approximate privacy: foundations and quantification
DESCRIPTION
Approximate Privacy: Foundations and Quantification. Joan Feigenbaum http://www.cs.yale.edu/homes/jf Northwest Univ.; May 20, 2009 Joint work with A. D. Jaggard and M. Schapira. Starting Point: Agents’ Privacy in MD. - PowerPoint PPT PresentationTRANSCRIPT
1
Approximate Privacy:Foundations and
Quantification
Joan Feigenbaumhttp://www.cs.yale.edu/homes/jfNorthwest Univ.; May 20, 2009
Joint work with A. D. Jaggard and M. Schapira
2
Starting Point: Agents’ Privacy in MD
• Traditional goal of mechanism design: Incent agents to reveal private information that is needed to compute optimal results.
• Complementary, newly important goal: Enable agents not to reveal private information that is not needed to compute optimal results.
• Example (Naor-Pinkas-Sumner, EC ’99): It’s undesirable for the auctioneer to learn the winning bid in a 2nd–price Vickrey auction.
3
Privacy is Important!
• Sensitive Information: Information that can harm data subjects, data owners, or data users if it is mishandled
• There’s a lot more of it than there used to be!– Increased use of computers and networks– Increased processing power and algorithmic knowledge Decreased storage costs
• “Mishandling” can be very harmful.− ID theft− Loss of employment or insurance− “You already have zero privacy. Get over it.”
(Scott McNealy, 1999)
4
Private, MultipartyFunction Evaluation
. . .
x1
x2
x 3 x n-1
x n
y = F (x 1, …, x n)
• Each i learns y.• No i can learn anything about xj
(except what he can infer from xi and y ).• Very general positive results.
5
Drawbacks of PMFE Protocols
• Information-theoretically private MFE: Requires that a substantial fraction of the agents be obedient rather than strategic.
• Cryptographically private MFE: Requires (plausible but) currently unprovable complexity-theoretic assumptions and (usually) heavy communication overhead.
• Brandt and Sandholm (TISSEC ’08): Which auctions of interest are unconditionally privately computable?
6
Minimum Knowledge Requirements for 2nd–Price
Auction
2, 1
winnerprice
2, 01, 0
1, 1
1, 2 2, 2
1, 3
0
1
2
3
bidder 1
bidder 2
PerfectPrivacy
Auctioneer learns only whichregion corresponds to the bids.
≈
0 1 2 3
RI (2, 0)
7
Outline
• Background– Two-party communication (Yao)– “Tiling” characterization of privately computable
functions (Chor + Kushilevitz)
• Privacy Approximation Ratios (PARs)• Bisection auction protocol: exponential gap
between worst-case and average-case PARs• Summary of Our Results• Open Problems
8
Two-party Communication Model
f: {0, 1}k x {0, 1}k {0, 1}t
x1 Party 1 Party 2 x2
qj {0, 1}is a functionof (q1, …, qj-1)and one player’sprivate input.
s(x1, x2) = (q1, …, qr)Δ
qr = f(x1, x2)
qr-1
••
• q2
q1
9
Example: Millionaires’ Problem
0
1
2
3
0 1 2 3
millionaire 1
millionaire 2
A(f)
f(x1, x2) = 1 if x1 ≥ x2 ; else f(x1, x2) = 2
10
Bisection Protocol
0
1
2
3
0 1 2 3
In each round, a player “bisects” an interval.
Example: f(2, 3)
11
Monochromatic Tilings
• A region of A(f) is any subset of entries (not necessarily a submatrix). A partition of A(f) is a set of disjoint regions whose union is A(f).
• Monochromatic regions and partitions
• A rectangle in A(f) is a submatrix. A tiling is a partition into rectangles.
• Tiling T1(f) is a refinement of partition PT2(f) if every rectangle in T1(f) is contained in some region in PT2(f).
12
A Protocol “Zeros in on” a Monochromatic Rectangle
Let A(f) = R x C
While R x C is not monochromatic– Party i sends bit q.– If i = 1, q indicates whether x1 is in R1 or R2,
where R = R1 ⊔ R2. If x1 Rk, both parties set R Rk.
– If i = 2, q indicates whether x2 is in C1 or C2, where C = C1 ⊔ C2. If x2 Ck, both parties set C Ck.
One party sends the value of f in R x C.
13
Example: Ascending-Auction Tiling
0
1
2
3
0 1 2 3
Same execution for f(1, 1), f(2, 1), and f(3, 1)
bidder 1
bidder 2
14
Perfectly Private Protocols
• Protocol P for f is perfectly private with respect to party 1 if
f(x1, x2) = f(x’1, x2) s(x1, x2) = s(x’1, x2)
• Similarly, perfectly private wrt party 2• P achieves perfect subjective privacy if it is
perfectly private wrt both parties.
• P achieves perfect objective privacy if f(x1, x2) = f(x’1, x’2) s(x1, x2) = s(x’1, x’2)
15
Ideal Monochromatic Partitions
• The ideal monochromatic partition of A(f) consists of the maximal monochromatic regions.
• Note that this partition is unique.
• Protocol P for f is perfectly privacy-preserving iff the tiling induced by P is the ideal monochromatic partition of A(f).
16
Privacy and Communication Complexity
[Kushilevitz (SJDM ’92)]• f is perfectly privately computable if and
only if A(f) has no forbidden submatrix.
• Note that the Millionaires’ Problem is not perfectly privately computable.
• If 1 ≤ r(k) ≤ 2(2k-1), there is an f that is perfectly privately computable in r(k) rounds but not r(k)-1 rounds.
f(x1, x2) = f(x’1, x2) = f(x’1, x’2) = a, but f(x1, x’2) ≠ a
x1
x’1
X2 X’2
17
Perfect Privacy for 2nd–Price Auction
[Brandt and Sandholm (TISSEC ’08)]
• The ascending-price, English-auction protocol is perfectly private.
It is essentially the only perfectly private protocol for 2nd–price auctions.
• Note the exponential communication cost of perfect privacy.
18
Objective PAR (1)
• Worst-case objective privacy-approximation ratio of protocol P for function f:
• Worst-case PAR of f is the minimum, over all P for f, of worst-case PAR of P.
|R (x1, x2)|
|R (x1, x2)|
I
P
MAX (x1, x2)
19
Objective PAR (2)• Average-case objective privacy-
approximation ratio of P for f with respect to distribution D on {0, 1}k x {0,1}k :
• Average-case PAR of f is the minimum, over all P for f, of average-case PAR of P.
|R (x1, x2)|
|R (x1, x2)|
I
PED [ ]
20
Subjective PARs (1)
• The 1-partition of region R in matrix A(f):
{ Rx1 = {x1} x {x2 s.t. (x1, x2) R} }
(similarly, 2-partition)
• The i-induced tiling of protocol P for f is obtained by i-partitioning each rectangle in the tiling induced by P.
• The i-ideal monochromatic partition of A(f) is obtained by i-partitioning each region in the ideal monochromatic partition of A(f).
21
Example: 1-Ideal Monochromatic Partition for
2nd–Price Auction
0
1
2
3
0 1 2 3
(Ri defined analogously for protocol P)P
R1 (0, 1) = R1 (0, 2) = R1 (0, 3)I I I
R1 (1, 2) = R1 (1, 3)I I
|R1 (x1,x2)| = 1for all other (x1,x2)
I
22
Subjective PARs (2)• Worst-case PAR of protocol P for f wrt i:
• Worst-case subjective PAR of P for f: maximize over i {1, 2}
• Worst-case subjective PAR of f: minimize over P
• Average-case subjective PAR with respect to distribution D: use ED instead of MAX
|Ri (x1, x2)|
|Ri (x1, x2)|
I
P
MAX(x1, x2)
23
Bisection Auction Protocol (BAP)
[Grigorieva, Herings, Muller, & Vermeulen (ORL’06)]
• Bisection protocol on [0,2k-1] to find an interval [L,H] that contains lower bid but not higher bid.
• Bisection protocol on [L,H] to find lower bid p.
• Sell the item to higher bidder for price p.
24
0 1 2 3 4 5 6 7
0
1
2
3
4
5
6
7
Bisection Auction Protocol
A(f)
Example: f(7, 4)
bidder 1
bidder 2
25
Objective PARs for BAP(k)
• Theorem: Average-case objective PAR of BAP(k) with respect to the uniform distribution is +1.
• Observation: Worst-case objective PAR of BAP(k) is at least 2 .
k
k/2
2
26
Proof (1)
The monochromatic tiling induced by the Bisection Auction Protocol for k=4
• ak = number of rectangles in induced tiling for BAP(k).
• a0=1, ak = 2ak-1+2k
ak = (k+1)2k
2k-1
2k-1
2k-100
2k-1
Δ
27
Proof (2)
• R = {R1,…,Ra } is the set of rectangles in the BAP(k) tiling
• RI = rectangle in the ideal partition that contains Rs
• js = 2k - |RI|
• bk = R js
Δ
Δ
Δ
Δ
s
s
s
k
28
Proof (3)
PAR =
= =
122k
(x1,x2)
|RI(x1,x2)|
|RBAP(k)(x1,x2)|
122k
Rs
|RI|
|Rs|
s .|Rs|122k
Rs
s|RI|
(+)
contribution to (+)
of one (x1,x2) in Rs
number of (x1,x2)’s in Rs
29
Proof (4)
The monochromatic tiling induced by the Bisection Auction Protocol for k=4
• bk = bk-1+(bk-1+ak-12k-1)
+ ( i ) + ( i )
• b0=0, bk =2bk-1+(k+1)22(k-1)
bk = k22k-1
2k-1
2k-1
2k-100
2k-1
i=0
2k-1-1
i=1
2k-1
30
Proof (5)
= (2k-js)
= (ak2k-bk)
= ( (k+1)22k- k22k-1 )
= k+1-
= + 1
122k s|RI| 1
22k
122k
122k
k2
k2
QED
31
Bounded Bisection Auction Protocol (BBAP)
• Parametrized by g: N -> N
• Do at most g(k) bisection steps.
• If the winner is still unknown, run the ascending English auction protocol on the remaining interval.
• Ascending auction protocol: BBAP(0)Bisection auction protocol: BBAP(k)
32
Average-Case Objective PAR
• Theorem: For positive g(k), the average-case objective PAR of BBAP(g(k)) with respect to the uniform distribution satisfies
3g(k)+6 ≥ PAR ≥ g(k) + 1
(for g(k)=0, this PAR is exactly 1)
• Observation: BBAP(g(k)) has communication complexity (k + 2k-g(k)).
8 4
33
Average-Case Objective PARs for 2nd-price Auction Protocols
English Auction 1
Bounded Bisection Auction, g(k)=1 7 – 1
Bounded Bisection Auction, g(k)=2 19 - 3 k+1
Bounded Bisection Auction, g(k)=3 47 – 7 k+1
Bounded Bisection Auction, general g(k)
(1+g(k))
Bisection Auction k
Sealed-Bid Auction 2k+1 + 1
4 2k+1
8 2
16 2
2
+1
3
(3*2k)
34
Average-Case PARs for the Millionaires Problem
2
+1
Obj. PAR Subj. PAR
Any protocol ≥ 2k - + 2-
(k+1)
Bisection Protocol
3*2k-1 - k 2
1
2
1
35
Open Problems• Upper bounds on non-uniform average-
case PARs
• Lower bounds on average-case PARs
• PARs of other functions
• Extension to n-party case
• Relationship between PARs and h-privacy
[Bar-Yehuda, Chor, Kushilevitz, and Orlitsky (IEEE-IT ’93)]