The Bayes Security Measure

by   Konstantinos Chatzikokolakis, et al.

Security system designers favor worst-case security measures, such as those derived from differential privacy, due to the strong guarantees they provide. These guarantees, on the downside, result on high penalties on the system's performance. In this paper, we study the Bayes security measure. This measure quantifies the expected advantage over random guessing of an adversary that observes the output of a mechanism. We show that the minimizer of this measure, which indicates its security lower bound, i) is independent from the prior on the secrets, ii) can be estimated efficiently in black-box scenarios, and iii) it enables system designers to find low-risk security parameters without hurting utility. We provide a thorough comparison with respect to well-known measures, identifying the scenarios where our measure is advantageous for designers, which we illustrate empirically on relevant security and privacy problems.


page 1

page 2

page 3

page 4


Private measures, random walks, and synthetic data

Differential privacy is a mathematical concept that provides an informat...

Security Versus Privacy

Linear queries can be submitted to a server containing private data. The...

Toward Evaluating Re-identification Risks in the Local Privacy Model

LDP (Local Differential Privacy) has recently attracted much attention a...

Instance-optimal Mean Estimation Under Differential Privacy

Mean estimation under differential privacy is a fundamental problem, but...

Identification and Formal Privacy Guarantees

Empirical economic research crucially relies on highly sensitive individ...

Minimax Rates of Estimating Approximate Differential Privacy

Differential privacy has become a widely accepted notion of privacy, lea...

Grid Quality Measures for Iterative Convergence

In this paper, we discuss two grid-quality measures, F- and G-measures, ...