Cryptography Stack Exchange
Cryptography Stack Exchange

Questions tagged [differential-privacy]

Differential privacy aims to provide means to maximize the accuracy of queries from statistical databases while minimizing the chances of identifying its records.

Differential privacy is a property of a randomized algorithm that computes aggregate information about a large data set without revealing detailed information about the individual data. Specifically, an algorithm is $\varepsilon$-differentially private if the probability of any particular outcome of the algorithm is changed by a factor of at most $e^{\varepsilon}$ by including any additional data point. Thus there is a limit to how much information can leak through the algorithm about a user when that user adds their data.

94 questions
4
votes
1 answer

Parallel Composition of ($\epsilon, \delta$) differential privacy

I know that if there are $n$ functions $M_1, M_2, \cdots, M_n$ computed on disjoint subsets of the private database whose privacy guarantees are $\epsilon_1, \cdots ,\epsilon_n$ differential privacy, respectively, then any function $g$ of them:…
user49478
  • 41
  • 3
4
votes
1 answer

Differential privacy per record

Generally, differential privacy adds noise to a query result, such as a sum or an average, in an interactive way. Is there any way for implementing differential privacy such that noise will be added in an non-interactive way, record by record…
joao-prg
  • 43
  • 2
3
votes
1 answer

Laplace Mechanism Proof: Why this product operator?

The equation below shows the proof of Laplace mechanism for differential privacy. I am not understanding the product operator, is this a common rule? $$ \frac{p_x(z)}{p_y(z)} = \prod_{i=1}^{k}\left(\frac{exp(-\frac{\varepsilon |f(x)_i -…
Iago Chaves
  • 61
  • 6
3
votes
1 answer

Differential privacy of "randomized responses"

We define randomized responses as follows: In a question that can be responded with a "Yes" or "No", a respondent is asked to flip a fair coin, in secret, and answer the truth if it comes up tails. Otherwise he/she flips another coin in secret, and…
Nikos Fotiou
  • 93
  • 6
2
votes
0 answers

Proof of Basic Composition in Differential Privacy

I'm currently reading the proof of basic composition from the paper https://link.springer.com/content/pdf/10.1007/11761679_29.pdf. In particular, Theorem 1 in Section 2.2. The proof starts as follows: My question is why we can assume the set $S$ is…
George Li
  • 21
  • 1
2
votes
1 answer

Does subsampling amplify privacy budget of differentially private median function

I was reading that subsampling amplifies the privacy budget. I understand that it reduces the contribution of data to the aggregation function. I am wondering how sub-sampling impacts the median function. Does it amplify the privacy budget while the…
Proy
  • 153
  • 5
2
votes
1 answer

Can Differential Privacy be used to show that two distributions are indistinguishable?

Differential privacy can be used to show that the "privacy loss" of a certain computation is "bounded" in a meaningful way. In cryptography, often "indistinguishability" is considered, i.e. we want $\Delta(D_0, D_1)$ to be small. Can these two…
Mark Schultz-Wu
  • 12,944
  • 19
  • 41
2
votes
0 answers

Generic result on the guarantees of using two differentially private noise mechanisms one after the other

Let $f$ be a function that takes a database $D$ as input and returns a real number. Assume that $f$ has sensitivity 1: for any databases $D_1$ and $D_2$ differing in a single record, $|f(D_1)-f(D_2)|\le1$. To protect the results of this function…
Ted
  • 1,008
  • 5
  • 21
2
votes
1 answer

Differential Privacy: is the bound for group privacy tight?

Suppose mechanism $M$ is $(\epsilon, \delta)$-differentially private. For datasets $x$ and $x''$ that differ by 2 elements, we have $$ Pr[M(x)=y] \le e^{\epsilon} Pr[M(x')=y] + \delta \le e^{2\epsilon} Pr[M(x'')=y] + (1+e^\epsilon)\delta $$ where…
Piggy Wenzhou
  • 173
  • 6
2
votes
1 answer

Differential privacy basics: Universe \mathcal{X} and database $x$

The "Algorithmic Foundations of Differential Privacy" book (DOI: 10.1561/0400000042) introduces formally the "universe" and "database" on page 17 roughly as: $\mathcal{X}$ is a universe databases $x$ are collections of records from the universe For…
John Doe
  • 155
  • 4
2
votes
2 answers

Proof of the basic differential privacy composition theorem

The basic composition theorem in differential privacy states, that if I have mechanisms $M_1$, which is $(\epsilon_1, \delta_1)$-differential private, and $M_2$, which is $(\epsilon_2, \delta_2)$-differential private, then $M=(M_1,M_2)$ is…
Anonymous
  • 21
  • 2
2
votes
1 answer

Confusing notation in the definition of differential privacy

I've started looking into differential privacy from scratch following "The Algorithmic Foundations of Differential Privacy" by Dwork and Roth (freely available online). The mathematical notation is however somewhat confusing. On page 16, they define…
John Doe
  • 155
  • 4
2
votes
1 answer

Norms in differential privacy

I know that perturbation should be proportional to the $\text{L}_1$-sensitivity of the function if someone wants ($\epsilon,0$)-differential privacy, and proportional to the $\text{L}_2$-sensitivity of the function if someone wants ($\epsilon,…
redplanet
  • 93
  • 3
2
votes
3 answers

Differential privacy on medical data

When we apply the differential privacy on medical data to protect the personal data of the patients, how the doctors can access the original data to analyze them and to intervene in real-time. In other words, the added noise to disturb the data, can…
rachalina
  • 23
  • 2
2
votes
1 answer

Apply local differential privacy to a datasets

How to apply local differential privacy to specific categorical values in order to perform some analysis? Does there exist a tool? For example, I have the following dataset. email address 0 exampleemail1 exampleadress1 1 …
xavi
  • 121
  • 2
1
2