scholarly journals Interaction is Necessary for Distributed Learning with Privacy or Communication Constraints

2021 ◽  
Vol 11 (2) ◽  
Author(s):  
Yuval Dagan ◽  
Vitaly Feldman
Keyword(s):  
Lower Bound ◽  
Linear Models ◽  
Differential Privacy ◽  
Security And Privacy ◽  
Large Margin ◽  
Significant Research ◽  
Statistical Queries ◽  
A New Technique ◽  
Interactive Version ◽  
Exponential Lower Bound

Local differential privacy (LDP) is a model where users send privatized data to an untrusted central server whose goal it to solve some data analysis task. In the non-interactive version of this model the protocol consists of a single round in which a server sends requests to all users then receives their responses. This version is deployed in industry due to its practical advantages and has attracted significant research interest. Our main result is an exponential lower bound on the number of samples necessary to solve the standard task of learning a large-margin linear separator in the non-interactive LDP model. Via a standard reduction this lower bound implies an exponential lower bound for stochastic convex optimization and specifically, for learning linear models with a convex, Lipschitz and smooth loss. These results answer the questions posed by Smith, Thakurta, and Upadhyay (IEEE Symposium on Security and Privacy 2017) and Daniely and Feldman (NeurIPS 2019). Our lower bound relies on a new technique for constructing pairs of distributions with nearly matching moments but whose supports can be nearly separated by a large margin hyperplane. These lower bounds also hold in the model where communication from each user is limited and follow from a lower bound on learning using non-adaptive statistical queries.

scholarly journals Between Pure and Approximate Differential Privacy

2017 ◽  
Vol 7 (2) ◽  
Author(s):  
Thomas Steinke ◽  
Jonathan Ullman
Keyword(s):  
Lower Bound ◽  
Differential Privacy ◽  
High Dimensional ◽  
Empirical Risk Minimization ◽  
Sample Complexity ◽  
Risk Minimization ◽  
Worst Case ◽  
Logarithmic Factor ◽  
Empirical Risk ◽  
Statistical Queries

We show a new lower bound on the sample complexity of (ε,δ)-differentially private algorithms that accurately answer statistical queries on high-dimensional databases. The novelty of our bound is that it depends optimally on the parameter δ, which loosely corresponds to the probability that the algorithm fails to be private, and is the first to smoothly interpolate between approximate differential privacy (δ >0) and pure differential privacy (δ= 0).   Specifically, we consider a database D ∈{±1}n×d and its one-way marginals, which are the d queries of the form “What fraction of individual records have the i-th bit set to +1?” We show that in order to answer all of these queries to within error ±α (on average) while satisfying (ε,δ)-differential privacy for some function δ such that δ≥2−o(n) and δ≤1/n1+Ω(1), it is necessary that \[n≥Ω (\frac{√dlog(1/δ)}{αε}).\]  This bound is optimal up to constant factors. This lower bound implies similar new bounds for problems like private empirical risk minimization and private PCA. To prove our lower bound, we build on the connection between fingerprinting codes and lower bounds in differential privacy (Bun, Ullman, and Vadhan, STOC’14).   In addition to our lower bound, we give new purely and approximately differentially private algorithms for answering arbitrary statistical queries that improve on the sample complexity of the standard Laplace and Gaussian mechanisms for achieving worst-case accuracy guarantees by a logarithmic factor.

scholarly journals Encrypted Databases for Differential Privacy

2019 ◽  
Vol 2019 (3) ◽  
pp. 170-190
Author(s):  
Archita Agarwal ◽  
Maurice Herlihy ◽  
Seny Kamara ◽  
Tarik Moataz
Keyword(s):  
Statistical Analysis ◽  
Real World ◽  
Building Block ◽  
Differential Privacy ◽  
Statistical Databases ◽  
The Past ◽  
Statistical Queries ◽  
Encrypted Database

Abstract The problem of privatizing statistical databases is a well-studied topic that has culminated with the notion of differential privacy. The complementary problem of securing these differentially private databases, however, has—as far as we know—not been considered in the past. While the security of private databases is in theory orthogonal to the problem of private statistical analysis (e.g., in the central model of differential privacy the curator is trusted) the recent real-world deployments of differentially-private systems suggest that it will become a problem of increasing importance. In this work, we consider the problem of designing encrypted databases (EDB) that support differentially-private statistical queries. More precisely, these EDBs should support a set of encrypted operations with which a curator can securely query and manage its data, and a set of private operations with which an analyst can privately analyze the data. Using such an EDB, a curator can securely outsource its database to an untrusted server (e.g., on-premise or in the cloud) while still allowing an analyst to privately query it. We show how to design an EDB that supports private histogram queries. As a building block, we introduce a differentially-private encrypted counter based on the binary mechanism of Chan et al. (ICALP, 2010). We then carefully combine multiple instances of this counter with a standard encrypted database scheme to support differentially-private histogram queries.

scholarly journals Local Differential Privacy for Evolving Data

2020 ◽  
Vol 10 (1) ◽  
Author(s):  
Matthew Joseph ◽  
Aaron Roth ◽  
Jonathan Ullman ◽  
Bo Waggoner
Keyword(s):  
Large Scale ◽  
Differential Privacy ◽  
Statistical Information ◽  
Underlying Distribution ◽  
Specific Distribution ◽  
Time Period ◽  
Long Time ◽  
Heavy Hitter ◽  
Single Use ◽  
A New Technique

There are now several large scale deployments of differential privacy used to collect statistical information about users. However, these deployments periodically recollect the data and recompute the statistics using algorithms designed for a single use. As a result, these systems do not provide meaningful privacy guarantees over long time scales. Moreover, existing techniques to mitigate this effect do not apply in the “local model” of differential privacy that these systems use. In this paper, we introduce a new technique for local differential privacy that makes it possible to maintain up-to-date statistics over time, with privacy guarantees that degrade only in the number of changes in the underlying distribution rather than the number of collection periods. We use our technique for tracking a changing statistic in the setting where users are partitioned into an unknown collection of groups, and at every time period each user draws a single bit from a common (but changing) group-specific distribution. We also provide an application to frequency and heavy-hitter estimation.

Lower bounds for cutting planes proofs with small coefficients

1997 ◽  
Vol 62 (3) ◽  
pp. 708-728 ◽  
Author(s):  
Maria Bonet ◽  
Toniann Pitassi ◽  
Ran Raz
Keyword(s):  
Lower Bound ◽  
Lower Bounds ◽  
Cutting Planes ◽  
Communication Complexity ◽  
Proof System ◽  
Small Weight ◽  
Deduction Rule ◽  
Special Case ◽  
Exponential Lower Bound

AbstractWe consider small-weight Cutting Planes (CP*) proofs; that is, Cutting Planes (CP) proofs with coefficients up to Poly(n). We use the well known lower bounds for monotone complexity to prove an exponential lower bound for the length of CP* proofs, for a family of tautologies based on the clique function. Because Resolution is a special case of small-weight CP, our method also gives a new and simpler exponential lower bound for Resolution.We also prove the following two theorems: (1) Tree-like CP* proofs cannot polynomially simulate non-tree-like CP* proofs. (2) Tree-like CP* proofs and Bounded-depth-Frege proofs cannot polynomially simulate each other.Our proofs also work for some generalizations of the CP* proof system. In particular, they work for CP* with a deduction rule, and also for any proof system that allows any formula with small communication complexity, and any set of sound rules of inference.

Security and Privacy Challenges of Deep Learning

2020 ◽  
pp. 42-64
Author(s):  
J. Andrew Onesimu ◽  
Karthikeyan J. ◽  
D. Samuel Joshua Viswas ◽  
Robin D Sebastian
Keyword(s):  
Deep Learning ◽  
Differential Privacy ◽  
Homomorphic Encryption ◽  
Detailed Comparison ◽  
Privacy Preserving ◽  
Research Field ◽  
Security And Privacy ◽  
Security Attacks ◽  
Privacy Breaches ◽  
Comparison Table

Deep learning is the buzz word in recent times in the research field due to its various advantages in the fields of healthcare, medicine, automobiles, etc. A huge amount of data is required for deep learning to achieve better accuracy; thus, it is important to protect the data from security and privacy breaches. In this chapter, a comprehensive survey of security and privacy challenges in deep learning is presented. The security attacks such as poisoning attacks, evasion attacks, and black-box attacks are explored with its prevention and defence techniques. A comparative analysis is done on various techniques to prevent the data from such security attacks. Privacy is another major challenge in deep learning. In this chapter, the authors presented an in-depth survey on various privacy-preserving techniques for deep learning such as differential privacy, homomorphic encryption, secret sharing, and secure multi-party computation. A detailed comparison table to compare the various privacy-preserving techniques and approaches is also presented.

Sign in / Sign up

Export Citation Format

Share Document