Differential Privacy with Imperfect Randomness

  • Yevgeniy Dodis
  • Adriana López-Alt
  • Ilya Mironov
  • Salil Vadhan
Conference paper

DOI: 10.1007/978-3-642-32009-5_29

Part of the Lecture Notes in Computer Science book series (LNCS, volume 7417)
Cite this paper as:
Dodis Y., López-Alt A., Mironov I., Vadhan S. (2012) Differential Privacy with Imperfect Randomness. In: Safavi-Naini R., Canetti R. (eds) Advances in Cryptology – CRYPTO 2012. Lecture Notes in Computer Science, vol 7417. Springer, Berlin, Heidelberg

Abstract

In this work we revisit the question of basing cryptography on imperfect randomness. Bosley and Dodis (TCC’07) showed that if a source of randomness \(\mathcal {R}\) is “good enough” to generate a secret key capable of encrypting k bits, then one can deterministically extract nearly k almost uniform bits from \(\mathcal {R}\), suggesting that traditional privacy notions (namely, indistinguishability of encryption) requires an “extractable” source of randomness. Other, even stronger impossibility results are known for achieving privacy under specific “non-extractable” sources of randomness, such as the \(\gamma \)-Santha-Vazirani (SV) source, where each next bit has fresh entropy, but is allowed to have a small bias \(\gamma < 1\) (possibly depending on prior bits).

We ask whether similar negative results also hold for a more recent notion of privacy called differential privacy (Dwork et al., TCC’06), concentrating, in particular, on achieving differential privacy with the Santha-Vazirani source. We show that the answer is no. Specifically, we give a differentially private mechanism for approximating arbitrary “low sensitivity” functions that works even with randomness coming from a \(\gamma \)-Santha-Vazirani source, for any \(\gamma <1\). This provides a somewhat surprising “separation” between traditional privacy and differential privacy with respect to imperfect randomness.

Interestingly, the design of our mechanism is quite different from the traditional “additive-noise” mechanisms (e.g., Laplace mechanism) successfully utilized to achieve differential privacy with perfect randomness. Indeed, we show that any (non-trivial) “SV-robust” mechanism for our problem requires a demanding property called consistent sampling, which is strictly stronger than differential privacy, and cannot be satisfied by any additive-noise mechanism.

Download to read the full conference paper text

Copyright information

© International Association for Cryptologic Research 2012 2012

Authors and Affiliations

  • Yevgeniy Dodis
    • 1
  • Adriana López-Alt
    • 1
  • Ilya Mironov
    • 2
  • Salil Vadhan
    • 3
  1. 1.New York UniversityNew YorkUSA
  2. 2.Microsoft Research Silicon ValleyMountain ViewUSA
  3. 3.Harvard UniversityCambridgeUSA

Personalised recommendations