Result: Revealing the True Cost of Locally Differentially Private Protocols: An Auditing Perspective

Title:
Revealing the True Cost of Locally Differentially Private Protocols: An Auditing Perspective
Authors:
H. Arcolezi, Héber, Gambs, Sébastien
Contributors:
Concurrency, Mobility and Transactions (COMETE), Laboratoire d'informatique de l'École polytechnique [Palaiseau] (LIX), École polytechnique (X), Institut Polytechnique de Paris (IP Paris)-Institut Polytechnique de Paris (IP Paris)-Centre National de la Recherche Scientifique (CNRS)-École polytechnique (X), Institut Polytechnique de Paris (IP Paris)-Institut Polytechnique de Paris (IP Paris)-Centre National de la Recherche Scientifique (CNRS)-Centre Inria de l'Institut Polytechnique de Paris, Centre Inria de Saclay, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre Inria de Saclay, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria), Privacy Models, Architectures and Tools for the Information Society (PRIVATICS), Centre Inria de l'Université Grenoble Alpes, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-CITI Centre of Innovation in Telecommunications and Integration of services (CITI), Institut National des Sciences Appliquées de Lyon (INSA Lyon), Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National des Sciences Appliquées de Lyon (INSA Lyon), Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Centre Inria de Lyon, Institut National de Recherche en Informatique et en Automatique (Inria), Laboratory for Research on Technology for ECommerce (LATECE Laboratory - UQAM Montreal), Université du Québec à Montréal = University of Québec in Montréal (UQAM), ANR-22-PECY-0002,iPoP,interdisciplinary Project on Privacy(2022), European Project: 835294,ERC-2018-ADG,ERC-2018-ADG,HYPATIA(2019)
Source:
Proceedings on Privacy Enhancing Technologies. 2024(4):123-141
Publisher Information:
CCSD; Privacy Enhancing Technologies Symposium, 2024.
Publication Year:
2024
Collection:
collection:X
collection:CNRS
collection:INRIA
collection:INSA-LYON
collection:INRIA-RHA
collection:LIX
collection:LIX-COMETE
collection:INRIA-SACLAY
collection:X-DEP-INFO
collection:INRIA_TEST
collection:TESTALAIN1
collection:INRIA2
collection:INRIA-RENGRE
collection:CITI
collection:INSA-GROUPE
collection:IP_PARIS
collection:UDL
collection:ANR
collection:GS-COMPUTER-SCIENCE
collection:INRIA-LYS
collection:INRIA-CANADA
collection:CYBERSCURITE
collection:IPOP
collection:IP-PARIS-INFORMATIQUE-DONNEES-ET-IA
Subject Terms:
Privacy auditing, Privacy attacks, Local differential privacy, [INFO.INFO-CR]Computer Science [cs], Cryptography and Security [cs.CR], [INFO]Computer Science [cs], [INFO.INFO-AI]Computer Science [cs], Artificial Intelligence [cs.AI], [INFO.INFO-LG]Computer Science [cs], Machine Learning [cs.LG], [STAT.ML]Statistics [stat], Machine Learning [stat.ML]
Original Identifier:
ARXIV: 2309.01597
HAL: hal-04644975
Document Type:
Journal article<br />Journal articles
Language:
English
ISSN:
2299-0984
Relation:
info:eu-repo/semantics/altIdentifier/arxiv/2309.01597; info:eu-repo/semantics/altIdentifier/doi/10.56553/popets-2024-0110; info:eu-repo/grantAgreement//835294/EU/Privacy and Utility Allied/HYPATIA
DOI:
10.56553/popets-2024-0110
Access URL:
https://inria.hal.science/hal-04644975
https://inria.hal.science/hal-04644975v1/document
https://inria.hal.science/hal-04644975v1/file/paper120_2024_4_source.pdf
Rights:
info:eu-repo/semantics/OpenAccess
URL: http://creativecommons.org/licenses/by/
Accession Number:
edshal.hal.04644975v1
Database:
HAL

Further Information

While the existing literature on Differential Privacy (DP) auditing predominantly focuses on the centralized model (e.g., in auditing the DP-SGD algorithm), we advocate for extending this approach to audit Local DP (LDP). To achieve this, we introduce the LDP-Auditor framework for empirically estimating the privacy loss of locally differentially private mechanisms. This approach leverages recent advances in designing privacy attacks against LDP frequency estimation protocols. More precisely, through the analysis of numerous state-of-the-art LDP protocols, we extensively explore the factors influencing the privacy audit, such as the impact of different encoding and perturbation functions. Additionally, we investigate the influence of the domain size and the theoretical privacy loss parameters ϵ and δ on local privacy estimation. In-depth case studies are also conducted to explore specific aspects of LDP auditing, including distinguishability attacks on LDP protocols for longitudinal studies and multidimensional data. Finally, we present a notable achievement of our LDP-Auditor framework, which is the discovery of a bug in a state-of-the-art LDP Python package. Overall, our LDP-Auditor framework as well as our study offer valuable insights into the sources of randomness and information loss in LDP protocols. These contributions collectively provide a realistic understanding of the local privacy loss, which can help practitioners in selecting the LDP mechanism and privacy parameters that best align with their specific requirements. We open-sourced LDP-Auditor in https://github.com/hharcolezi/ldp-audit.