DeepAI AI Chat
Log In Sign Up

Widespread Underestimation of Sensitivity in Differentially Private Libraries and How to Fix It

by   Sílvia Casacuberta, et al.

We identify a new class of vulnerabilities in implementations of differential privacy. Specifically, they arise when computing basic statistics such as sums, thanks to discrepancies between the implemented arithmetic using finite data types (namely, ints or floats) and idealized arithmetic over the reals or integers. These discrepancies cause the sensitivity of the implemented statistics (i.e., how much one individual's data can affect the result) to be much higher than the sensitivity we expect. Consequently, essentially all differential privacy libraries fail to introduce enough noise to hide individual-level information as required by differential privacy, and we show that this may be exploited in realistic attacks on differentially private query systems. In addition to presenting these vulnerabilities, we also provide a number of solutions, which modify or constrain the way in which the sum is implemented in order to recover the idealized or near-idealized bounds on sensitivity.


page 1

page 2

page 3

page 4


Differentially Private Naïve Bayes Classifier using Smooth Sensitivity

With the increasing collection of users' data, protecting individual pri...

Precision-based attacks and interval refining: how to break, then fix, differential privacy on finite computers

Despite being raised as a problem over ten years ago, the imprecision of...

Achieving Differential Privacy using Methods from Calculus

We introduce derivative sensitivity, an analogue to local sensitivity fo...

Efficient differentially private learning improves drug sensitivity prediction

Users of a personalised recommendation system face a dilemma: recommenda...

Do I Get the Privacy I Need? Benchmarking Utility in Differential Privacy Libraries

An increasing number of open-source libraries promise to bring different...

Differentially Private Regression and Classification with Sparse Gaussian Processes

A continuing challenge for machine learning is providing methods to perf...

Practical Differentially Private Top-k Selection with Pay-what-you-get Composition

We study the problem of top-k selection over a large domain universe sub...