Outis: Crypto-Assisted Differential Privacy on Untrusted Servers
Differential privacy has steadily become the de-facto standard for achieving strong privacy guarantees in data analysis. It is typically implemented either in the "central" or "local" model. In the former, a trusted centralized server collects the records in the clear from the data owners and outputs differentially private statistics; while in the latter, the data owners individually randomize their inputs to ensure differential privacy. The local model has been popular as it dispenses with the need for a trusted data collector. This increased security in the local model, however, comes at the cost of strictly lower accuracy and restricted algorithmic expressibility for differentially private programs compared to the central model. In this work, we propose, Outis, a system for differential privacy that (1) eliminates the need for a trusted data collector like in the local model, but still (2) achieves the accuracy guarantees and algorithmic expressibility of DP programs of the central model. Outis achieves the "best of both worlds" by employing two non-colluding untrusted servers that run differentially private programs on encrypted data from data owners. Outis supports a rich class of differentially private programs that can be written in terms of a small set of data transformation and differentially private measurement primitives. Further, we propose optimizations that speed up computation on encrypted data by leveraging the fact that the final output is differentially private. We demonstrate the feasibility of Outis for practical differentially private analysis on untrusted servers with an extensive empirical evaluation on real datasets.
READ FULL TEXT