Search Problems Amos Beimel Paz Carmi Kobbi Nissim Enav Weinreb (Technion)

  2. Let’s compute f(x, y)! x y

  3. No! You will learn too much information on my input! x y

  4. Haven’t you heard of secure function evaluation? x y

  5. Sure I’v heard of it...But for f it will be inefficient x y

  6. That’s not a problem! We can approximate f by f* and do SFE on f*! x y

  7. Hmmmm.... I don’t know... x y

  8. What can go wrong? Example: f*(x, y) reveals Bob’s input. f(134, 285) = 64 f*(134, 285) = 64.285 f(847, 121) = 26 f*(847, 121) = 26.121 Hmmm... y

  9. Talk Overview • Background and Previous Work • Definitions for Search Problems • Impossibility Result for Vertex Cover • Algorithms that Leak (Little) Information • Positive Result for MAX-3SAT • Problems in P • Conclusions and Open Problems

  10. Private Approximation [FIMNSW] f* is a private approximation for f: • f* is an approximation of f. • f*(x) gives no more information about x then f(x). Privacy definitions: • f*(x) can be simulated given f(x). • If f(x)=f(x’) then f*(x) and f*(x’) should be indistinguishable.

  11. Positive results [FIMNSW] • Hamming distance: • Private approximation in communication O(√n). • Improved to polylog(n) by [IW] • Permanent: • Private approximation in polynomial time.

  12. PA of NP-Hard Functions [HKKN] Vertex Cover Input: undirected graph G=<E,V>. A set is a vertex cover of G if for every , or . Functional: Return minimum vertex cover size. * We’ll discuss search version later.

  13. G Client-Server Model “Would you tell me the vertex cover size of your graph?” “So, tell me an approximation!” “I would, but it is hard to compute.” “Hmmm…” CLIENT SERVER

  14. Maximal Matching Approximation • Find maximal matching. • Its vertices form a cover. • 2-approximation: solution size is at most 2 times the optimal solution. 1 2 3 4 5 6

  15. G 1 2 1 2 3 3 4 5 4 5 6 6 VC 2 2 4 2 Matching “So, tell me an approximation!” “Hmmm…”

  16. Impossibility results [HKKN] • If NP BPP there is no polynomial private n1-ε-approximation algorithm for vertex cover size. • Impossibility results for other NP-complete functions: • MAX-SAT • Vertex cover in planer graphs.

  17. Talk Overview • Background and Previous Work • Definitions for Search Problems • Impossibility Result for Vertex Cover • Algorithms that Leak (Little) Information • Positive Result for MAX-3SAT • Problems in P • Conclusions and Open Problems

  18. Search problems • Function - one output for every input. • Search - many solutions for one input. Example: vertex cover Return a vertex cover of the graph (a setof vertices). • What is the right definition of privacy? • What pairs of inputs should not be distinguished by the output?

  19. c ≈ Step 1: Privacy w.r.t. a Relation R– Equivalence relation over the inputs A– Probabilistic algorithm A is private with respect toR if: A( ) A( ) x x y y

  20. Step 2: Defining the Relation Let P be a search problem. Let S(x) be the set of solutions to the input x. We say that x ≈Py if x and y have the same set of solutions, that is, S(x)=S(y).

  21. c ≈ 1 1 2 2 3 3 4 4 5 5 6 6 Example – Vertex Cover (Search) • G1 ≈VC G2 if they have the same set of minimum vertex covers. • A is a private approximation algorithm for vertex cover if: • A is an approximation algorithm for vertex cover. • G1 ≈VC G2  A(G1) A(G2) • Can this be done efficiently? ≈VC vertex cover sets: {2,3} and {3,5}

  22. 1 2 1 2 4 3 4 3 Search versus Functional • In non-private computation: • A lower bound for functional implies a lower bound for search. • Private computation: • Functional– equivalent (VC size = 2). • Search– not equivalent ({2,4} is a VC only of the right graph).

  23. Search versus Functional Can we use the lower bounds techniques of [HKKN] for functional vertex cover? No. • [HKKN] relies on having few equivalence classes. • In search - Huge number of equivalence classes.

  24. Talk Overview • Background and Previous Work • Definitions for Search Problems • Impossibility Result for Vertex Cover • Algorithms that Leak (Little) Information • Positive Result for MAX-3SAT • Problems in P • Conclusions and Open Problems

  25. Vertex Cover - Impossibility Result Theorem 1 If P ≠NP there is no deterministic polynomial time n1-ε-approximation algorithm for vertex cover. Proof idea: Given a private-approximation algorithm A, we construct a greedy algorithm that solves vertex cover exactly.

  26. A Taste of the Proof Claim: Let be a graph and . If then both and are non critical for . A vertex is critical for if every minimum vertex cover of contains . The approximation’s answer teaches us about the optimal solution!

  27. is non critical for . Proof of the Claim Let be a graph and . If then both and are non critical for . Privacy

  28. RP NP Vertex Cover - Impossibility Result Theorem 1 If P ≠NP there is no deterministic polynomial time n1-ε-approximation algorithm for vertex cover. randomized

  29. MAX-3SAT • Given a 3CNF formula find an assignment that satisfies a maximum fraction of its clauses. • Best approximation ratio: 7/8. • if and have the same set of maximum satisfying assignments. • Again, no private approximation!

  30. Talk Overview • Background and Previous Work • Definitions for Search Problems • Impossibility Result for Vertex Cover • Algorithms that Leak (Little) Information • Positive Result for MAX-3SAT • Problems in P • Conclusions and Open Problems

  31. Almost-Private Algorithms [HKKN] • Let f be a function. • f* is a private approximation for f that leaks k bits: • f*(x) can be simulated from f(x) and another k bits of advice. Example: There is an efficient 4-approximation of vertex cover size that leaks 1 bit.

  32. c ≈ Almost-Private Algorithms - Search ? A( ) A( ) A( ) A( ) x x y y z z w w

  33. Almost-Private Algorithms is k-private with respect to if there exists such that: • . • Every equivalence class of is a union of at most equivalence classes of . • is private with respect to .

  34. Search versus Functional Can we use the ideas of [HKKN] for functions to get efficient almost private algorithms for search problems? No. [HKKN] use rounding of the result of a non-private approximation. Not clear how to generalize to search problems.

  35. Every equivalence class of is divided into subclasses. and have the same set of maximum satisfying assignments. … Almost Private Approximation for MAX-E3SAT …

  36. Lemma 1 There is a set of assignments such that for every 3SAT formula on n variables there exists an that satisfies of the clauses in . Proof: Construct almost 3-wise [NN, AGHP]independent variables . Number of assignments: .

  37. Proof of Lemma 1(cont.) For every 3 random variables and every 3 Boolean values : Conclusion 1: For each clause : over the choice of . Conclusion 2: For every formula there is an assignment that satisfies of its clauses.

  38. Almost Private Approximation for MAX-3SAT Theorem 2 There exists a -private -approximation algorithm for MAX-3SAT. Proof: We use from Lemma 1. Given a formula return the first that satisfies at least of the clauses in .

  39. Solution-List Paradigm • A short list of solutions. • Every input has a good approximation in the list. • 2k solutions  k-private algorithm

  40. Talk Overview • Background and Previous Work • Definitions for Search Problems • Impossibility Result for Vertex Cover • Algorithms that Leak (Little) Information • Positive Result for MAX-3SAT • Problems in P • Conclusions and Open Problems

  41. Problems in P - Private Computation Let S be a search problem in P. (Example: shortest-path) Recall that x ≈S y if x and y have the same set of solutions. For a private algorithm we require: A(x) ≈c A(y) Is there a private algorithm for every problem in P? No!

  42. Impossibility result for a Problem in P Input: G=<V, E>, C, k Output: If C is a clique of size k in G then output a clique of size k in G. The problem is in P because C is a legal output. A private algorithm implies a non-uniform algorithm for Clique.

  43. Positive Results for Problems in P Any problem S for which we can find: • The lexicographically first solution • x ≈S y implies x and y have the same lex first solution. • A random solution • x ≈S y implies that a random solution distributes identically for x and y. Examples: perfect matching, shortest path, linear algebra, and more...

  44. Discussion – Strength of Definition We said the definition is minimal – good for impossibility results. Is it strong enough for positive results? Can returning the lex first solution be considered private? What is the right sufficient definition? (work in progress...)

  45. Talk Overview • Background and Previous Work • Definitions for Search Problems • Impossibility Result for Vertex Cover • Algorithms that Leak (Little) Information • Positive Result for MAX-3SAT • Problems in P • Conclusions and Open Problems

  46. Further Results • Impossibility result for (any) (log n)-private -approximation algorithm for vertex cover. • Solution-list -approximation algorithm for vertex cover that leaks bits. [BHN07] improved the lower bound to show that the solution-list algorithm is optimal.

  47. Conclusions • Defined private approximation of search problems • Impossibility result for private approximation of vertex cover • Defined k-private approximation algorithms for search problems • Positive result for MAX-3SAT • Private computation of problems in P

  48. Open Problems • More private approximation algorithms. • Design algorithms that defeat solution list algorithms. • Private computation of problems in P. • What is the right (sufficient) definition? • What search problems admit efficient private computation?

  49. Vertex Cover - Impossibility Result Theorem 1 If P ≠NP there is no deterministic polynomial time n1-ε-approximation algorithm that is private with respect to ≈VC. Proof Idea: Given a private n1-ε-approximation algorithm A, we exactly solve vertex cover.

More Related