Widespread Underestimation of Sensitivity in Differentially Private Libraries and How to Fix It

July 21, 2022 Β· Declared Dead Β· πŸ› Conference on Computer and Communications Security

πŸ‘» CAUSE OF DEATH: Ghosted
No code link whatsoever

"No code URL or promise found in abstract"

Evidence collected by the PWNC Scanner

Authors SΓ­lvia Casacuberta, Michael Shoemate, Salil Vadhan, Connor Wagaman arXiv ID 2207.10635 Category cs.CR: Cryptography & Security Citations 32 Venue Conference on Computer and Communications Security Last Checked 3 months ago
Abstract
We identify a new class of vulnerabilities in implementations of differential privacy. Specifically, they arise when computing basic statistics such as sums, thanks to discrepancies between the implemented arithmetic using finite data types (namely, ints or floats) and idealized arithmetic over the reals or integers. These discrepancies cause the sensitivity of the implemented statistics (i.e., how much one individual's data can affect the result) to be much larger than the sensitivity we expect. Consequently, essentially all differential privacy libraries fail to introduce enough noise to meet the requirements of differential privacy, and we show that this may be exploited in realistic attacks that can extract individual-level information from private query systems. In addition to presenting these vulnerabilities, we also provide a number of solutions, which modify or constrain the way in which the sum is implemented in order to recover the idealized or near-idealized bounds on sensitivity.
Community shame:
Not yet rated
πŸ“„ View on arXiv 🌐 View on ar5iv πŸ“‘ PDF πŸŽ‰ Report Code Found
Community Contributions

Found the code? Know the venue? Think something is wrong? Let us know!

πŸ“œ Similar Papers

In the same crypt β€” Cryptography & Security

Died the same way β€” πŸ‘» Ghosted