Privacy-Accuracy trade-offs for Differential Privacy in MPC
Master Thesis
Motivation
Differential Privacy (DP)[1] is a technique that ensures the privacy of individual data points used in the statistical analysis of sensitive datasets. It ensures that a single data does not affect the result of the analysis much, such that the distribution of the result is similar with or without this data. DP works by adding some noise that is sampled from a distribution that is specifically calibrated to the function being computed. This noise, however, affects the accuracy of the computation, and a lot of research has been done on the best privacy-accuracy trade-off.
Although mainly used in Machine Learning (ML) applications, DP has recently found great use in output privacy in Multi-party Computation (MPC) protocols. In MPC, the dataset is distributed between many different parties, and DP is used to ensure the privacy of the data held by one party while other parties are corrupted. There is a substantial difference in the error bound of the DP mechanism when moving from the standard DP model to a multi-party one. This difference, specifically for the computation of Inner Product is discussed in [2].
Goal
The goal of this thesis is to extend the state of the art starting with more queries such as Histograms and Threshold functions, to find the best privacy-accuracy trade-off in the MPC setting. Later, this could be extended to find the optimal privacy-accuracy trade-off for arbitrary functions.
Requirements
- Familiarity in mathematics and statistics
- Familiarity with basic MPC protocols
- High motivation + ability to work independently
- Knowledge of the English language, Git, LaTeX, etc.
References
- [1] Dwork, Cynthia, Frank McSherry, Kobbi Nissim, and Adam Smith. (opens in new tab) In Theory of Cryptography: Third Theory of Cryptography Conference, TCC 2006. Calibrating noise to sensitivity in private data analysis.
- [2] Vadhan, Salil. (opens in new tab) Tutorials on the Foundations of Cryptography: Dedicated to Oded Goldreich (2017). The complexity of differential privacy.
Supervisors
